network and data security, Summaries of Computer science

Network and Data Security – Complete Notes These notes cover the fundamentals and advanced concepts of Network and Data Security for diploma/engineering students. The content includes detailed explanations of cyber threats, types of attacks (phishing, malware, DoS, man-in-the-middle), and security mechanisms used to protect systems and data. Topics covered: Basics of Network Security Cryptography (encryption, decryption, hashing) Authentication & Access Control Firewalls, VPNs, IDS/IPS Data Security principles (Confidentiality, Integrity, Availability) Secure communication protocols Includes important definitions, diagrams, and exam-oriented questions for quick revision. These notes are easy to understand and ideal for semester exams and concept clarity.

Typology: Summaries

2023/2024

Available from 05/01/2026

nihar-vartak
nihar-vartak 🇮🇳

1 document

1 / 34

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22

Partial preview of the text

Download network and data security and more Summaries Computer science in PDF only on Docsity!

—=———_| ee —=51 Saban Bete Lystem ; - i ae moniter, akivity _ and. Auptetoud evenly ~ Kraves_an ubeam _ I —_-> || ——_ | =| Gubler Nounme 4 => |_ Jhnaae j oO High love Counter Meaustte > evenly ~ Boalt +> Atotuge dow level Events even IDS teceves saw Lnpul: feom Jeror_, When an_éyene ow - | i Almple Vow level evenl-_, IDS Aimblie otfores te inpuul and takes “aunt meduuies (Gandara) : ; FOR EDUCATIONAL USE C Scanned with OKEN Scanner E lar? int Se & Watt Nn aS Ny Zou _4 ; ND Sy e gs Bg a Hoge Moluiprk ~~ L in Awe Wi, = << = ot 7 Internet) on . [7 _ | daunth roy _ __| | attack |__ dttack : — | FOR EDUCATIONAL USE C Scanned with OKEN Scanner — i a aty ~z8_monilou_ audit fit and geoph iey_of A oo eee paobl L_ if. # ——— ——— a =.) ysl Ayslem__and— a limited fo poon ut Hacks fiom atonal source or Local souse Foth are deleted bp. thee £08 h. {Relais eee Common _exambler..ate anlivitw Monit. chamolys: debe: 4 4 dn Alive ugh jit take wulitad Lyon and. can be Ahutting chun Y owes dlsconnedking AOU) Passive HIDS taker Pno action indtrad Znuruy audit tails and Logs ahd nohigiv adminudtator Hh (ontiypol ‘How Honeypot works: "FOR EDUCATIONAL USB C Scanned with OKEN Scanner o) | ee neypor it a __cgmbuler syshem on network. aw bith Aor cola _ancd —tpprypok Zr opm fo_allachers fk pts Le lp tye _an_altacker A atker attack i£ —Honeypok can he wed fos fallawing TLOALNA. * Io wath what Bako dh Se Pee alls fa plat_ip phic a ollacket bide and “dite Din - Pventhough Wwe mE allyker to have aer We ay Wea fotewalh in honeypot - SE vy fwt web for munilorng_the_sikem d Y 7 7 Advankagen - Honeypol ane focussed - con copluee Znuypled actly = Shey. die flexible “ - Thay: Werk with TPvé fi -ilyadunntapes alate file cnvitonment. m = monitoring oHacker ieplaly. C Scanned with OKEN Scanner D ple 7 = Ke ba wan fo gen soaie on deen A | L " i ; Zeguutst LP KDC C kerbems kay ~ |] Picfemeeeee d pet ucesing fhe wovify Hh ¢ Yj ; pesposms 5 Uotding Alebs a 0 é & E CO) on Key tuk will be wed “2 enuybt — cammuniratg blween client 7 | LA eX ERD sension Leckeh inclucles coby af Sees ton kay + alion Obed. Len: realy ng bhe—ouovirg om wi ¥ gnu session ick. viding tenn AG toy JI Z. la | + [hen kp¢ Audie entiyptect stHlon ticket: | | ys | copy of seniin key | Td + y ig | pananocten fo henl, « Fnouph thin Whole package uling crenls fay?" VA daram FOR EDUCATIONAL USE @ Scanned with OKEN Scanner decay ypti iL - Ue tlienk weileues respunae fom ket and _ ~ | 9 Zpbtaing dessin _ Koy mele fon MA “abiny whith 7éoaver bh . nk cnr sead session tickee as aa enteypked en AS Koy, but fe iw 2 fou choke fo sone intudu fp be _authenli caked | cient then ceates authentiakr and = cnuypla wilh seuion ley (20) X IP security oxotwol center sere quthenkaked leliable’ communitaliin ven TP nelwork [Per Jeauily Protveol, a duthenk lion Header = Entapsulaking ey, Fauloael duthenti: abn Toe Beovides = _conneckion lon InKariby Authentication = Protection agatn. seplayg aacks Encaosulating Secmity “Tiga puvides | “aiohidenally |= _dghenticalion | Sotepuity |__ fal glotols can pe =e. alone a | abblied ' tn tombin | Tec mode of _opualion =? Lod | Junnel MOUe | rpoyided Amt tp nelwotk Ok 7 ,! nelwotk fo hot secutity I Tranaport (| (a __._— eames | b. re FOR EDUCATIONAL USE @ Scanned with OKEN Scanner Scanned with OKEN Scanner working of soTP (>) Client Mail Server SMTP acs _ —— _> — -_— is — 4 POP/IMap — ees | Se | f SMTP Advantages of sare Till - J peduides Atmplat form of communiration Fuad email | menage betwen Woniows cornbubes in network 7 > Quick Email | beliveny “fing SMIP dlavtlopect fom dirnple platform mal musage can be Tonk” ecuily and quictly tr? J} 0. : var zasabilly in tum of aukgoing FOR EDUCATIONAL USE C Scanned with OKEN Scanner gunk of DEM lt tp add _secmity f fol Pmail use in inbenele 7 dE peanvidle following svi Inlemily-_Which eruuer ynewage aedpionl- am hak “mensae Fay_pot_ben Z rout fied a Authentication - whith eres _a message zene: — He need was _aenk Shy .. suifinaly UA a whith allows mesa pe eit ide nl ly “Te Original: ay "FOR EDUCATIONAL USE a. @ Scanned with OKEN Scanner C Scanned with OKEN Scanner Database security It is essential because databases store an organization's most valuable asset — its data. This data may include personal information, financial records, intellectual property, business secrets, and operational details. Protecting it is critical for individuals, businesses, and governments. Need of Database Security 1. Protect Sensitive Data Databases often store: + Personal information (names, addresses, IDs) + Financial data (credit card numbers, bank details) + Medical records - Confidential business information Without security, this data can be stolen or misused, 2. Prevent Data Breaches Cyberattacks such as: + SQL Injection « Malware attacks + Insider threats + Ransomware can compromise databases. Security measures reduce the risk of unauthorized access. 3. Ensure Data Confidentiality Only authorized users should access specific data. For example: - HRstaff can access employee records. + Customers cannot view other customers' data. @ Scanned with OKEN Scanner SQL INJECTION ATTACK SQL Injection (SQLi) is a cyberattack technique where an attacker inserts malicious SQL code into an application’s input field to manipulate the backend database. It happens when: - User input is not properly validated « SQL queries are built using string concatenation + The database executes malicious input as part of a query Impact of a successful SQL injection attack? A successful SQL injection attack can result in unauthorized access to sensitive data, such as: + Passwords. + Credit card details. + Personal user information SQL injection in different parts of the query Most SQL injection vulnerabilities occur within the WHERE clause of a SELECT query. Most experienced testers are familiar with this type of SQL injection, However, SQL injection vulnerabilities can occur at any location within the query, and within different query types. Some other common locations where SQL injection arises are: + InUPDATE statements, within the updated values or the WHERE clause. + In INSERT statements, within the inserted values. + In SELECT statements, within the table or column name. @ Scanned with OKEN Scanner SQL Injection Attack (SGLi) 2. Malicious SQL query is validated & command is 1. Hacker identifies vulnerable, SQL- driven website & injects malicious SQL executed by query via input data. database. oq WEBSITE eo INPUT FIELDS 3. Hacker is granted access to view and alter records or potentially act as database administrator. HACKER S DATABASE Types of SQL Injection (In Short) 1. In-Band SQL Injection The attacker uses the same communication channel to send the attack and get results. Error-Based SQLi — Uses database error messages to gather information. Union-Based SQLi— Uses UNION operator to combine results and extract data. 2. Blind SQL Injection No error messages are shown. The attacker gets information indirectly Boolean-Based Blind SQLi — Sends true/false conditions and observes response changes. @ Scanned with OKEN Scanner