Many things need to be kept in mind to keep your organization's data secure. It is because cybercriminals will try to breach your system by every means possible. In this chapter, you will come across the various concepts and techniques that are used for preserving the security of information and other related assets in an organization or firm.
This is a set of rules and procedures set up for all employees and individuals regarding how the assets and information of that organization will be accessed and utilized. Various security policies will permit the employees to enforce corporate assets with rules and specific actions. These security policies are set on the firewalls of the network, which after all brings certain security restrictions on corporate data and other digital assets:
- Security on specific file formats.
- NAT (Network Address Translation).
- Quality of Service (QoS), decryption procedures.
- Policy-Based Forwarding (PBF).
- Application Overriding policies.
- Authentication policies.
- Zone protection policies.
- Denial of Service (DoS) prevention.
These are some of the major policies set up in any organization or firm. All these diverse policies function jointly to allow, deny, forwarding data packets, encrypting and decrypting packets, authenticating particular access, making exceptions, and prioritizing data packets as required for preserving the security of the organization's network.
A port scan is a process used to determine the opened ports of a network. As logical ports on any system provide a way for information to be sent and received, so, port scanning is the comparable way of knocking on the doors of ports for seeing whether anyone is home or not. When a port scanning is done on a network or server, it reveals some unwanted and opened ports opened for listening, which means for receiving information. This technique also helps to reveal the existence of security devices like firewalls on the same network. This method or practice is termed fingerprinting. Network security and its strength concerning firewalls can also be tested through this approach.
Some of the famous port scanning techniques are:
- SYN Scan: It is also known as a half-open scan, which sends an SYN and waits for an SYN-ACK response. Once the response is received, the scanner will never respond again.
- XMAS and FIN Scan: It is a particular type of scan that gathers information without logging itself into any target system.
- Vanilla / Basic Scan: It is another scanning technique that tries to connect all 65536 ports at a single attempt and time. It first sends an SYN flag, and once the SYN-ACK is received, it sends the ACK flag again back to the target system.
- FTP Bounce Scan: It helps keep the anonymity and in scans by bouncing the sender's location through various FTP servers.
- Sweep Scan: is used to ping the same port for scanning across a collective network for identifying which systems on the network are active.
URL Filtering Technique
URL filtering is a technique that limits the accessing of unwanted URLs by contrasting web traffic against a database for preventing employees from accessing unproductive, malicious, or harmful sites. Employees and users surf different websites, and many sites keep on redirecting its users, who can ultimately drag the user to any phishing page or malicious site. Through these users' help, cybercriminals can get their hands dirty by stealing beneficial information and degrade business productivity. Such unfettered employee activity can expose the organization to a comprehensive security threat.
So, many companies use the URL filtering practice for preventing employees from accessing infertile sites.