TABLE OF CONTENTS Threats to a network can come from someone intending to do harm, or from a malicious source a user inadvertently activates. Both can arise as a result of security policy violations. Threats can compromise the following three goals of network security:
Confidentiality Protects information from unauthorized disclosure or intelligible interception by permitting it to be seen only by the intended parties in a conversation. Encryption (such as virtual private networks [VPNs]) can ensure confidentiality.
Integrity Ensures that information is not altered (intentionally or accidentally) without authorization or while en route to the authorized receiver. Checksum or hash values from protocols such as Message Digest 5 (MD5) or Secure Hash Algorithm (SHA) (used in Secure Internet Protocol [IPsec] ]) can validate the integrity of received information.
Availability Assures that information and services are accessible and functional when needed and authorized. There are a variety of means, including design redundancy (Hot Standby Router Protocol [HSRP], firewall failover), data backups, spare parts, uninterruptible power supplies, and secure architectures.
Threats are many and varied. Some are natural such as weather and climate, while others are human. Threats from humans (hackers, crackers, disgruntled employees, and so forth) are the most difficult to predict and control. As a security engineer, the "why" (the reason for the attack) is not as important as the "how" (how to prevent and stop the attack).
Malicious code includes Trojan horses (where a harmful function is hidden inside an application that appears harmless. Viruses are threats to networks and information.
