Network security consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.

Network security involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority. Network security covers a variety of computer networks, both public and private, that are used in everyday jobs; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: It secures the network, as well as protecting and overseeing operations being done. The most common and simple way of protecting a network resource is by assigning it a unique name and a corresponding password.


Types of Attacks

Networks are subject to attacks from malicious sources. Attacks can be from two categories: “Passive” when a network intruder intercepts data traveling through the network, and “Active” in which an intruder initiates commands to disrupt the network’s normal operation or to conduct reconnaissance and lateral movement to find and gain access to assets available via the network.


Types of attacks include:

  • Passive
    • Network
      • Wiretapping
      • Port scanner
      • Idle scan
      • Encryption
      • Traffic Analysis
  • Active:
  • Virus
  • Eavesdropping
  • Data Modification
    • Denial-of-service attack
    • DNS spoofing
    • Man in the middle
    • ARP poisoning
    • VLAN hopping
    • Smurf attack
    • Buffer overflow