Question

4) Describe the following security mechanisms:

a. Authentication

b. Authorization

c. Accounting (Auditing)

d. Data encryption

e. Packet filters

f. Firewalls

g. Intrusion Detection Systems (IDS)

h. Intrusion Prevention Systems (IPS)

Answer 1

Answer:------------

a. Authentication:- Authentication is the process of determining whether someone or something is, in fact, who or what it declares itself to be.

b. Authorization :-- Authorization is the process of giving someone permission to do or have something.

c. Accounting (Auditing):-- Accounting involves tracking, reporting, and analyzing financial transactions. It covers everything from preparing individual tax returns to preparing financial statements for multinational corporations, and is considered a fundamental discipline within the field of accounting.

d. Data encryption:-- Data Encryption is a process that encodes a message or file so that it can be only be read by certain people. Encryption uses an algorithm to scramble, or encrypt, data and then uses a key for the receiving party to unscramble, or decrypt, the information.

e. Packet filters:--- Packet filtered is an ICMP response that indicates that the ping request was actively responded to with something other than icmp reply. Most likely cause is that the router, or some other router en-route rejected the request with icmp prohibited.

f. Firewalls:-- A firewall is a network security system that monitors and controls over all your incoming and outgoing network traffic based on advanced and a defined set of security rules.

g. Intrusion Detection Systems (IDS):-- An Intrusion Detection System (IDS) is a system that monitors network traffic for suspicious activity and issues alerts when such activity is discovered. It is a software application that scans a network or a system for harmful activity or policy breaching. Any malicious venture or violation is normally reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system integrates outputs from multiple sources and uses alarm filtering techniques to differentiate malicious activity from false alarms.

h. Intrusion Prevention Systems (IPS):--- An intrusion prevention system (IPS) is a form of network security that works to detect and prevent identified threats. Intrusion prevention systems continuously monitor your network, looking for possible malicious incidents and capturing information about them. The IPS reports these events to system administrators and takes preventative action, such as closing access points and configuring firewalls to prevent future attacks. IPS solutions can also be used to identify issues with corporate security policies, deterring employees and network guests from violating the rules these policies contain.