Confidentiality - Prevent unauthorized users from gaining information about the network
Availability - Users has access to information services and network resources.
Functionality - Preventing attackers from altering the capabilities, or normal operation of the network
Access Control - It keep attackers, or unauthorized employees, from accessing internal resources.
Death of the Perimeter - It is a phrase used by network administrators to convey the idea that creating a 100 percent network is impossible.
The Castle Model - It is a network defense had the good guys on the inside and the attackers on the outside
The City Model - It has no distinct perimeter, and there are multiple ways of entering the network. These are much more complex than the security requirements for a castle.
Intrusion Detection System - It is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered.
Virtual LAN - It is a logical overlay network that groups together a subset of devices that share a physical LAN, isolating the traffic for each group.
Central Authentication Service - It is a single sign-on protocol for the web and its purpose is to permit a user to access multiple applications while providing their credentials only once.
Encrypted Internal Traffic - Encryption is a data security practice that converts normal, readable information intro an unintelligible cypher.
Denial-of-Service Attack - This attack attempts to make a server or network unavailable to serve legitimate users by flooding it with attack packets.
Direct DOS Attack - It occurs when an attacker tries to flood a victim with a stream of packets directly from the attacker's computer.
Indirect DOS Attack - It tries to flood the victim computer in the same way, but the attacker's IP adress is spoofed and the attack appears to come from another computer.
Intermediary - It typically referred to as bots, are actually compromised hosts running malware controlled by the attacker
The DOS Attack begins when the botmaster, the attacker who controls the bots, sends a signal for the bots to attack the victim
Botnet - It is a network of infected computer that work together to carry out an attacker's goals.
Handlers - These are an additional layer of compromised hosts that are used to manage large groups of bots.
Handlers sometimes known as command-and-control-servers , make coordinating an attack easier and less conspicuous.
Reflected Attack - It uses responses from legitimate services to flood a victim
Smurf Flood - It is a variation of a reflected attack that takes advantage of an incorrectly configured network device to flood a victim.
Sending Malformed Packets - It used by attackers to send mal formed packets that will cause the victim to crash
Ping of Death - It uses an illegaly large IP packet to crash the victim's operating system and it is rarely used anymore.
Flooding - It work by sending a vast number of message whose processing consumes some key resourse at the target
Spoofing - The direct attacks are rare and attackers do not likely to directly attack victims because their source IP address is shown on all incoming packet. They hid their IP address.
Backscatter - It is a side effect of an attacker spoofing an IP address. it occurs when a victim sends responses to the spoofed IP address used by the attacker, and inadvertently floods an unintended victim.
SYN - It is a TCP packet sent to another computer requesting that a connection be established between them.
SYN-ACK - It is a message from the server back to the client
SYN Flood - A victim is flooded with SYN packets is an attempt to make many half-open TCP connections.
Ping Flood - A victim is flood with ICMP packets also known as echo requests that appear to be normal supervisory traffic.
HTTP Flood - A victim, typically a webserver, is flooded with application layer web requests.
Black Holing - Dropping all IP packets from an attacker and it is not a good long term stragery because attackers can quickly change source IP addresses.
Validating the Handshake - Some firewalls adress SYN floods by pre-validating the TCP handshake
Validating the Handshake - This is done by creating false opens. Whenever a SYN segment arrives, the firewall itself sends back a SYN/ACK segment, without passing the SYN segmenet on to the target server.
Rate Limiting - For more subtle DoS attacks, it can be used to reduce a certain type of traffic to a reasonable amount
Address Resolution Protocol - It is a protocol that enables network communications to reach specific device on the network. It translates to a Media Access Control.
ARP Poisoning - It is a man in the middle attack that allows attackers to intercept communication between network devices.
Access Control for Networks - LANs within corporate sites also require additional protection to ensure confidentiality of data as it is sent across internal networks.
Access Control Threats - Wireless LANs have even deeper access threats than wired LANs and an intruder can connect by radio to an unprotected wireless access point.
Drive-by Hacker - They can sit in a car outsited the corporate walls. With a high-gain antenna, in fact, the intruder can be far enough away to be invisible from the building