Network Security Assignment Example | Topics and Well Written Essays - 2000 words

Network Security - Assignment Example Information security entails the adoption of specific measures that are supposed to prevent the unauthorized access, manipulation, use or the denial of access to any data, information, or capabilities that will ensure confidentiality (Douligeris and Serpanos, 2007). All these measures should be implemented to ensure the security of all the resources within the organization. Organizations nowadays have greatly relied on the various network technologies that ensure efficient data communications between different departments, at the same time ensuring that communication channels are secure. The expansion of an organization results into more resources being acquired in terms of new computers, printers, telephones, communication channels, hardwares and software’s and also the adoption of sophisticated network architectures. This results into an increased concern for information security within the organization to ensure that only the authorized personnel access the resources. Quest ion 1. The question describes the main security issues, the principles of public key encryption, and the role of certification authority as follows: Security issues facing the expansion of the organization Expansion of the organization will result into a rise in the demand of various resources. More hardware and software will be acquired, more people will be employed, and the network architecture to be used and various protocols will change to meet the organizational needs. Various security issues will arise; in physical security, all the tangible assets within the organization such as computers (both personal and laptops), network printers, telephones, storage media, people, network cables, and servers will face a security threat. Indeed, each of the organizations assets faces a security threat from within (internal) and from outside the organization (external). Security issues that will arise from within the organization (internal attacks) include access attacks such as eavesdropp ing (listening to a conversation that one is not part of) by fellow employees or through wireless networks, and snooping (looking through information files). Others include interception of transit information, unauthorized access to computers by employees, computer attacks by viruses, worms, Trojans, internal hackers and theft of hardware from within the organization (Maiwald, 2003). External attacks include hackers and cyber terrorists, and malware. The organization needs to address the measures that will be used to ensure security of both information, physical hardware, internal and external attacks are checked. Internal threats from employees are both intentional and accidental, where an employee can eavesdrop on another employee, hence gaining access to some information during conversation. In addition, employees can forge passwords of their colleagues and hence gain access to their computers, use, modify, and transfer information to other unauthorized members outside the organi zation. Moreover, employees may bring external or foreign insecure hardware into the organization, resulting into virus infection and transmission. Lastly, employees could steal portable small size hardwares from the organization. Information and communication within the organization will be affected in one way or another. There might be lots of network traffic caused by attacks on