Securing resources and services Combine techniques
A successful security system is a matrix, or a combination of individual methods, techniques, and subsystems. Whenever possible, you
want to use as many security principles and techniques as possible to protect each resource.
For instance, a network that relies solely upon authentication is not nearly as secure as one that combines authentication, access
control, and encryption. Similarly, your site is better protected by packet filtering at the router combined with a firewall backed up
by user authentication and intrusion detection.
- TCP/IP :TCP/IP is the network protocol suite used by the Internet and most local area networks.
- Protocol stack :A layered set of protocols which work together to provide a set of network unctions.
Detecting and responding to network attacks and malicious code is one of the principal responsibilities of information security professionals. Formal techniques and procedures have been developed by expert practitioners in the field to provide a structured approach to this difficult problem.
Guide to Network Security
Different types of attacks and response mechanisms
Malicious code is intended to harm, disrupt, or circumvent computer and network functions. This code can be mobile, such as Java applets or code in the Active X environment. It can also attach itself to legitimate code and propagate.
In addition, it can lurk in useful applications or replicate itself across the Internet. The following sections describe these different types of malware.
A virus is code that attaches to a host program and propagates when the infected program is executed.
Thus, a virus is self-replicating and self-executing. Viruses are transmitted in a variety of ways, including as part of files downloaded from the Internet or as e-mail attachments.