Mada za sehemu hiiDemonstrate understanding of computer networksMada 7
- Demonstrate understanding of OSI and TCP/IP Reference models, transmission media, wireless transmission, the public switched telephone networks, mobile telephone system and Network protocols (HTTP, FTP, IP, PPP, etc)
- Develop understanding of Data link layer (Switched LANs: Link-Layer Addressing and ARP, Ethernet, Link-Layer Switches, VLANs)
- Create a network that make use of wireless or Ethernet technology
- Develop understanding of Network layer (design issues, routing algorithms, Congestion control algorithms, Internetworking, the network layer in the internet (IPv4 and IPv6), Quality of Service)
- Elaborate the transport layer (Transport service, elements of transport protocol, Simple Transport Protocol, Internet transport layer protocols: UDP and TCP)
- Describe the application layer (Domain name system, electronic mail, World Wide Web: architecture; dynamic web document and http)
- Apply network security principles, tools and protocols in computer networks
Network Security Principles, Tools and Protocols
Network security protects the underlying networking infrastructure from unauthorized access, modification, destruction, or disclosure. It ensures that networks perform their critical functions correctly without harmful side effects. For any organization in Tanzania—whether a school, a government office, or a business—protecting network resources is essential because computers are more vulnerable today due to global Internet access, and the rise in cybercrime affects everyone.
Network security focuses on maintaining three core principles, often called the CIA triad:
- Confidentiality ensures that data, objects, and resources are protected from unauthorized access or viewing. Only authorized persons should see sensitive information.
- Integrity ensures the accuracy and consistency of data, preserving its reliability and preventing unauthorized alterations. Data must arrive exactly as sent.
- Availability ensures that data, network resources, or services are consistently accessible to legitimate users whenever needed. Authorized users should not be denied access.
Understanding threats helps us implement appropriate defenses. The common threats that attackers use to penetrate networks include:
Unauthorized Access
This occurs when attackers access a network without permission. Causes include weak passwords, lack of protection against social engineering, previously compromised accounts, and insider threats. For example, an attacker using default passwords on network devices at a Tanzanian government office could gain access to sensitive systems.
Distributed Denial of Service (DDoS) Attacks
DDoS attacks attempt to make a website, service, or entire infrastructure unavailable by simultaneously attacking a victim from several compromised systems. Attackers flood the target with traffic, overwhelming servers and preventing legitimate users from accessing services.
Man-in-the-Middle Attacks
Attackers intercept traffic between your network and external sites or within your network. If communication protocols are not secured, attackers can steal data being transmitted, obtain user credentials, and hijack sessions. This is particularly dangerous when users access online banking or mobile money services.
Code and SQL Injection Attacks
Many websites accept user inputs without proper validation. Attackers can pass malicious code instead of expected data values, executing the code on the server to compromise systems.
Privilege Escalation
Once attackers penetrate a network, they expand their reach. Horizontal privilege escalation involves gaining access to additional adjacent systems, while vertical escalation means gaining higher-level privileges on the same systems.
Insider Threats
Malicious insiders with privileged access to organizational systems can cause significant damage. These threats are challenging to detect because insiders do not need to penetrate the network from outside.
Vulnerabilities are weaknesses that attackers exploit. Common network security vulnerabilities include:
- DNS Hacking Attacks: The Domain Name System converts domain names into IP addresses. Attackers can manipulate DNS to redirect users to malicious sites.
- Routing Table Poisoning Attacks: Attackers modify routing tables by altering routing information update packets, leading to network congestion, routing loops, or unauthorized data access.
- Packet-Mistreatment Attacks: Hackers intercept and manipulate data packets during transmission, causing network congestion or denial of service.
- Denial-of-Service (DoS) Attacks: These prevent users from accessing normally available services, potentially disabling critical servers for hours.
Effective network security uses multiple layers of protection. These measures are implemented at different levels:
Physical Security Networks
Physical security prevents unauthorized access to physical network devices such as routers, switches, and cabling cabinets. Every organization must implement controlled access measures including locks, biometric passwords, and security personnel. Server rooms should have restricted entry, and CCTV cameras should monitor entry points.
Technical Security Networks
Technical security controls protect information transmitted over the network. This includes both incoming and outgoing data safeguards, defending information and devices from unauthorized access while preventing unauthorized actions from within the organization.
Administrative Network Security
Administrative controls manage end-user behavior, encompassing authentication, access levels, and infrastructure implementation. This involves establishing security policies and processes, defining user roles and permissions, and training staff on security awareness.

Firewalls
A firewall is a system that prevents unauthorized access to or from a private network. It examines each message entering and leaving the network and allows only authorized messages to pass through. Firewalls can be implemented in hardware, software, or both.
