Chapter 1: Fundamentals of Network Security

What Is Network Security?

Network security is the protection of network communications from:

  • Unauthorized access

  • Abuse or misuse

  • Damage or disruption

It includes monitoring traffic, blocking unsafe activity, and responding to threats.

Core Security Principles

Confidentiality

Protects data from being seen by unauthorized users. Only people with a valid need to know should have access.

Integrity

Protects data from being changed improperly. Ensures data remains accurate and consistent.

Availability

Ensures systems and data are accessible when needed. Protects against downtime and data loss.

Authentication

Verifies who a user is. Examples: passwords, biometrics, multifactor authentication (MFA).

Authorization

Controls what a user is allowed to do. Based on job roles and need to know.

Nonrepudiation

Prevents users from denying actions they performed. Often provided through encryption and digital signatures.

Security Policies

A security policy defines:

  • What is allowed

  • What is not allowed

  • How security is enforced

Policies keep security organized and effective.

Network Fundamentals

TCP/IP

Most networks use TCP/IP.

Two versions of IP:

  • IPv4 – most widely used today

  • IPv6 – newer and growing in use

OSI Model

The OSI model explains how network communication works using seven layers.

Layer

Function

7

Application – User programs

6

Presentation – Format data

5

Session – Manage sessions

4

Transport – Send data

3

Network – IP and routing

2

Data Link – MAC addresses

1

Physical – Bits and signals

Addresses

Logical Addresses (IP)

  • Identify devices globally

  • Unique across the Internet

  • Not tied to physical hardware

  • Allow communication between any two hosts

Physical Addresses (MAC)

  • Identify devices locally

  • Unique only on the local network

  • Assigned by the NIC manufacturer

  • Tied to hardware but can be spoofed

MAC Address Spoofing

MAC addresses can be changed using:

  • Linux, Unix, macOS commands

  • Windows tools (SMAC, MAC Changer, etc.)

Network Security Components

Nodes and Hosts

A node is any device on a network (PC, printer, server).

A host is a node with an IP address that provides or uses services.

Firewalls

A firewall filters network traffic. It blocks harmful or unauthorized connections.

VPN (Virtual Private Network)

A VPN creates an encrypted tunnel across the Internet. Used for secure remote access.

Proxy Servers

A proxy sits between users and the Internet.

It:

  • Filters traffic

  • Hides internal addresses

  • Adds security and privacy

DNS

DNS converts names into IP addresses.

Example: www.example.com IP address

DNS must be protected but does not secure the network itself.

Intrusion Detection & Prevention

IDS detects attacks. IPS detects and blocks attacks.

They can:

  • Alert admins

  • Block IPs

  • Close ports

  • Stop connections

Network Access Control (NAC)

NAC checks devices before allowing them on the network.

It ensures systems have:

  • Antivirus

  • Security patches

  • Firewalls

  • Authorization

Non-compliant devices can be blocked.