Muhammad Numan Ghani bin Mohd Anaam

DMTWEF08070019

Tools Available to Achieve Site Security

Encryption
In cryptography, encryption is the process of transforming information (referred to
as plaintext) using an algorithm (called cipher) to make it unreadable to anyone
except those possessing special knowledge, usually referred to as a key. The
result of the process is encryptedinformation (in cryptography, referred to
as ciphertext). In many contexts, the word encryption also implicitly refers to the
reverse process,decryption (e.g. “software for encryption” can typically also
perform decryption), to make the encrypted information readable again (i.e. to
make it unencrypted).

Firewalls
A firewall is a part of a computer system or network that is designed to block unauthorized
access while permitting authorized communications. It is a device or set of devices configured
to permit, deny, encrypt, decrypt, or proxy all (in and out) computer traffic between
different security domains based upon a set of rules and other criteria.

Authentication
Authentication is the act of establishing or confirming something (or someone) as authentic,
that is, that claims made by or about the subject are true ("authentification" is a variant of this
word). This might involve confirming the identity of a person, tracing the origins of an artifact,
ensuring that a product is what its packaging and labeling claims to be, or assuring that a
computer program is a trusted one.

Tunneling
Tunneling typically contrasts with a layered protocol model such as those
of OSI or TCP/IP. The tunnel protocol usually (but not always) operates at a higher
level in the model than does the payload protocol, or at the same level. Protocol
encapsulation carried out by conventional layered protocols, in accordance with
the OSI model or TCP/IP model (for example: HTTP over TCP over IP over PPP over
a V.92 modem) does not count as tunneling.

Intrusion Detection
In Information Security, intrusion detection is the act of detecting actions that
attempt to compromise the confidentiality, integrity oravailability of a resource.
When Intrusion detection takes a preventive measure without direct human
intervention, then it becomes an Intrusion-prevention system.

Virtual Private Networks

A virtual private network (VPN) is a computer network in which the links between
nodes are formed over logical connections or virtual circuitsbetween hosts of a
larger network, such as the Internet. The Link Layer protocols of the virtual
network are said to be tunneled through the transport network.

Access Controls
An access control system is a system which enables an authority to control access
to areas and resources in a given physical facility or computer-based information
system. An access control system, within the field of physical security, is
generally seen as the second layer in the security of a physical structure.
Proxy/Agent Systems
In communications, a proxy is something that acts as a server, but when given
requests from clients, acts itself as a client to the real servers. Analogy: Consider
talking to somebody who speaks a foreign language through a translator. You talk
to the translator, who receives your statements, then regenerates something else
completely to the other end. The translator serves as your proxy. Key point: The
communication terminates at the proxy. In other words, the proxy doesn't forward
data so much as it tears it completely apart.

Security Tools
In the computer industry, refers to techniques for ensuring that datastored in
a computer cannot be read or compromised by any individuals without
authorization. Most security measures involve data encryptionand passwords.
Data encryption is the translation of data into a form that is unintelligible without
a deciphering mechanism. A password is a secret word or phrase that gives
a user access to a particular program or system.

Network Security Tools

Network security involves all activities that organizations, enterprises, and
institutions undertake to protect the value and ongoing usability of assets and the
integrity and continuity of operations. An effective network security strategy
requires identifying threats and then choosing the most effective set of tools to
combat them.

Digital Signature
A digital signature or digital signature scheme is a mathematical scheme for
demonstrating the authenticity of a digital message or document. A valid digital
signature gives a recipient reason to believe that the message was created by a
known sender, and that it was not altered in transit. Digital signatures are
commonly used for software distribution, financial transactions, and in other cases
where it is important to detect forgery and tampering. Examples are electronic
mail, contracts, or a message sent via some other cryptographic protocol.

Digital Envelope
A type of security that uses two layers of encryption to protect a message. First,
the message itself is encoded using symmetric encryption, and then the key to
decode the message is encrypted using public-key encryption. This technique
overcomes one of the problems of public-key encryption, which is that it is slower
than symmetric encryption. Because only the key is protected with public-key
encryption, there is very littleoverhead. Examples are email, sms, mms.

Digital Certificate
A type of security that uses two layers of encryption to protect a message. First,
the message itself is encoded using symmetric encryption, and then the key to
decode the message is encrypted using public-key encryption. This technique
overcomes one of the problems of public-key encryption, which is that it is slower
than symmetric encryption. Because only the key is protected with public-key
encryption, there is very littleoverhead. As an example, when a user connects
to https://www.example.com/ with their browser, if the browser gives no
certificate warning message, then the user can be sure that interacting
with https://www.example.com/ is equivalent to interacting with the entity in
contact with the email address listed in the public registrar under "example.com",
even though that email address may not be displayed anywhere on the web site.
No other surety of any kind is implied.