Types of Firewalls:
- Application Gateways (Application-level control): Provide application-level control over network traffic, acting as proxies for specific applications.
- Packet Filtering: Routers use Access Control Lists (ACLs) to filter traffic based on source/destination IP addresses, ports, and protocols.
- Hybrid Systems: Combine the security of application layer gateways with the flexibility of packet filtering.
Firewall Configuration Example:
In Cisco Packet Tracer, you can configure a basic firewall rule on a router:
! Block telnet traffic from outside
access-list 101 deny tcp any any eq 23
! Allow all other traffic
access-list 101 permit ip any any
! Apply to external interface
interface FastEthernet 0/0
ip access-group 101 in
This configuration blocks telnet (port 23) incoming from external networks while permitting other traffic.
Virtual Private Networks (VPN)
VPNs create secure connection points on a public network, allowing nodes to communicate as if using private lines. Messages within VPN are encrypted to prevent interception by unauthorized users. For example, teachers working from home can use VPN software to securely access their school's internal network.
Encryption
Encryption converts sensitive data into unreadable code, protecting it from unauthorized access during transmission or storage. SSL/TLS (Secure Sockets Layer/Transport Layer Security) are common encryption protocols securing data transmitted over networks. When you see "https://" in a browser address bar, TLS is protecting your connection.
Antivirus and Antimalware Software
Computer viruses are malicious software programs loaded onto computers without knowledge. Antivirus software detects, prevents, and removes malicious programs. Examples include malware, Trojan horses, and worms that can damage systems or steal data.
Network Access Control (NAC)
NAC verifies and enforces the security compliance of devices seeking to connect to a network. Only authorized and properly configured devices can access network resources. This ensures that devices meet security requirements (such as updated patches and current antivirus definitions) before being granted network access.
Security Information and Event Management (SIEM)
SIEM systems collect, analyze, and correlate security event data from various network devices and applications to identify and respond to security threats in real-time. They help security administrators detect attacks that might otherwise go unnoticed.
The following measures help secure computer networks:
- Use strong firewalls and proxies to keep unwanted users out
- Implement VPNs for remote access to private networks
- Install antivirus and Internet security software on all devices
- Use strong passwords and change them regularly (weekly or monthly)
- Secure wireless connections with strong encryption (WPA3)
- Ensure physical security—lock server rooms and equipment cabinets
- Monitor networks using network analyzers and intrusion detection systems
- Implement physical security measures like CCTV for monitoring
- Train employees on security awareness and social engineering prevention
- Keep systems updated with security patches
Scenario: You are the network administrator at Mtakuja Secondary School. The school network has a router connected to the Internet and an internal network with computers. You need to configure the router to allow HTTP (port 80) and HTTPS (port 443) traffic from the Internet to reach the web server, while blocking all other incoming traffic.
Steps in Cisco Packet Tracer:
- Add a router (2911) and connect it to a switch and an external network
- Add a server and connect it to the internal network
- Configure the server with HTTP and HTTPS services
- Configure an access-list on the router:
Router> enable
Router# configure terminal
Router(config)# access-list 100 permit tcp any host 192.168.1.10 eq 80
Router(config)# access-list 100 permit tcp any host 192.168.1.10 eq 443
Router(config)# access-list 100 deny ip any any
Router(config)# interface FastEthernet 0/1
Router(config-if)# ip access-group 100 in
Router(config-if)# exit
Router(config)# end
Router# copy running-config startup-config
This configuration:
- Allows HTTP (port 80) traffic to the web server at 192.168.1.10
- Allows HTTPS (port 443) traffic to the same server
- Blocks all other incoming traffic
- Applies the rule to the interface connected to the Internet
- Test by attempting to access the server from an external PC using various services
In Tanzania, network security is essential for mobile money services like M-Pesa, where thousands of transactions happen daily. When you send money or buy airtime using your phone, encryption protocols (SSL/TLS) and secure network connections protect your transaction details from attackers. Understanding network security principles helps you appreciate why you should avoid using public Wi-Fi when accessing mobile banking, and why organizations like banks and schools implement firewalls and access controls to protect their systems and customer data.
Swali
Which of the following is NOT one of the three core principles in the CIA triad of network security?
Ingia ili kuwasilisha jibu lako na lihesabiwe katika umahiri wako.
Ingia ili kufanya mazoeziMwalimu
Umekwama? Niulize chochote kuhusu mada hii.
Ingia ili kumuuliza Mwalimu wa AI wa Sonza kuhusu swali hili.
Ingia ili kuuliza