Modern Network Security and Cloud Infrastructure
Types of Network Firewalls
- Packet Filtering Firewall: Filters packets using IP, port, and protocol rules at the network layer, providing fast but basic stateless security.
- Circuit-Level Gateway: Verifies session establishment, such as the TCP handshake at the session layer, without checking actual data content.
- Stateful Inspection Firewall: Tracks active connections and uses context-based decisions, offering better security than packet filtering.
- Application-Level Gateway: Works as a proxy and inspects
Understanding the TCP/IP Model and Cyber Attack Targets
Understanding the TCP/IP Model
The TCP/IP Model (Transmission Control Protocol / Internet Protocol) is a communication framework used for transmitting data over the internet. It defines how data should be sent, received, and processed.
The TCP/IP model consists of four distinct layers:
Layers of the TCP/IP Model
- Application Layer: Provides services to users such as email, web browsing, and file transfer.
- Transport Layer: Ensures reliable data transmission and manages the flow of data between devices.
Core Principles of Computer Security and Network Defense
Fundamentals of Computer Security
Computer security protects automated information system resources to preserve CIA (Confidentiality, Integrity, Availability), plus authenticity and non-repudiation, through effective risk management (Probability × Impact).
- Confidentiality: Prevents unauthorized disclosure; privacy ensures control over personal information.
- Integrity: Ensures authorized changes only; data and system integrity prevent tampering.
- Availability: Guarantees timely, reliable access for authorized
Bayesian Networks and Probabilistic Graphical Models
1. Bayesian Networks (Directed Models)
Joint Probability Factorization:
P(X₁, X₂, ..., Xₙ) = Π P(Xᵢ | parents(Xᵢ))
Variable Types:
Observed: User inputs and sensor measurements (Uₜ, Zₜ)
Latent/Hidden: States and landmarks (Xₜ, L)
Example Factorization:
P(uₜ, l, xₜ, xₜ₊₁, zₜ, zₜ₊₁) = P(uₜ)P(l)P(xₜ|uₜ)P(xₜ₊₁|xₜ)P(zₜ|xₜ,l)P(zₜ₊₁|l,xₜ₊₁)
2. Conditional Independence and D-Separation
Blocking Rules:
Chain (A → B → C): Blocked if
Intranet Architecture, Security and Network Protocols
1. Intranet Concepts and Architecture
An intranet is a private internal network of an organization that uses Internet technologies such as TCP/IP, web browsers, and HTTP to facilitate secure communication, information sharing, and collaboration among employees. It creates a centralized digital environment where users can access internal documents, applications, and databases. The architecture of an intranet typically follows a client-server model consisting of client devices, web servers, application
Read MoreWeb Application Security Testing and Secure SDLC Practices
PART 1 – FOUNDATIONS (Week 9)
- SDLC Phases (exact order): Planning → Requirements → Architecture & Design → Coding → Testing → Release → Maintenance. Definition: SDLC (Software Development Life Cycle): a structured framework for building and maintaining software to ensure quality and efficiency. (How: sequential or iterative like Agile; why: prevents chaos and integrates security early to avoid costly rework.)
- Shift-Left Principle: Security from commit #1 → 60–100× cheaper than