Scribd
Upload
302 views4 pages

Network Security Cheat Sheet

Network security protects computer networks from unauthorized access and attacks, ensuring data confidentiality, integrity, and availability. Key principles include confidentiality, integrity, availability, authentication, and non-repudiation, while various attacks such as malware, phishing, and DoS are discussed. The document also covers ethical hacking, encryption methods, and tools like firewalls and VPNs to enhance security.

Uploaded by

clownkoul
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
302 views4 pages

Network Security Cheat Sheet

Network security protects computer networks from unauthorized access and attacks, ensuring data confidentiality, integrity, and availability. Key principles include confidentiality, integrity, availability, authentication, and non-repudiation, while various attacks such as malware, phishing, and DoS are discussed. The document also covers ethical hacking, encryption methods, and tools like firewalls and VPNs to enhance security.

Uploaded by

clownkoul
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Network Security Cheat Sheet

Network Security

Network security involves protecting computer networks from unauthorized access, attacks, or damage. It

ensures data confidentiality, integrity, and availability.

Need for Network Security

- Prevent data breaches

- Protect against malware

- Ensure secure communication

- Maintain user privacy

- Comply with regulations

Principles of Network Security

- Confidentiality: Only authorized users can access data

- Integrity: Data is accurate and unaltered

- Availability: Services are accessible when needed

- Authentication: Verifying identity of users

- Non-repudiation: Ensures actions can't be denied

Attacks and Types

- Active Attack: Alters or destroys data (e.g., DoS, spoofing)

- Passive Attack: Eavesdropping without altering data (e.g., sniffing)

- Malware: Virus, worm, trojan

- Phishing, MITM, Ransomware

Cybercrime

Illegal activities using computers/networks. Examples: identity theft, hacking, data breaches.

IT Act 2000 and 2008

- IT Act 2000: Legal recognition to electronic transactions

- Amendment 2008: Added cyber terrorism, identity theft, child porn laws

Cyber Ethics

- Follow laws

- Respect privacy
- Avoid cyberbullying, piracy, or hacking

Ethical Hacking

Authorized testing of systems to find and fix vulnerabilities. Done by ethical hackers.

Hacking and Its Types

- Hacking: Unauthorized access

- Types: Black Hat (illegal), White Hat (ethical), Grey Hat (mix)

Skimming and Spoofing

- Skimming: Stealing card info using hidden devices

- Spoofing: Impersonating systems (e.g., email spoofing)

Hacktivism

Use of hacking to promote political/social messages

Attacker vs Hacker

- Attacker: General term for anyone trying to breach systems

- Hacker: Could be ethical or unethical

Bluejacking

Sending unsolicited messages over Bluetooth to nearby devices.

Encryption & Decryption

Encryption converts data into unreadable form; Decryption restores it back using a key.

Cryptography

The study and practice of secure communication using encryption techniques.

Symmetric vs Asymmetric Cryptography

- Symmetric: One key for encryption & decryption

- Asymmetric: Public/private key pair

DES, PGP, RSA

- DES: Old symmetric encryption algorithm

- PGP: Used for email encryption

- RSA: Asymmetric encryption using large prime numbers

Digital Signature vs Digital Certificate


- Digital Signature: Proves authenticity of a message

- Digital Certificate: Verifies ownership of a public key

SSL Certificate & HTTPS

SSL Certificate ensures secure data transfer over HTTPS (secure HTTP).

Difference: Virus, Worm, Trojan

- Virus: Attaches to files, needs host

- Worm: Self-replicates, spreads automatically

- Trojan: Disguised as useful software

MD5

Cryptographic hash function that outputs 128-bit value. Used for checksums. Not secure now due to

collisions.

Ransomware

Malware that encrypts data and demands ransom to unlock it.

Zombie

Compromised computer used in botnets to perform attacks without user knowledge.

Antivirus and Its Types

- Signature-based

- Heuristic-based

- Behavior-based

- Cloud-based

- Real-time

- Boot-time

Firewall and Its Types

- Packet-filtering

- Stateful Inspection

- Proxy

- NGFW

- Software

- Hardware

- Cloud
IDS and Types

- Intrusion Detection System detects suspicious activity

- Types: NIDS, HIDS, Signature-based, Anomaly-based, Hybrid

Teardrop Attack

DoS attack using fragmented packets that crash target systems. Mostly patched in modern OS.

VPN, Types, Diagram, Pros & Cons

- Virtual Private Network: Secure tunnel over internet

- Types: Remote Access, Site-to-Site, SSL, MPLS

- Advantages: Privacy, encryption, remote access

- Disadvantages: Slower speed, provider trust

VPN Key Exchange

- Uses Diffie-Hellman, RSA, or IKE for secure session key setup

- Establishes encrypted communication without exposing keys

You might also like