Secure Network Practices | Cyber Security Tutorial - Learn with VOKS
Advance AI Bootstrap C C++ Computer Vision Content Writing CSS Cyber Security Data Analysis Deep Learning Email Marketing Excel Figma HTML Java Script Machine Learning MySQLi Node JS PHP Power Bi Python Python for AI Python for Analysis React React Native SEO SMM SQL
Back Next
Cyber Security
01. Introduction 02. Types of Cyber Threats 03. Cyber Security Domains 04. CIA Triad (Confidentiality Integrity Availability) 05. Career paths in Cyber Security 06. Certifications 07. Ethics and Responsible Disclosure 08. Laws and Regulation (e.g. GDPR, NDPR) 09. What is an OS? 10. Types: Window, Linus, macOS 11. Command-line vs GUI 12. OS Internals Overview (filesystems, processes, permissions) 13. Windows command prompt basics 14. Linux Bash Basics 15. File System Navigation 16. Basic Scripting 17. IP Addressing 18. DNS, DHCP 19. Mac Address 20. OSI VS TCP/IP Models 21. Ports and Protocols (TCP, UDP) 22. Common Protocols (HTTPS, FTP, SSH, etc.) 23. Packet structure 24. Firewalls, IDS/IPS, VPNs 25. Common attacks: MITM, Sniffing 26. Secure Network Practices 27. How the Web works 28. HTTP vs HTTPS 29. URLs, Headers, Cookies 30. Client-Server Architecture 31. Introduction To Web Security 32. OWASP Top 10 Overview 33. Common Threats (XSS, SQLi, CSRF) 34. Inpute validation and authentication flow 35. Basic Exploitation demo (e.g. XSS) 36. Burp Suite Introduction 37. Using a Browser For Testing 38. Password security 39. MFA-Antivirus 40. Cyber Hygeine Practice 41. Intro To Tools: Nmap, Wireshark, Netstat

Secure Network Practices

Secure Network Practices

Secure Network Practices are the methods and rules used to protect computer networks from unauthorized access, attacks, data theft, and misuse. A network can be as small as a home Wi-Fi connection or as large as a corporate infrastructure connecting thousands of devices.

What Is Network Security?

Network Security is the protection of devices, data, and communication within a network.

When devices communicate, they send data in packets. If security controls are weak or missing, attackers can:

  • Intercept data
  • Modify data
  • Steal passwords
  • Install malware
  • Take control of systems

Secure network practices are designed to prevent these risks.

Why Secure Network Practices Are Important

Without proper security:

  • Sensitive data can be stolen
  • Financial loss can occur
  • Personal identity can be compromised
  • Organizations can face legal penalties
  • Systems can be shut down by ransomware

Good security reduces these risks significantly.

Strong Password Policies

One of the simplest but most important security practices is using strong passwords.

What Makes A Strong Password?

  • At least 12–16 characters
  • Mix of uppercase and lowercase letters
  • Numbers
  • Special characters
  • Not based on personal information

Example of a weak password:


password123

Example of a strong password:


T7&kL9!zP4@xQ2

Organizations should enforce password policies that require complexity and periodic updates.

Multi-Factor Authentication (MFA)

Multi-Factor Authentication requires more than one method of verification:

  • Something you know (password)
  • Something you have (phone, token)
  • Something you are (fingerprint)

Even if a password is stolen, MFA prevents easy access.

Encryption

Encryption converts readable data (plaintext) into unreadable data (ciphertext).

Only someone with the correct key can decrypt it.

Why Encryption Is Important

If someone intercepts encrypted data, they cannot read it.

Example of plaintext:


Username: admin
Password: 123456

Example of encrypted form:


4f2a8c9e1b3d7f...

HTTPS And TLS

Websites should use HTTPS instead of HTTP.

HTTPS uses TLS (Transport Layer Security) to encrypt communication between browser and server.

Firewalls

A firewall is a security system that monitors and controls incoming and outgoing network traffic.

It allows or blocks traffic based on predefined security rules.

Example Firewall Rule Concept

  • Allow web traffic (port 443)
  • Block unknown external access
  • Allow internal communication

Example configuration snippet (Linux iptables):


sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -A INPUT -j DROP

Explanation:

  • First rule allows HTTPS traffic.
  • Second rule blocks all other incoming traffic.

Network Segmentation

Network segmentation divides a large network into smaller sections (subnets or VLANs).

This limits damage if one section is compromised.

Example:

  • Separate employee network
  • Separate guest Wi-Fi
  • Separate server network

If a guest device is infected, it cannot directly access company servers.

