Logout

Home Topic 3 Last Next

3.1.16

Evaluate the advantages and disadvantages of each method of network security.

 

Teaching Note:


 

Sample Question:

sdfsdfsf

JSR Notes:

 

1. User ID

(Adv.) Strengths - relies on human beings as the ultimate keeper of the "open sesame" key. And so someone who does a good job of making secure passwords, and keeps other good habits like not sharing them or writing them down anywhere, can help their own security cause.

(Disadv.) Vulnerabilities/Weaknesses - the same thing that makes user ID systems strong, can make them weak. People can have poor user ID/password habits, including losing them, and not having them be secure enough. Weak password are prone to "brute force" attacks, where all combinations of letters/numbers/symbols are tried until the password is determined. The number of characters in a password exponentially influences how long such attacks will take, as does then breadth of keys used in the password. Check out this link to see the effect of numbers of characters and breadth of characters in a password. And check out my own password management hints here.

 

2. Permissions

(Adv.) Strengths - Allows multiple users to be able to access the same files on the network (or indeed a computer), but at different level; what one person can do with a file (in terms of reading and writing - i.e. editing) another may not be able to do.
- Works well with User ID (Accounts) systems.

(The same sorts of advantages of any "access" system, like keys to a building, with master keys and so on.)

(Disadv.) Vulnerabilities/Weaknesses - It can be a pain to manage various permissions, and an inconvenience and frustration when a user can see a file, but not be able to either read it or change it.
- Permissions are susceptible to being corrupted, as they are simple small amounts of data, and flipped bits can cause a Read to become a No Access, for example. The Permissions Repair ability of the Mac OS Disk Utility can restore permissions to their required state.
- If there is an incorrect permission on a crucial file, that alone can cause a whole process or program to freeze. (For example, if a Read for one of the System's "users" becomes No Access on a crucial file, that crucial file cannot be used at all.)

Here's an image that gives you a visual of how permissions can be very error prone. This is a screenshot of doing a "Permissions Check" on a Mac, and sure enough most times you run this, there will be multiple permissions which have gotten corrupted/changed.

Permissions problem

And actually, note that an accounts/log-in system is really just an organized way at managing permissions.  In fact, each and every file will have a certain set of permissions; one for each user account on the computer.  So an administrator account might have “read and write” for most of the data files, though actually “no access” for lots of other system files that area actually hidden from all accounts normally.  Meantime, a typical user account will have “read only” for all of the application programs, and “no access” for a bunch of utilities etc., but will have full “read and write” for their “Home” folder.  Yet inside that, they may have a “Public” folder that will have “read and write” access for all users on the computer.

This is the same idea as giving differnet permissions to documents and folders on Google Docs.

 

3. Trusted Media Access Control (MAC) addresses

(Adv.) Strengths - Devices can be kept track of as being trusted or not. So this can prevent all sorts of security breaches, as long as users of those machines are not allowed the administrator privileges to spoof the MAC address.

(Disadv.) Vulnerabilities/Weaknesses - The MAC address can be spoofed.

 

4. Encryption

(Adv.) Strengths - As long as the encryption method used is strong, it can be virtually impossible to intercept and decipher communication. This is particularly important for wireless networks, in which it is easy to "pick out of the air" the communication. VPN tunneling relies on strong encryption.

(Disadv.) Vulnerabilities/Weaknesses - If encryption methods are used which are too weak, a good hacker can decipher
- Encryption is only as good as how often and consistently it is used. Slip ups by individuals taking chances with information, or just forgetting, can cause businesses and organizations a lot of embarrassment, and indeed money through industrial espionage.
- Sooner or later all encryption techniques are hacked or vulnerabilities found.
- It takes time to encrypt and unencrpyt (which is why sometime people can forgo encryption even though they know they should not.)

WPA-specific:

 

 

5. Firewalls

(Adv.) Strengths - As long as it's kept up-to-date, and is high quality, with the latest technology, it can keep malicious people and devices at bay, not letting them through to the network at all.

(Disadv.) Vulnerabilities/Weaknesses - Can be breached, particularly if not kept perfectly up-to-date. Various firewall software and hardware varies to the degree which it is able to handle malware and attacks. The best firewalls and the services by technicians needed to keep them functioning safely, but also smoothly, without interfering with safe traffic too much, are expensive.