1 - Computer networks and the Internet Topic rationale This topic will contribute to your learning by: describing the broad overview of computer networking and the internet explaining a network of networks examining the protocol layers explaining the network layers. By engaging in this learning, you will be working towards the following learning outcomes: be able to define and explain various internet terminologies be able to present a basic knowledge of digital data. Required reading The following sections of Chapter 1: Computer networks and the internet provide an overview of the internet terminologies and buzzwords you will need for this subject. We then engage deeper with each concept in the next topics. Section 1.1 What is the internet? Section 1.2 The network edge Section 1.3 The network core Section 1.4 Delay, loss and throughput in packet - switched networks Section 1.5 Protocol layers and their service models. Broad Overview of Computer Networking and the Internet Computer Networking refers to the practice of connecting computers and other devices together to share resources. These resources can be files, printers, or internet connections. Networks can be as simple as two computers connected in a home or as complex as a global network of billions of devices, like the Internet. The Internet is a global network that connects millions of private, public, academic, business, and government networks. It uses standardized communication protocols, primarily the TCP/IP (Transmission Control Pr otocol/Internet Protocol). Network of Networks The term "network of networks" aptly describes the Internet. It's not just one single network; instead, it's a vast collection of different types of networks (like LANs, WANs, WLANs) interconnected. These netw orks can be small, like a home network with a few devices, or massive, like a corporate network with thousands of devices. Protocol Layers Protocols are sets of rules that dictate how data is transmitted and received over the network. The layered approach helps to compartmentalize different tasks associated with networking. The most common model that explains these layers is the OSI (Open Systems Interconnection) model, which has seven layers: 1. Physical Layer: Deals with the physical connection between devices. 2. Data Link Layer: Responsible for creating a reliable link between two directly connected nodes. 3. Network Layer: Determines the best path to transfer data from source to destination. 4. Transport Layer: Ensur es end - to - end communication and data integrity. 5. Session Layer: Establishes, maintains, and terminates connections. 6. Presentation Layer: Translates data between the application and transport layers. 7. Application Layer: Where the actual communication applicati ons operate. Network Layers In the context of the Internet and TCP/IP protocol suite, the layers are often described as: 1. Link Layer (or Network Interface Layer): Concerned with the direct connection of devices on a network. 2. Internet Layer: Responsible for addressing, packaging, and routing functions. 3. Transport Layer: Ensures data transfer is reliable, maintains data integrity and security. 4. Application Layer: It's where the actual communication applications reside. Learning Outcomes: By understanding the above concepts: 1. Define and Explain Internet Terminologies: You'll be familiar with terms like protocol, IP address, router, switch, LAN, WAN, and many others. 2. Present Basic Knowledge of Digital Data: You'll understand how data is packaged, transmitted, and received across different types of networks and the various protocols and standards involved. 2 - Application Layer Topic rationale This topic will contribute to your learning by: describing the services of application layer describing web applications and the client - server architecture examining the HTTP, DNS and UDP protocols. By engaging in this learning, you will be working towards the following learning outcomes: be able to define and explain various internet terminologies be able to present a basic knowledge of digital data. Read Required reading The following sections of Chapter 2: Application layer (Kurose & Ross, 2021) explore the application layer’s make - up and function in more depth. 2.1 Principles of network applications 2.2 The Web and HTTP 2.3 Electronic mail in the internet 2.4 DNS – the internet’s directory service. Services of the Application Layer The Application Layer is the topmost layer in the TCP/IP model, and it directly interacts with end - users. It provides a set of interfaces and protocols that software applications use to request and send network services. Some of the services and protocols of the application la yer include: 1. HTTP (Hypertext Transfer Protocol): Used for transferring web pages on the internet. 2. FTP (File Transfer Protocol): Used for transferring files over the internet. 3. SMTP (Simple Mail Transfer Protocol): Used for email transmission. 4. DNS (Domain Na me System): Resolves domain names to IP addresses. 