Chapter 10: Ensuring Network Security

Lesson 1: Making Networks Secure

1. Describe two common ways by which unauthorized users can gain access to a�network; for each, describe how unauthorized access can be prevented.

Unauthorized users can gain access to most peer-to-peer networks by typing in a unique username and password at any of the networked computers. The best preventative measures include making the networked computers physically inaccessible by locking the area that contains them, or to enable BIOS security which allows the user to set a computer access name and password.

Unauthorized users can also access a server-based network by using someone else's name and password. The best way to prevent this is to have an enforced password policy in which passwords are not written down and are changed regularly.

2. Describe the differences between password-protected shares and access permissions.

Password-protected shares require that a password be assigned to each shared resource. Access to the shared resource is granted when a user enters the correct password. Access-permission security involves assigning certain rights on a user-by-user basis. A user types a password when logging on to the network. The server validates this user name and password combination and uses it to grant or deny access to shared resources.

3. Define data encryption and DES.

Data encryption is the scrambling of data to make it inaccessible to unauthorized persons. In a network environment, data can be encrypted before being sent onto the network. This makes the data unreadable, even by someone who taps the cable and attempts to read the data as it passes over the network. When the data arrives at the proper computer, the code for deciphering encrypted data decodes the bits, translating them into understandable information.

The Data Encryption Standard (DES) was developed by IBM and adopted as a specification for encryption by the government of the United States. DES describes how data should be encrypted and provides the specifications for the key to decryption. Both the sender and the receiver need to have access to the decryption key. Because the only way to get the�key from one location to another is to physically or electronically transmit it, DES is vulnerable to unauthorized interception.

4. Identify four common types of computer viruses and describe how they are transmitted; describe three ways to help protect computers in a network against viruses.

Four types of computer virus are called companion, macro, polymorphic and stealth. Each is a kind of file infector virus. They can be transmitted by any physical means such as CDs, floppy disks or a direct cable connection between computers, and by electronic means such as e-mail and internet downloads. Three means of protection against a computer virus are the installation of current anti-virus software, write-protection of disks, and disabling macro capabilities in vulnerable software.

Lesson 2: Maintaining a Healthy Network Environment

1. Describe the ways in which heat, humidity, dust, and smoke can each have an adverse effect on computer health. For each, describe preventive measures that can be taken to protect computers in such environments.

If the room temperature in which the equipment is located is too high, a computer's cooling fan and ventilation slots will be unable to maintain the correct operating temperature and components will begin to overheat and fail.

High humidity promotes corrosion. Corroded contacts on cable connections and expansion cards will cause intermittent failures. Corrosion can�also increase the resistance of electrical components, leading to a temperature increase that can be followed by component failure or fire.

Dust is electrostatically attracted to electronic equipment. It acts as an insulator that affects the cooling of components, causing them to overheat. Excessive dust on electronic equipment can cause electrical shorts and catastrophic equipment failure.

Smoke coats the surfaces of electronic components, acting as both insulator and conductor. Smoke residue also enhances the accumulation of dust.

Because electronic equipment is designed to operate within the same range of temperature and humidity that feels comfortable to human beings, the best preventative measure is to provide the computers with just such an environment.

2. Identify some of the human factors that can unintentionally alter a computer's operating environment. Describe the consequences to a computer of these factors, and suggest some preventive measures for each.

Because few employees have any awareness of the ventilation requirements for computer equipment, they impede the natural flow of air in and around the equipment. Once this happens, maintaining the proper temperature is impossible and failures begin. The spilling of liquid refreshment takes a toll on keyboards and computers. When it gets cold outside, space heaters are used in under-heated offices and are usually placed under the desk, often in close proximity to computers. This can present two problems: the computer becomes overheated, and the space heaters can overload power outlets, tripping circuit breakers or even causing fires. Humans can spill liquids such as coffee on computers, impede the flow of the computer's cooling air, and overheat computers with space heaters. The liquids can destroy the computer's internal circuitry and make keyboards unusable. Blocked air flow can cause a computer to overheat and burn out electronic components. The best preventative measure is to make computer users aware of the consequences of such behaviors.

3. Identify the principal hidden and industrial factors that can affect a�network's health. Include out-of-view network equipment in both an office, and a manufacturing environment. Discuss what precautions can be taken, or what changes might need to be made, for each of these hidden and industrial factors.

Hidden factors include network wiring that runs through an attic, within walls or is otherwise invisible can be damaged during repairs to other objects in those spaces. Insects and rodents can use network materials for construction purposes of their own.

Industrial factors include noise, electromagnetic interference (EMI), vibration, corrosive and explosive environments, and untrained and unskilled workers.

