📘 Defense Against Network Attacks — Exam Notes (Network Security)
🔐 1. Definition
Defense against network attacks refers to the methods, tools, and strategies used to detect, prevent, and respond to cyber attacks on a network.
👉 Simple idea:
It is about protecting systems and data from hackers, malware, and other threats.
🎯 2. Objectives of Defense Mechanisms
- Prevent unauthorized access
- Detect attacks quickly
- Minimize damage
- Ensure data confidentiality, integrity, and availability (CIA)
- Maintain normal network operations
🧱 3. Types of Defense Strategies
🔸 1. Preventive Controls
🔸 2. Detective Controls
🔸 3. Corrective Controls
🛡️ 4. Common Security Tools
🔹 Firewall
- Filters incoming/outgoing traffic.
- Blocks unauthorized access.
🔹 Intrusion Detection System (IDS)
- Monitors network for suspicious activity.
🔹 Intrusion Prevention System (IPS)
- Detects and actively blocks attacks.
🔹 Antivirus / Anti-malware
- Detects and removes malicious software.
🔹 Virtual Private Network (VPN)
- Creates secure, encrypted communication over public networks.
🔐 5. Encryption and Secure Communication
🔸 Encryption
- Converts data into unreadable form.
🔸 HTTPS
- Secure web communication using encryption.
🔑 6. Network Defense Techniques
🔹 Patch Management
- Regularly update software to fix vulnerabilities.
🔹 Network Segmentation
- Divide network into smaller parts to limit attack spread.
🔹 Strong Authentication
- Use multi-factor authentication (MFA).
🔹 Access Control
🔹 Backup and Recovery
- Maintain backups to restore data after attacks.
⚠️ 7. Defense Against Common Attacks
🔸 Malware Defense
- Use antivirus
- Avoid suspicious downloads
🔸 Phishing Defense
- User awareness training
- Email filtering
🔸 DoS/DDoS Defense
- Traffic filtering
- Load balancing
🔸 MITM Defense
- Use encryption (HTTPS, VPN)
🔸 Password Attack Defense
- Strong passwords
- Account lockout policies
🧠 8. Defense Principles
🔹 Defense in Depth
- Multiple layers of security.
🔹 Least Privilege
🔹 Zero Trust Model
- “Never trust, always verify.”
📊 9. Important Rule
🔸 Security Layer Concept
Security = Multiple Layers (Not Single Control)
👉 No single tool can provide complete security.
🖼️ 10. Diagram Descriptions
📌 Defense in Depth Diagram
-
Multiple layers:
- Firewall → IDS → Antivirus → Data protection
📌 Network Segmentation
- Divide network into zones (e.g., internal, DMZ).
📌 Attack Detection Flow
- Attack → Detection → Response → Recovery
🧾 11. Real-Life Examples
- 🏦 Banks use MFA and encryption for secure transactions
- 🏢 Companies use firewalls and IDS to protect networks
- 🌐 Websites use HTTPS to secure communication
- 💾 Organizations keep backups to recover from ransomware
📝 Likely Exam Questions
- Define defense against network attacks.
- Explain preventive, detective, and corrective controls.
- What is a firewall? Explain its role.
- Differentiate between IDS and IPS.
- Explain defense in depth principle.
- How can DDoS attacks be prevented?
- What is network segmentation?
- Explain VPN and its importance.
- Describe methods to defend against phishing attacks.
- Write short notes on:
📌 Quick Summary / Conclusion
- Defense against network attacks involves prevention, detection, and recovery.
- Tools like firewalls, IDS/IPS, and antivirus provide protection.
- Techniques such as encryption, segmentation, and MFA strengthen security.
- Principles like defense in depth and zero trust are essential.
👉 In short:
Effective network defense requires multiple layers of security working together to protect against various cyber threats.