5. DHCP (Dynamic Host Configuration Protocol): Assigns IP addresses to devices on a network. 6. SNMP (Simple Network Management Protocol): Manages devices on IP networks. Web Applications and the Client - Server A rchitecture Web Applications are software programs that run on web servers and are accessed via a web browser over the internet. Examples include online banking systems, social media platforms, and e - commerce sites. Client - Server Architecture is a computing model where the server hosts, delivers, and manages most of the resources and services to be consumed by the client. In this model: Client: A device or application that requests services or resources from a server. Server: A device or appli cation that provides services or resources to clients. The interaction typically follows this pattern: 1. The client sends a request to the server. 2. The server processes the request. 3. The server sends back the appropriate response to the client. Examination of HTTP, DNS, and UDP Protocols 1. HTTP (Hypertext Transfer Protocol): Function: It is the foundation of data communication on the World Wide Web. It defines how messages are formatted and transmitted. Working: When you access a website, your browser sends an HTTP request to the server, which then sends back the appropriate web page as an HTTP response. 2. DNS (Domain Name System): Function: It translates human - friendly domain names (like www.example.com ) into IP addresses that computers use to identify each other on the network. Working: When you type a URL into your browser, the DNS system finds the corresponding IP address for the domain and directs your browser t o the correct server. 3. UDP (User Datagram Protocol): Function: It is a transport layer protocol used for fast and connectionless data transfer. Working: Unlike TCP, which establishes a connection and ensures data integrity, UDP just sends data without establishing a connection, making it faster but less reliable. It's often used for streaming media and online gaming. Learning Outcomes: By understanding th e above concepts: 1. Define and Explain Internet Terminologies: You'll be familiar with terms related to the application layer, such as HTTP, DNS, UDP, client - server architecture, and more. 2. Present Basic Knowledge of Digital Data: You'll understand how data is requested, processed, and delivered in the realm of web applications and the protocols that facilitate these operations. 3 - Transport Layer Topic rationale This topic will contribute to your learning by: describing the serv ices of transport layer explaining reliable data transfer examining TCP and UDP transport - layer protocols comparing TCP and UDP. By engaging in this learning, you will be working towards the following learning outcomes: be able to analyse the TCP/IP protocol. Read Required reading The following sections of Chapter 3: Transport layer (Kurose & Ross, 2021) explain the three main functions of the transport layer: 3.1 Introduction and transport - layer services 3.2 Multiplexing and demultiplexing 3.3 Connectionless transport: UDP 3.4.2 Pipelined reliable data transfer protocols 3.4.3 Go - back - N (GBN) 3.4.4 Selective repeat (SR) 3.5 Connection - oriented transport: TCP 3.6 Principles of congestion control 3.7 TCP congestion control. Services of the Transp ort Layer The Transport Layer is responsible for end - to - end communication and data transfer between two devices on a network. It ensures that data is sent and received in an orderly, error - free, and efficient manner. Key services provided by the transport layer include: 1. Segmentation a nd Reassembly: Large messages are divided into smaller segments for transmission and then reassembled at the destination. 2. Connection Control: It can be either connection - oriented (like TCP) or connectionless (like UDP). 3. Flow Control: Ensures data is sent a t a rate the receiver can handle. 4. Error Control: Detects and corrects errors that occur during transmission. 5. Port Addressing: Uses port numbers to distinguish different services on the same device. Reliable Data Transfer Reliable data transfer ensures that data sent from a sender to a receiver is delivered accurately and in order, without any missing or corrupted segments. Mechanisms to achieve this include: 1. Acknowledgments: The receiver sends an acknowledgment message back to the sender to confirm receipt of data. 2. Retransmissions: If the sender doesn't receive an acknowledgment within a certain time, it assumes the segment was lost and retransmits it. 3. Sequence Numbers: Each segment is assigned a unique sequence number, allowing the receiver to reorder segments that arrive out of order and detect missing segments. Examination of TCP and UDP Transport - Layer Protocols 1. TCP (Transmission Control Protocol): Function: It is a connection - oriented protocol that ensures reliable data transfer. Features: Establishes a connection before data transfer, uses acknowledgments, retransmissions, and has built - in error checking. Use Cases: Web browsing, file transfer, and email. 