Internet and Intranet | Nepal Bank Limited |Old Question 2078

 Q. What is internet and intranet? Explain the different types of security issues related to the use of internet. Briefly explain the techniques/ tools used to safeguard IT systems. (3+4+3)marks

answer:

• The Internet is a globally-connected network of computers that enables people to share information and communicate with each other. On the internet, there are multiple users and it is very unsafe. It is a public network and can be accessed by anyone. For example, Using Social media on your phone or researching resources via Google.

• An intranet, on the other hand, is a local or restricted network that enables people to store, organize, and share information within an organization. On an intranet, there are limited users and its very safe. It is a private network and is not accessible to everyone. For example,  A company used to communicate internally with its employees and share information.
• 

Since the internet is a public network there are lots of security issues which can be explained in the following ways:

1. Malicious Software

Malicious Software refers to any malicious program that causes harm to a computer system or network. Malicious Malware Software attacks a computer or network in the form of viruses, worms, trojans, spyware, adware or rootkits. Their mission is often targeted at accomplishing unlawful tasks such as robbing protected data, deleting confidential documents or add software without the user consent. Malicious software comes in many forms, such as viruses, Trojan horses, spyware, and worms.

2. Denial-of-Service Attack

A denial-of-service (DoS) attack occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor. Services affected may include email, websites, online accounts (e.g., banking), or other services that rely on the affected computer or network.

3. Phishing

Phishing attacks are counterfeit communications that appear to come from a trustworthy source but which can compromise all types of data sources. Attacks can facilitate access to your online accounts and personal data, obtain permissions to modify and compromise connected systems and in some cases hijack entire computer networks until a ransom fee is delivered.

4. Application Vulnerability

Application vulnerabilities are flaws or weaknesses in an application that can lead to exploitation or a security breach. With the enormous global reach of the Internet, web applications are particularly susceptible to attack, and these can come from many different locations across many attack vectors.

Apart from these there are many  security issues like man-in-the-middle attack, keyloggers, pharming etc. and many more.

To overcome these security issues and to protect the  IT systems we can apply the following tools and techniques. They are:

1. Firewall

Firewall is the core of security tools, and it becomes one of the most important security tools. Its job is to prevent unauthorized access to or from a private network. The firewalls are used to prevent unauthorized internet users from accessing private networks connected to the Internet. All messages are entering or leaving the intranet pass through the firewall. The firewall examines each message and blocks those messages that do not meet the specified security criteria.

2. Intrusion Detection System

In addition to firewalls, Intrusion detection systems feature full-time monitoring tools placed at the most vulnerable points or hot spots of corporate networks to detect and deter intruders continually. The system generates an alarm if it finds a suspicious or anomalous event. 

3. Design Safe Systems

 Reduce exposure to hackers and thieves by limiting access to your technology infrastructure. Minimize points of failure by eliminating unnecessary access to hardware and software, and restricting individual users’ and systems’ privileges only to needed equipment and programs. 

4. Avoid unknown email attachments

Never, ever click on unsolicited email attachments, which can contain viruses, Trojan programs or computer worms. Before opening them, always contact the sender to confirm message contents. If you’re unfamiliar with the source, it’s always best to err on the side of caution by deleting the message, then potentially blocking the sender’s account and warning others to do the same.

5. Use Disk Encryption

Whole disk encryption locks down the entire contents of a disk drive/partition and is transparent to the user. Data is automatically encrypted when it’s written to the hard disk and automatically decrypted before being loaded into memory. Some of these
programs can create invisible containers inside a partition that act like a hidden disk within a disk.

6.  Use of Public key Infrastructure

 Public key infrastructure (PKI) is a system for managing public/private key pairs and digital certificates. Because keys and certificates are issued by a trusted third party, certificate-based security is stronger. You can protect data you want to share with someone else by encrypting it with the public key of its intended recipient, which is available to anyone. The only person who will be able to decrypt it is the holder of the private key that corresponds to that public key.

Apart from these there are other techniques like keeping sensitive data out of the cloud, using secure wireless transmissions, protecting data in transit with IP security, hiding data with steganography and so on.

Thank you! Stay Safe!