Skip to content
Related Articles

Related Articles

Security Program Elements in CCNA

Improve Article
Save Article
  • Last Updated : 15 Jun, 2022
Improve Article
Save Article

Security Programs are the tools and controls. Confidentiality, Integrity, and Availability (CIA) also known as Key elements of security. This model is designed to guide policies for information security within an organization.

Elements of the CIA model:

Confidentiality: When it comes to confidentiality of data. Confidentiality of data refers to it being known and accessible to only authorized users. Confidentiality contains a set of rules that limits or restricts access to information and is only available to trustworthy authorized people which is called Confidentiality. Confidentiality is one of the first layers of data security.

Typically achieved by:

  • Physical isolation
  • Cryptography
  • Background Checks on people

For example, Bank account holders can view their bank account details and summary because they are registered and authenticated users verified by the bank itself.

Integrity: Integrity is defined as the overall completeness ensuring and verifying that the information is accurate, complete, reliable, consistent, and in its original form. Incomplete or corrupted data may lead to giving more danger than good so it’s very important that the information is accurate. The data sent by the source node should reach the destination node without being edited or altered once the data integrity is secure then the information stored in the database remains complete.

Typically achieved by:

  • Redundancy
  • Backups
  • Checksums and digital signatures.

For example, A corrupted database can send the Salary of the employee to another Incorrect account just because of the Incompleteness and accuracy of information.

Availability: Availability of data or information means that data is available to the registered user without any delay or any errors. In other words, availability ensures that once the user captures the data in a computer, must make the data accessible to all users when they pull a request to make it accessible. The computing resources need to be accessible to the users whenever needed. The network should be in working and operational all the time so that there is no scope and it must be robust enough to tackle and tolerate attacks and link failures.

Typically achieved by:

  • Hardening 
  • Redundancy
  • Reference checks on People

For more details, you can refer to the article: The CIA triad in Cryptography

Basic  Computer Security Rules:

  • Check if the user credentials are protected or not.
  • Day-to-day update of the operating system so that if the previous version has some vulnerabilities updated version can fix them.
  • Use only authorized software from reputable resources.
  • Use antivirus software.
  • Use a firewall in the system.
  • Check for backups regularity.
  • Deletion of private data and cookies from web browsers.

Physical Security : 

  • Security and monitoring devices.
  • Physical barriers.

Administrative Security:

  • Maintenance work and security policies.
  • Security programs.

Logical Security:

  • Firewalls
  • Authentication systems
  • End-to-End encryption schemes

Securing Network Using Computer Programs:

1. Securing Network using firewalls: A firewall is a network security system that monitors and controls the incoming and outgoing network traffic grounded on destined security rules. They are composites of programs and their main function is to cover the business inflow from outdoors to the outside and vice versa.

2. Securing network using IDS: An intrusion detection system( IDS) is a device or software operation that monitors a network or system for vicious exertion or policy malefactions. Intrusion detection systems are also important as the firewall because they help to detect the type of attack that is being done on the system and then make a solution to block them. The monitoring part like tracing logs looking for doubtful signatures and keeping a history of the events triggered they also have the network administrator check the connection integrity and authenticity that occurs.

3. Securing Network using VPN: A virtual private network extends a confident and translated connection to share data remotely through open networks. This type of network is widely used in small business or enterprise networks. It helps to shoot and admit data across the internet but in a secure and translated way generally, this network is created between two secure network biases.

My Personal Notes arrow_drop_up
Related Articles

Start Your Coding Journey Now!