2. UDP (User Datagram Protocol): Function: It is a connectionless protocol that sends data without establishing a connection. Features: Does not guarantee data delivery, no error checking, and no acknowledgments. Use Cases: Streaming media, online gaming, and VoIP. Comparing TCP and UDP Feature TCP UDP Connection Connection - oriented Connectionless Reliability Reliable (ensures data integrity and order) Unreliable (no guarantees) Overhead Higher (due to acknowledgments and error checking) Lower (no connection setup or error checking) Speed Generally slower (due to error checking and acknowledgments) Faster (no error checking) Feature TCP UDP Use Cases Web browsing, file transfer, email Streaming, gaming, VoIP Learning Outcomes: By understanding the above concepts: 1. Analyse the TCP/IP Protocol: You'll have a deeper understanding of the transport layer's role within the TCP/IP protocol suite, especially the differences and applications of TCP and UDP. 4 - Network Layer Topic rationale This topic will contribute to your learning by: describing the services of network layer explaining how the network layer can provide its host - to - host communication service. defining IPv4 protocols explaining IPv4 addresses and how to get them outlining how to subnet a network describing the DHCP protocol. By engaging in this learning, you will be working towards the following learning outcomes: be able to analyse the TCP/IP protocol be able to explain and apply IP addresses including IPv4 and IPv6. Read The following s ections of Chapter 4: The network layer: Data plane (Kurose & Ross, 2021) outlines in detail how the network layer performs and looks at the data plane of the network layer: 4.1 Overview of network layer 4.3.1 IPv4 datagram format 4.3.2 IPv4 addressing (4. 3.3 in 2017 version) 4.3.3 Network address translation (NAT) (4.3.4 in 2017 version) 4.4 Generalised forwarding and SDN. Services of the Network Layer The Network Layer is responsible for determining the best path to route data packets from the source to the destination across the network. Key services provided by the network layer include: 1. Routing: Determines the best path for data based on routing tables and algorithms 2. Logical Addressing: Uses IP addresses to identify devices on a network. 3. Packet Forwarding: Moves packets between the transport and data link layers. 4. Error Handling and Diagnostics: Uses tools like ICMP (Internet Control Message Protocol) for error report ing and diagnostics. Host - to - Host Communication Service The network layer provides host - to - host communication by: 1. Addressing: Assigning unique IP addresses to each device on the network. 2. Packet Encapsulation: Encapsulating transport layer segments into packets with source and destination IP addresses. 3. Routing: Using routers and routing algorithms to determine the best path for each packet. 4. Fragmentation and Reassembly: If a packet is too large for a network se gment, it's fragmented into smaller pieces and then reassembled at the destination. IPv4 Protocols IPv4 (Internet Protocol version 4) is the fourth version of the Internet Protocol. It uses a 32 - bit address scheme allowing for a total of 2^32 addresses. Ke y protocols associated with IPv4 include: 1. ICMP (Internet Control Message Protocol): Used for error reporting and diagnostics. 2. ARP (Address Resolution Protocol): Resolves IP addresses to MAC (Media Access Control) addresses. 3. IGMP (Internet Group Management Protocol): Manages multicast groups. IPv4 Addresses and How to Get Them 1. IPv4 Addressing: Uses a 32 - bit dotted - decimal format, e.g., 192.168.1.1. 2. Types of IPv4 Addresses: Unicast: A one - to - one address, meaning it's a unique address that allows a device to address another device. Broadcast: Sent from one sender to all potential receivers in the network. Multicast: Sent from one sender to multiple specified receivers. 3. Obtaining IPv4 Addresses: Static Assignment: Manually assigned by a network administrator. Dynamic Assignment: Assigned automatically when a device joins a network, typically by DHCP. Subnetting a Network Subnetting is the practice of dividing an IP network into sub - networks to improve performance and security. Steps to subnet a network: 1. Determine the Number of Subnets Needed: Based on organizational requirements. 2. Determine the Number of Hosts per Subnet: Based on th e number of devices. 3. Divide the Network: Adjust the subnet mask to allocate bits for subnets and hosts. 4. Assign IP Addresses: Ensure no overlap between subnets. DHCP Protocol DHCP (Dynamic Host Configuration Protocol) is a network protocol used to assign IP addresses and other network configuration information to devices dynamically. 1. Function: Automates the IP addressing process. 2. Process: When a device joins a network, it sends a DHCP request. A DHCP server responds with an IP address, subnet mask, default gateway, and other network settings. Learning Outcomes: By understanding the above concepts: 1. Analyse the TCP/IP Protocol: You'll have a deeper understanding of the network layer's role within the TCP/IP protocol suite, especially the intricacies of IPv4 addressing and routing. 