These factors can be addressed by installing the networking equipment in separate enclosures with outside ventilation by using fiber-optic cabling to reduce electrical interference and corrosion problems with the cable by making sure that all equipment is properly grounded and by providing proper training to all employees that need to use the equipment.

A small organization recently suffered security breaches in its peer-to-peer network. The intruder stole valuable business data. The organization's need for�security became apparent, and now a modest-sized, but more secure,
server-based network is in place.

The organization is located in a small California community that experiences frequent earthquakes and power outages. Your job is to plan how to avoid breaches of security and plan for disaster recovery at the same time. In this exercise, examine preventive measures the organization can take to avoid data loss due to human activities and natural disasters such as earthquakes.

List the categories of things that can put the organization's data at risk. Discuss the preventive measures and recovery plans appropriate for each kind of�data loss.

An organization's data can be put at risk by:

• component failure.
• computer viruses.
• data deletion and corruption.
• fire caused by arson or electrical mishaps.
• natural disasters, such as lightning, floods, tornadoes, and earthquakes.
• power-supply failure and power surges.
• theft and vandalism.

An organization can take the following preventive measures to avoid data loss due to human activities and natural disasters:

• Use of tape and optical storage backup systems to minimize the risk of losing data. By maintaining current backup copies of existing files, data can be recovered if harm comes to the original data.
• Installation of Uninterruptible Power Supply (UPS) will allow computers to keep servers or other devices running in the event of a power failure. The best UPS systems perform online. When the power source fails, the UPS batteries automatically take over. The process is invisible to users.
• Incorporation of fault-tolerant disk systems such as Redundant Array of�Independent Disks (RAID), Sector Sparing and disk clustering will protect data by duplicating data or by placing data in different physical sources, such as different partitions or different disks. Data redundancy allows access to data even if part of the data system fails.

Disaster-recovery success is only as good as the disaster prevention and preparedness measures taken beforehand.

The only protection from a data-loss disaster is to implement one or more of the methods described earlier to back up data. Store your backups in a secure place, such as a bank safe deposit box, away from the network site. To fully recover from any disaster you will need to:

• Make a disaster-recovery plan.
• Implement the plan.
• Test the plan.

1. The first consideration in keeping data safe is to ensure the security of the network __________________.

hardware

2. Another term for access permissions is __________ - _____________ _________________.

user-level security

3. Implementing password-protected shares involves assigning a password to each shared _________________.

resource

4. If a share is set up as ___________ - ___________, users can look at the documents or copy them to their machines, but they cannot change the original documents.

read-only

5. Access permission security involves assigning certain ______________ on a user-by-user basis.

rights

6. The most efficient way to assign permissions is through the use of ______________.

groups

7. Through auditing, selected types of events are recorded in the _________________ __________ of a server in order to track network activities by user accounts.

security logs

8. A data- __________________ utility scrambles data before it goes out onto the network.

encryption

9. The Commercial COMSEC Endorsement Program (CCEP) authorizes manufacturers to incorporate classified ________________ into the communication systems they sell.

algorithms

10. Diskless computers communicate with the server and log on through the use of a special ROM boot chip installed on the computer ________________ _________________ ___________.

network interface card

11. The two most important environmental conditions to monitor are _____________________ and __________________.

temperature, humidity

12. Proper ____________________ is required to prevent a computer from overheating.

ventilation

13. The potential for ESD increases as the humidity ______________.

drops

14. True or False: If network cables are installed in the walls and in the ceilings, they will be safe from all damage.

False

15. A ___________ atmosphere with high __________ will most certainly destroy any computer equipment in a matter of days or months.

corrosive, humidity

16. The first line of defense against loss of data is usually a ___________ ________________ system.

tape backup

17. It is important to have a regular ______________ for backing up data.

schedule

18. Maintaining a __________ of all backups is important for later file recovery.

log

19. When backing up across a network, network traffic can be reduced by placing the backup computer on an isolated _______________.

segment

20. Fault-tolerant systems protect data by duplicating data or placing data in different _______________ sources.

physical

21. RAID level 0, called ____________ _______________, divides data into 64K blocks and spreads it equally in a fixed rate and order among all disks in�an array.

disk striping

22. Level 0 disk striping does not offer data ___________________.

protection

23. Disk __________________ duplicates a partition and moves the duplication onto another physical disk so that there are always two copies of the data.

mirroring

24. Duplexing is intended to protect against disk ___________________ failures, as well as media failures.

controller

25. Writing complete blocks of data to each disk in the array is known as disk ________________.

striping

26. In Windows NT Server, the ___________ _____________________ program is used to configure Windows�NT Server fault tolerance.

Disk Administrator

27. In RAID level 10, data that is contained on a physical drive in one array is __________________ on a drive in the second array.

mirrored

28. "Clustering" is the term applied to a group of ___________________ systems working together as a single system.

independent