Domain 4: Communications & Network Security The Communication and Network Security domain encompasses the structures, transmission methods, tr
Domain 4: Communications & Network Security
The Communication and Network Security domain encompasses the structures, transmission methods, transport formats, and security measures used to provide confidentiality, integrity, and availability for transmissions over private and public communications networks and media. Network security is often described as the cornerstone of IT security. The network is a central asset, if not the most central, in most IT environments. Loss of network assurance (the combined properties of confidentiality, integrity, availability, authentication, and non-repudiation) on any level can have devastating consequences, while control of the network provides an easy and consistent venue of attack. Conversely, a well-architected and well-protected network will stop many attacks in their tracks.
Network security, like all security controls and safeguards, is most effective when applied proactively. Waiting for impacts to materialize and applying controls and safeguards under crisis conditions will always cost more and be less effective than planned and managed deployments of network security policy, procedures, and technologies. The challenge associated with proactivity is that it requires a solid business case: Why should resources be applied without evidence of a need (such as a loss or breach)? In addition to a business case, the right mix of skills, knowledge, and capability is required to build, maintain, and monitor a resilient network. Security architects use high-level requirements and regulations to help design and in some cases implement network controls. The security practitioner is on the front lines of implementation, operation, and monitoring the network for performance and security. The security professional focuses on the overarching risk of control failure or shortcomings due to the threat environment and whatever vulnerabilities may exist throughout the network. These roles together address the challenge of securing resources and manage risk. Throughout this chapter, risks that can be quantitatively and qualitatively measured through established metrics will be used to support a proactive business case.
In the past, the focus of the security professional would have been on the network’s perimeter defenses through the deployment and use of firewalls and similar tools. As the disappearance of “traditional” network boundaries becomes a business requirement facilitated through hastened introduction of new technologies, cloud computing, and the convergence of technologies onto an IP backbone, a constant struggle exists between ease of use and security. It is a fundamental tenet of secure design that the inside of a network must be as resilient as its perimeter, that tools alone are ineffective if not combined with proper process, and that the availability of a network is a critical measure of the success of its design. Increasingly, attacks on the network are aimed not only at disrupting availability but also at compromising the knowledge and “semantic” assets of the network through stealthy confidentiality and integrity attacks. A network with high uptime is a boon to an attacker who is trying to exfiltrate information out of an organization.
This chapter focuses on the Open System Interconnect (OSI) model as a point of reference and Transmission Control Protocol/Internet Protocol (TCP/IP) as the most commonly used protocol stack. Other protocol stacks will be discussed and reviewed as needed. Excellent books and Internet resources exist to teach the basics of networking, and this chapter covers basic network concepts insofar as they are required for the self-sufficiency of this book and useful for obtaining an understanding of network security concepts.
It is not possible to give a complete and comprehensive overview of all possible attack scenarios. For the purposes of this chapter, we focus on the most important security risks and those that will be instructive for the security professional, in order to facilitate their ability to gain an understanding of network security concepts and enable them to enhance their understanding and gain in-depth knowledge through self-study.
Consult your syllabus and complete your reading assignment for this week. Then, research ANU's online library for a peer-reviewed, scholarly article that is no more than 2 years old that deals with one or more concepts covered in your reading assignment.
Summarize the article in your own words, as well as what you learned from it.
Please note this assignment will be run through Turnitin. Format your assignment using APA standards and attribute all sources.