2. Explain and Apply IP Addresses: You'll be equipped to explain the nuances of both IPv4 and IPv6 add resses, their allocation methods, and their significance in network communication. 5 - Datalink Layer Topic rationale This topic will contribute to your learning by: describing the services of data link layer outlining how packets are sent across the individual links that make up the end - to - end communication path explaining how transmission conflicts in broadcast links are resolved examining the ARP protocol. By engaging in this learning, you will be working t owards the following learning outcome: be able to explain data link protocols. Read The following sections of Chapter 6 (Kurose & Ross, 2021) provide you with the knowledge to analyse the protocols that govern the communication between two network devices that sit at the edge of the network: 6.1 Introduction to the link layer 6.2 Error - detection and correction techniques 6.3 Multiple access links and protocols. Services of the Data Link Layer The Data Link Layer is the second layer in the OSI model and is responsible for the direct connection between devices on a local network segment. Key services provided by the data link layer include: 1. Framing: Divides the stream of bits received from the network layer into ma nageable data units called frames. 2. Physical Addressing: Assigns MAC (Media Access Control) addresses to frames to identify devices on a local network. 3. Flow Control: Ensures data is sent at a rate the receiver can handle, preventing buffer overflow. 4. Error C ontrol: Detects and corrects errors that occur during transmission at the frame level. 5. Access Control: Determines which device has control over the link at any given time. Sending Packets Across Individual Links 1. Encapsulation: The data link layer takes packets from the network layer and encapsulates them into frames by adding a header (which contains the MAC address of the source and destination) and a trailer. 2. Transmission: Frames are then transmitted over the link using a spe cific protocol, such as Ethernet. 3. Reception: At the receiving end, the data link layer decapsulates the frame to extract the packet and passes it up to the network layer. Resolving Transmission Conflicts in Broadcast Links In broadcast links, multiple devi ces share the same communication medium. This can lead to conflicts or collisions when two devices transmit data simultaneously. Here's how these conflicts are resolved: 1. Carrier Sense Multiple Access with Collision Detection (CSMA/CD): Used in traditional Ethernet, devices first listen (sense) to the medium to check if it's free. If two devices transmit simultaneously, a collision is detected, and both devices stop transmitting and wait for a random time before retrying. 2. Carrier Sense M ultiple Access with Collision Avoidance (CSMA/CA): Used in Wi - Fi networks, devices try to avoid collisions by waiting for a clear channel before transmitting. ARP Protocol ARP (Address Resolution Protocol) is a protocol used to map 32 - bit IP addresses to M AC addresses within a local network, allowing for correct packet delivery on a subnet. 1. Function: When a device knows the IP address of another device but not its MAC address, it broadcasts an ARP request to all devices on the subnet. 2. Response: The device with the matching IP address responds with its MAC address. 3. ARP Table: Devices maintain an ARP table, a cache of IP - to - MAC address mappings, to reduce the need for frequent ARP broadcasts. Learning Outcome: By understanding the above concepts: 1. Explain Data Link Protocols: You'll have a comprehensive understanding of the data link layer's role, its services, and specific protocols like ARP. You'll be equipped to explain how devices on a local network segment communicate, how conflicts are resolve d, and how IP addresses are mapped to MAC addresses for accurate frame delivery. 6 - Local Area Networks Topic rationale This topic will contribute to your learning by: explaining the differences between a switch and a router studying the Ethernet describing virtual LANs and data centre networks. By engaging in this learning, you will be working towards the following learning outcomes: be able to present a basic knowledge of digital data be able to explain data link protocols be able to analyse the TCP/IP protocol be able to explain and apply IP addresses including IPv4 and IPv6. Read The following sections of Chapter 6: The link layer and LANs (Kurose & Ross, 2021) focus on local area networks, which are part of the data link layer: 6.4 Switched local area networks 6.5 Link virtualisation: A network as a link layer 6.6 Data centre networking 6.7 Retrospective: A day in the life of a web page request. Differences Between a Switch and a Router 1. Functionality: Switch: Operates primarily at the data link layer (Layer 2) of the OSI model. It is used to connect devices within a local network segment, like computers within an office. It uses MAC addresses to forward frames to the appropriate device. Router: Operates at the network layer (Layer 3). It connects different networks together, like connecting a home network to the Internet. It uses IP addresses to forward packets to the appropriate network or device. 