Network System Security

Symmetric Cryptography A Symmetric Key Algorithm is an encryption system in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message. The key can be a number, a word or just a string of random characters. This key is applied to a message to change the content  and make it unreadable. This key could be as simple as reversing every word so it is written backwards. It acts as a password so only the sender and receiver can decrypt and read the message. Symmetric Key Systems and very simple and fast, although the main disadvantage of using this method is that you have to share the key with the receiver somehow, meaning anyone could get hold of it and decrypt your messages. Stream Cipher & Block Cipher A stream cipher is a type of symmetric encryption, they are designed to be exceptionally fast, much faster than any block cipher. Block ciphers operate on large blocks of data, whereas stream ciphers encrypt each plaintext di

Different Types of Access Security Identification - This is when somebody says who they are. Authentication - This is when somebody proves they are who they say they are, this is usually through some form of ID, i.e. Passport or Driving License.   Authorisation - This is when somebody gives you permission to do something. Two Factor Standard Of Authentication Two factor standard of authentication is when two different types of proof is necessary. For example when withdrawing money from an ATM you would need a valid debit card and the corresponding PIN number. Two factor standard of authentication is better and far more secure than one factor standard authentication because it requires the attacker to gain two different types of authentication which is much harder than finding out just one.  Username/Password This method requires the user to provide a valid username and corresponding password, if either of these is incorrect they will be denied access. This is a good metho

Policies and Procedures Security Policies A security policy is a document containing the rules and regulations regarding computer network access within an organisation. The purpose of the security policy is so that all the users within the organisation have a set of rules to follow and also so the organisation can protect their devices. The security policy will be constantly changing and being improved because over time they will discover more and more things they have missed out. It is important to have a security policy in place so that all of their data is secure and can only be accessed by authorised people. Education and training All organisations should have policies in place regarding education and training, this is to ensure all colleagues are able to use the latest software and are aware of the latest and best techniques to use when working on the organization's network. If a colleague regularly uses a piece of software, and a 2013 version is released with new helpful