Identifying and preventing vulnerabilities
One of the roles of the networkA group of interconnected computers/devices. manager is to ensure the network is safe from attacks and threats of any kind. There are many techniques that can be used to help keep a network safe, including:
- penetration testingSystems are tested for vulnerabilities to reveal any weaknesses in the system which can be fixed.
- network forensicsThe monitoring, storage and analysis of traffic on a network.
- network policyA policy that provides rules and guidelines on what network users can and cannot do.
- access rightsThese are the permissions given to a user to access facilities on a computer.
- secure passwordA collection of characters for user authentication to secure access.
- encryptionFiles that are encrypted have been altered using a secret code and are unreadable to unauthorised parties.
- anti-malware softwareA type of computer program which detects, prevents and removes malware on a system.
- firewallAn application that prevents unauthorised connections to and from the Internet.
Penetration testing
The purpose of penetration testing is to determine how resilientAble to withstand or recover quickly from difficult conditions. a network is against an attack. It involves authorised users (sometimes an external party or organisation) who probe the network for potential weaknesses and attempt to exploit them. softwareThe programs, applications and data in a computer system. Any parts of a computer system that aren't physical. that enables network managers to test the resilience of networks themselves is also available.
Network forensics
Network forensics involves monitoring the traffic on a network. At regular intervals transmitted dataUnits of information. In computing there can be different data types, including integers, characters and Boolean. Data is often acted on by instructions. packets are copied. The copy and information about the packet are then stored for later analysis. This is usually processed in batches. The information gathered can help identify invasive traffic (from hackers) or to determine where data is being sent.
Network policies
Users of a network are often the source of threats, whether accidental or deliberate. A network manager should have an acceptable use policy which ensures:
- users have a secure, hard-to-guess password which meets specified conditions
- users change their password on a regular basis
- users cannot connect unauthorised equipment to the network, such as USB memory sticks, smartphones and tablets
- levels of access are given, which allow only authorised users to access sensitive data
- a regular backupA copy of important files that is kept separately in case the original files are lost or damaged. procedure is in place
- a disaster recovery procedure exists in case of data loss
- regular penetration testing and forensic analysis
- regular maintenance including applying software upgrades and security patchAn update to a piece of software, usually to fix bugs or improve the software in some way. to equipment
- preventing physical access to servers
- maintaining a high level of security with up-to-date anti-virusAnti-virus software scans all forms of storage devices for viruses (programs harmful to computers) and, if found, attempts to remove them. and firewalls
User access levels
Access levels determine the facilities a user has access to, such as:
- software
- internet access
- documents and data
- the ability to install and/or remove software
- the ability to maintain other users' accounts
A network manager should make sure users can only access the facilities they need. For example, an office worker might need access to productivity software, email and the internet, but not to install software or access other users' accounts. Restriction limits the actions a user can take, thereby reducing the potential of threats.