2022 Network SecurityFinal Assessment
2022 Network SecurityFinal Assessment
2022 Network SecurityFinal Assessment
Final Assessment
"Cyber security is the art of safeguarding networks, devices, and data against
unauthorized access or illegal use, as well as the practice of assuring information
confidentiality, integrity, and availability," according to the Cyber Security &
Infrastructure Security Agency (CISA).
Being hacked is a direct danger to the private data that businesses require. It may also
harm their consumer connections and put businesses in serious legal trouble. The
threats of cybercrime are becoming more serious as technology advances, from self-
driving vehicles to internet-enabled home security systems.
These days, the need to protect confidential information is a pressing concern at the
highest levels of government and industry. State secrets can be stolen from the other
side of the world. Companies whose whole business models depend on control of
customer data can find their databases compromised.
There are many security , are-
1. Application security
2. Cloud security
3. Internet of things(IoT) security.
4. Infrastructure security.
5. Network security.
Ans:
Network security is a layered strategy that combines people, process, policy, and
technology to create a network environment that allows for corporate efficiency while
reducing the possibility for misuse by both external and internal threat actors.
A successful layered approach to network security requires a number of technologies
be put in place that each attempt to address the problem of malicious attacks from a
different perspective. Some of the more common network security technologies
include:
Secure remote access – Access is the one thing every cybercriminal must
have to successfully attack your organization. Access controls limit which
users and devices are able to access specific internal or cloud-based resources.
Modern implementations of access controls include zero trust network access,
and secure remote access.
Following are the few steps one should take to secure their wired network -
1. Conduct mapping and auditing- You should audit and map your network if
you haven't done so previously. Always be aware of the whole network's
infrastructure, including the manufacturer/model, positioning, and default
configuration of firewalls, routers, switches, Ethernet cables and ports, and
wireless access points. Additionally, be aware of precisely which servers, PCs,
printers, and other devices are linked, as well as their locations and the
network's communication path.
2. Maintain the network's updates- Consider going further once you have a
baseline network audit and map finished. Verify that all elements of the
network infrastructure have the most recent firmware or software. Logging in
will let you check that the components' default passwords have been changed,
check the settings for any risky configurations, and investigate any additional
security features or functionality you might not be utilizing right now.
3. Consider MAC address filtering- Even though a determined hacker can get
beyond MAC address filtering, it can act as the first line of defense. It won't
entirely block a hacker, but it can assist you in stopping an employee from,
say, opening a potentially dangerous security gap by permitting a visitor to
connect to the private network. You may have better control over which
devices are connected to the network as a result. But be careful not to let it lull
you into a false feeling of security, and be ready to maintain the permitted
MAC address list.
4. Use VPNs to encrypt select PCs or server.
5. Encrypt the entire network.
Following are the few steps one should take to secure their wireless
network –
1. Alter the default home network name - The first step in securing a wireless
network is to change the default home network name. SSID is another name
for this. The router brand being used is revealed by the default network name,
which makes it easier for hackers to look for and attempt to exploit
weaknesses in certain brands. The identity of the brand or manufacturer should
not be revealed in the SSID.
2. Password for Wi-Fi - Often, the password used to access a wireless
connection is too easy to anticipate and guess. Since anybody may access your
network, sharing your mobile number, children's names, or date of birth might
be disastrous. For a password to be difficult to guess by an attacker, it must be
lengthy enough and contain a combination of alphabetic, numeric, and special
characters. Additionally, the Wi-Fi password needs to be updated every so
often, ideally every 30 days.
3. Routers provide a variety of encryption options, including WEP, WPA, WPA2
and WPA3. In any case, WPA2 should be used instead of WEP and WPA.
WPA3 isn't accessible on all routers, but when it is, it should be used instead
of WPA2 with AES encryption.
4. To enter the router panel, change the default IP address. Typically, you may do
this by typing 192.168.0.1 or 192.168.1.1 into your browser. Anyone may
easily access the router's login page and attempt different password
combinations thanks to this. It becomes impossible to access the console page
and attempt other passwords if this default IP is changed.
5. Turn off DHCP – If possible DHCP should be turned off and only static IP
addresses should be assigned to the devices in the network.
6. Disable Remote Access to Router - The router console may frequently be
accessed from a distance. This gives an attacker access to the router over the
internet, increasing the router's vulnerability to several types of assaults that
may be carried out expertly via the internet.
7. Firewall - To allow valid traffic to pass within the network, a firewall should
be regularly employed. On the router page, the firewall should be properly
configured to only accept specific types of traffic and deny the rest.