PCI- Internet Lesson

Internet

In this last lesson of this module, you will develop an understanding two things:

  • The process of how packets and protocols are vital to the exchange of information on the Internet.
  • Basic mechanisms used for protecting data and resources.

The Internet as we know, is a network of networks tasked with ensuring that information and knowledge is accessible to all built on protocol. How exactly does that exchange of information on the Internet play out on the Internet?

You will view two videos presented here to better understand packets and ports and its importance in the exchange of information on the Internet. As you view the video material, think about how information is transmitted over the internet and how that information is formatted.

Watch the Internet Packets, Routing video below.

In previous modules and lessons, you have learned about how the network is composed, its functionality and needs to properly protect networks. Securing data involves preventing that unauthorized access. As discussed in the previous lesson, encryption is a popular technique, but it is only one of the many for data security.

There are many different types of devices and mechanisms within the security environment to provide a layered approach of defense. This is so that if an attacker is able to bypass one layer, another layer stands in the way to protect the network. You will learn briefly about the two most popular and significant tools used to secure networks, firewalls and intrusion detection systems.

What is a Firewall?

A firewall is a device installed between the internal network of an organization and the rest of the network. It is designed to forward some packets and filter others.

For example, a firewall may filter all incoming packets destined for a specific host or a specific server such as HTTP, or it can be used to deny access to a specific host or a service in the organization.

What is an Intrusion Detection System (IDS)?

Let's start by understanding the terms intrusion detection, which is the process of monitoring for and identifying attempted unauthorized system access or manipulation. This system gathers and analyzes information from diverse areas within a computer or a network to identify possible security breaches which include both intrusions (attack from outside the organization) and misuse (attack from within the organization).

The IDS identifies any suspicious pattern that may indicate an attack on the system and acts as a security check on all transactions that take place in and out of the system.

 What is an Intrusion Prevention System (IPS)?

Intrusion detection system is a detective technology; it only detects the anomaly in the network and sends a notification to the concerned person, whereas an IPS is both detective and preventive technology. The Intrusion Prevention System’s goal is to detect malicious activity and not allow the traffic to gain access to its target network.

Another technique to secure data in your network, is the use of a virtual private network (VPN). The VPN creates an opportunity to establish a protected network connection when on public networks by encrypting and disguising your identity online.

Remember these facts ensure these are in place  to secure your network:

  • Firewalls with rules are in place.
  • Have antivirus software and antispyware on all devices in a network
  • Consistently complete software updates
  • Have strong password protocols that assist in creating good passwords and how not to share
  • Monitoring with an intrusion detection system (IDS)
  • Of course, a strong back up system is available just in case there is network failure.

[CC BY 4.0] UNLESS OTHERWISE NOTED | IMAGES: LICENSED AND USED ACCORDING TO TERMS OF SUBSCRIPTION