Regular Software Updates And Patch Management

Software often contains vulnerabilities.

Vendors release patches to fix them.

Best practice:

  • Enable automatic updates
  • Regularly update routers, switches, and firewalls
  • Update operating systems and applications

Unpatched systems are one of the most common attack targets.

Secure Wi-Fi Configuration

For wireless networks:

  • Use WPA3 encryption (or at least WPA2)
  • Disable WPS
  • Change default router credentials
  • Hide or customize SSID if necessary

Never leave Wi-Fi open without a password.

Intrusion Detection And Prevention Systems (IDS/IPS)

IDS monitors traffic for suspicious behavior.

IPS can automatically block detected threats.

These systems help detect:

  • Brute force attacks
  • Malware communication
  • Suspicious network scanning

Access Control

Access Control ensures users only access what they need.

Principle Of Least Privilege:

Users should only have the minimum permissions required.

Example:

  • Regular employee should not have administrator access.
  • Database access restricted to authorized staff only.

Secure Remote Access

Remote access should use secure protocols:

  • VPN (Virtual Private Network)
  • SSH instead of Telnet
  • RDP secured with encryption and MFA

Example of secure SSH connection:


ssh user@192.168.1.10

Telnet should never be used because it sends data in plain text.

Logging And Monitoring

Logs record system and network activity.

Administrators should:

  • Monitor login attempts
  • Detect unusual traffic spikes
  • Review failed authentication attempts

Logging helps detect and investigate attacks.

Backup Strategy

Backups protect against data loss from:

  • Hardware failure
  • Ransomware
  • Accidental deletion

Best practices:

  • Perform regular backups
  • Store backups offline or in secure cloud storage
  • Test restoration procedures

Security Awareness Training

Technology alone is not enough.

Users must understand:

  • Phishing emails
  • Social engineering
  • Safe browsing habits
  • Reporting suspicious activity

Human error is one of the biggest security risks.

Example Secure Configuration Script (Basic Linux Server Setup)

Below is a simple example combining firewall setup and SSH hardening.


# Update system
sudo apt update && sudo apt upgrade -y

# Install firewall
sudo apt install ufw -y

# Allow SSH and HTTPS
sudo ufw allow 22/tcp
sudo ufw allow 443/tcp

# Enable firewall
sudo ufw enable

# Disable root SSH login (edit ssh config)
sudo sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config

# Restart SSH service
sudo systemctl restart ssh

This script:

  • Updates the system
  • Installs and enables firewall
  • Allows secure ports
  • Disables root SSH login

This improves baseline server security.

Example Code:
# Example strong password (do not use directly)
T7&kL9!zP4@xQ2

# Example firewall rules using iptables
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -A INPUT -j DROP

# Example SSH connection
ssh user@192.168.1.10

# Example secure Linux server setup script
sudo apt update && sudo apt upgrade -y
sudo apt install ufw -y
sudo ufw allow 22/tcp
sudo ufw allow 443/tcp
sudo ufw enable
sudo sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config
sudo systemctl restart ssh
Cyber Security
Introduction Types of Cyber Threats Cyber Security Domains CIA Triad (Confidentiality Integrity Availability) Career paths in Cyber Security Certifications Ethics and Responsible Disclosure Laws and Regulation (e.g. GDPR, NDPR) What is an OS? Types: Window, Linus, macOS Command-line vs GUI OS Internals Overview (filesystems, processes, permissions) Windows command prompt basics Linux Bash Basics File System Navigation Basic Scripting IP Addressing DNS, DHCP Mac Address OSI VS TCP/IP Models Ports and Protocols (TCP, UDP) Common Protocols (HTTPS, FTP, SSH, etc.) Packet structure Firewalls, IDS/IPS, VPNs Common attacks: MITM, Sniffing Secure Network Practices How the Web works HTTP vs HTTPS URLs, Headers, Cookies Client-Server Architecture Introduction To Web Security OWASP Top 10 Overview Common Threats (XSS, SQLi, CSRF) Inpute validation and authentication flow Basic Exploitation demo (e.g. XSS) Burp Suite Introduction Using a Browser For Testing Password security MFA-Antivirus Cyber Hygeine Practice Intro To Tools: Nmap, Wireshark, Netstat
All Courses
Advance AI Bootstrap C C++ Computer Vision Content Writing CSS Cyber Security Data Analysis Deep Learning Email Marketing Excel Figma HTML Java Script Machine Learning MySQLi Node JS PHP Power Bi Python Python for AI Python for Analysis React React Native SEO SMM SQL