Download Networks

NETWORKS
Lauren Hickman
Patrick McCamy
Morgan Pace
Noah Ryder
Objectives





Types of Networks
Components of Networks
Risks to Networks
Network Security/Controls
Auditing Networks
What is a Network?


Two or more connected computers that allow the
process of telecommunications to occur
Telecommunications is the transfer of text, audio,
video, or other data formats
Types of Networks

Characterized in 3 categories:
 Distance
 Ownership
 Client/Server
Networks
Distance

Local Area Network (LAN)
 Connected
computers within a short geographical
distance of one another

Wide Area Network (WAN)
 Connects
another
computer large geographic away from one
Ownership

Intranet
 Internal

network within a company
Extranet
 Connects

internal network to outside business partners
Virtual Private Network (VPN)
 Uses
public internet connection but achieves privacy
through encryption and authentication
Client/Server Networks


Network servers that manage the networks and host
applications that are shared with client computers
Two types:
 Two-tiered
 Three-tiered
Network Security and Controls

Authentication
 Process

of ensuring users are who they say they are
Encryption
 Scrambling
or coding data so that anyone who views
will not be able to decode it without a decryption key

Firewalls
 Hardware
network
and software to control outside access to the
Components of a Network




Computers and terminals
Telecommunication channels
Telecommunication processors
Routers and Switching devices
Computers and Terminals


Computers process data in a network and
send/receive information to and from terminals
Terminals serve as input/output devices
Telecommunications Channels



Transmit data from computer to computer
Physical transmitters
Wireless transmitters
Telecommunications Processors

Most common is a modem
 Transforms
digital communication signals to analog
signals for transfer and then back to digital signals

Digital communication networks
Routers and Switching Devices



Switches: connect network components and ensure
messages are delivered to appropriate destinations
Routers: similar to switches but with more complex
features based on protocols
Approaches to switching
 Message
switching
 Packet switching
 Circuit switching
Risks to Networks





Social Engineering
Physical Infrastructure Threats
Programmed Threats
Denial of Service Threats
Software Vulnerabilities
Social Engineering Diversion
“Soc-ing”



VoIP Vulnerabilities – Can open channel to network
that is not fire-walled
Phishing Scams – i.e. – emails from unknown persons
containing malicious links.
Cross Site Scripting (XSS) – leads to account
hijacking, changing of user settings, cookie
theft/poisoning, or false advertising
Network Security




Network manager and network security
administration
Authentication
Encryption
Firewalls
Auditing Networks



Perform risk assessment procedures to assess
vulnerabilities
Evaluate controls and their effectiveness
Auditing Network Security
 Network
diagrams
 Determine what assets, who has access, and understand
connections
 Penetration testing
 Benchmarking
Risk Assessment Procedures

Basic vulnerabilities of a network
 Interception-
transmitted data is intercepted by a third
party
 Availability- unavailability of the network could result
in losses for the firm
 Access/Entry points- a weak point in access can make
the information assets vulnerable to intruders
Evaluate Controls





Physical access controls
Transmitted information should be encrypted
Network should have sufficient management
Controls to limit the type of traffic
Passwords for everyone who has access
Auditing Networks





Network diagrams
Determine what assets
Who has access
Understand connections
Penetration testing
Questions?