Unit 4
🎯 Unit 4 Overview
Unit 4 focuses on information security and network security. It covers network threats,
security controls, wireless security, honeypots, firewalls, IDS, email security, IP security
and web security protocols.
Exam Tip: Firewalls, IDS, PGP, S-MIME, IPSec and SSL/TLS are highly important for RGPV exam.
🛡️ Information Security
Information Security means protecting information from unauthorized access, misuse,
modification, destruction or disclosure.
Main Goals of Information Security
- Confidentiality: Only authorized users can access data.
- Integrity: Data should not be changed by unauthorized users.
- Availability: Data and services should be available when needed.
- Authentication: Identity of user should be verified.
- Non-Repudiation: Sender cannot deny sending the message.
⚠️ Threats in Networks
Network threats are attacks or risks that can damage computer networks, steal data or interrupt services.
| Threat |
Description |
| Malware |
Malicious software like virus, worm, trojan and ransomware. |
| Phishing |
Fake messages or websites used to steal sensitive information. |
| Denial of Service |
Attack that makes a network or service unavailable. |
| Spoofing |
Attacker pretends to be a trusted user or system. |
| Man-in-the-Middle |
Attacker secretly intercepts communication between two parties. |
| Password Attack |
Attack to guess, steal or crack passwords. |
🏗️ Network Security Controls – Architecture
Network security architecture includes different security layers and mechanisms used to protect
network resources.
Important Security Controls
- Firewall
- Intrusion Detection System
- Intrusion Prevention System
- Antivirus and Anti-malware
- Authentication system
- Access control
- Encryption
- VPN
- Security monitoring
📡 Wireless Security
Wireless security protects wireless networks from unauthorized access and attacks.
Common Wireless Threats
- Unauthorized access
- Eavesdropping
- Rogue access points
- Weak password attacks
- Packet sniffing
Wireless Security Methods
- Use strong Wi-Fi password
- Use WPA2 or WPA3 encryption
- Disable open access
- MAC filtering
- Network monitoring
🍯 Honeypots
A honeypot is a security mechanism that acts like a fake system to attract attackers.
It helps security experts study attack methods.
Uses of Honeypots
- Detect attackers
- Study attack behavior
- Collect attack data
- Improve security systems
Honeypot real production system nahi hota, ye attacker ko trap karne ke liye fake system hota hai.
🚦 Traffic Flow Security
Traffic flow security protects information related to communication patterns such as who is communicating,
when communication is happening and how much data is transferred.
Methods
- Traffic padding
- Encryption
- Routing control
- Anonymous communication
- VPN tunneling
🔥 Firewalls
A firewall is a network security device or software that monitors and controls incoming and outgoing
network traffic based on security rules.
Functions of Firewall
- Blocks unauthorized access
- Filters network traffic
- Prevents malware communication
- Controls application access
- Protects internal network
🧱 Types of Firewalls
| Firewall Type |
Description |
| Packet Filtering Firewall |
Filters packets based on IP address, port number and protocol. |
| Stateful Inspection Firewall |
Tracks active connections and checks packet state. |
| Proxy Firewall |
Acts as an intermediate system between user and internet. |
| Application Level Firewall |
Filters traffic at application layer. |
| Next Generation Firewall |
Includes deep packet inspection, application control and intrusion prevention. |
| Personal Firewall |
Installed on individual computers to protect them. |
🚨 Intrusion Detection System
IDS monitors network or system activities and detects suspicious or malicious behavior.
It alerts the administrator when an attack is detected.
Types of IDS
- Network-based IDS: Monitors network traffic.
- Host-based IDS: Monitors activities on a single host.
- Signature-based IDS: Detects known attack patterns.
- Anomaly-based IDS: Detects abnormal behavior.
📧 Email Security
Email security protects email communication from unauthorized access, phishing, spam,
malware and data leakage.
Email Security Threats
- Spam emails
- Phishing attacks
- Email spoofing
- Malware attachments
- Data leakage
🔏 Pretty Good Privacy (PGP)
PGP is an email security system used for encryption, decryption and digital signatures.
It provides confidentiality, authentication and integrity.
Services Provided by PGP
- Authentication
- Confidentiality
- Compression
- Email compatibility
- Segmentation
📨 S-MIME
S-MIME stands for Secure/Multipurpose Internet Mail Extensions. It is used to secure email
communication using encryption and digital signatures.
Features
- Email encryption
- Digital signature
- Authentication
- Message integrity
- Certificate-based security
🌐 IP Security
IP Security protects data communication at the IP layer. It provides secure communication
over public networks.
Important IP Security Topics
- IPSec overview
- IP version 6 authentication
- Encapsulating Security Payload
- Internet Key Exchange
🔐 IPSec
IPSec is a set of protocols used to secure IP communication through authentication and encryption.
Services of IPSec
- Confidentiality
- Integrity
- Authentication
- Anti-replay protection
- Secure VPN communication
Modes of IPSec
- Transport Mode: Only payload is protected.
- Tunnel Mode: Entire IP packet is protected.
📦 Encapsulation Security Payload
ESP is a component of IPSec that provides confidentiality, authentication and integrity
by encrypting the payload.
Functions
- Encryption
- Authentication
- Integrity checking
- Anti-replay protection
🔑 Internet Key Exchange
IKE is used in IPSec to establish secure keys between two communicating parties.
Functions of IKE
- Negotiates security parameters
- Authenticates communicating parties
- Generates shared secret keys
- Maintains secure association
🌍 Web Security
Web security protects websites, web applications and online transactions from cyber attacks.
Common Web Threats
- SQL injection
- Cross-site scripting
- Session hijacking
- Phishing
- Malware injection
🔒 SSL/TLS
SSL/TLS is used to secure communication between web browser and web server.
HTTPS uses TLS for secure communication.
Services
- Encryption
- Server authentication
- Data integrity
- Secure session establishment
SSL is older, TLS is newer and more secure. Modern websites use TLS.
💳 Secure Electronic Transaction
SET is a security protocol designed for secure credit card transactions over the internet.
Goals of SET
- Secure online payment
- Cardholder authentication
- Merchant authentication
- Confidential payment information
- Transaction integrity
⚖️ Firewall vs IDS
| Firewall |
IDS |
| Controls incoming and outgoing traffic. |
Monitors traffic and detects attacks. |
| Can block unauthorized traffic. |
Mainly generates alerts. |
| Works as first line of defense. |
Works as monitoring and detection system. |
| Uses security rules. |
Uses signatures or anomaly detection. |
⭐ Important Questions
- Explain information security and its goals.
- Explain threats in networks.
- Explain network security controls and architecture.
- What is firewall? Explain types of firewalls.
- Explain Intrusion Detection System and its types.
- Explain email security threats and controls.
- Explain PGP and its services.
- Explain S-MIME.
- Explain IPSec and its modes.
- Explain SSL/TLS and SET.
🔥 Last Minute Revision
- Information Security protects confidentiality, integrity and availability.
- Firewall filters network traffic.
- IDS detects suspicious activity.
- Honeypot traps attackers.
- PGP and S-MIME secure emails.
- IPSec works at IP layer.
- ESP provides encryption and integrity.
- IKE manages key exchange in IPSec.
- SSL/TLS secures web communication.
- SET secures online payment transactions.