2. Usage: Switch: Used to expand the number of devices that can be added to a LAN. Router: Used to connect different LANs and provide a gateway to the Internet. 3. Table Types: Switch: Maintains a MAC address table. Router: Maintains a routing table with IP addresses. Studying the Ethernet Ethernet is the most widely used LAN technology. It defines wiring and signaling standards for the physical layer, and packet formats and protocols for the data link layer of the OSI model. 1. Function: Provides a simple interface for connecting multiple devices in a LAN. 2. Speed: Over the years, Ethernet speeds have evolved from 10 Mbps (10BASE - T) to 100 Gbps (100GBASE - T) and beyond. 3. Frame Structure: Ethernet frames have a specific format that includes source and destination MAC addresses, type field, data payload, and a CRC (Cyclic Redundancy Check) for error checking. Virtual LANs (VLANs) 1. Definition: A VLAN is a logically segmented network within a physical network. Devices in the same VLAN can communicate as if they are on the same physical network, even if they aren't. 2. Benefits: Increases security, reduces broadcast traffic, and offers flexibility a s devices can be grouped based on logical function rather than physical location. 3. Implementation: Managed using switches that support VLAN tagging, typically using the IEEE 802.1Q standard. Data Centre Networks Data centres are facilities that house large numbers of servers and other IT equipment. The networking within data centres is crucial for efficient communication between servers and to the outside world. 1. Topology: Often uses a spine - leaf topology for scalability and redundancy. 2. High Bandwidth: Requires high - speed connections, often 10 Gbps, 40 Gbps, or even 100 Gbps. 3. Redundancy: Multiple paths ensure there's no single point of failure. 4. Software - Defined Networking (SDN): Allows for dynamic, programmatically efficient network configuration. Learn ing Outcomes: By understanding the above concepts: 1. Present Basic Knowledge of Digital Data: Understand how data is structured, transmitted, and received in a LAN environment. 2. Explain Data Link Protocols: Delve into Ethernet, its frame structure, and how switches operate at this layer. 3. Analyse the TCP/IP Protocol: Understand how routers operate at the network layer, forwarding packets based on IP addresses. 4. Explain and Apply IP Addresses: Recognize the imp ortance of IP addressing in routing and how VLANs can segment a physical network logically. 7 - Internet routing and control message protocols – OSPF, BGP, and ICMP Topic rationale This topic will contribute to your learning by: examining traditional routing algorithms for computing least - cost paths in a graph describing internet routing protocols: OSPF and BGP examining the ICMP protocol. By engaging in this learning, you will be working towards the following learning outcomes: be able to define and explain various internet terminologies be able to analyse the TCP/IP protocol be able to explain and apply IP addresses including IPv4 and IPv6. Read Required reading The following sections of Chapter 5: The network layer: Control pl ane (Kurose & Ross, 2021) outlines what you need to know about internet routing and control message protocols: 5.3 Intra - AS Routing in the Internet: OSPF 5.4 Routing Among the ISPs: BGP 5.5 The SDN control plane 5.6 ICMP: The internet control message protocol Traditional Routing Algorithms Routing algorithms determine the best path for data packets to travel from a source to a destination. Traditional algorithms for computing least - cost paths in a graph include: 1. Dijkstra's Algorithm: Finds the shortest path from a source node to all other nodes in a weighted graph. It's a basis for many link - state routing protocols. 2. Bellman - Ford Algorithm: Computes the shortest path from a single source node to all other nodes, even if some weights ar e negative. It's used in many distance - vector routing protocols. Internet Routing Protocols: OSPF and BGP 1. OSPF (Open Shortest Path First): Type: Link - state routing protocol. Function: OSPF routers exchange link - state information about their local links with all other routers in the same OSPF area. This information is then used to build a complete topology map, and Dijkstra's algorithm is applied to find the shortest path. Features: Sup ports multiple equal - cost routes, provides fast convergence, and is scalable. 2. BGP (Border Gateway Protocol): Type: Path vector protocol. Function: Used for routing between autonomous systems (AS) on the Internet. BGP routers exchange network reachability i nformation with other BGP routers. Features: Provides loop prevention by including the path information in the BGP advertisement, supports policy - based routing, and is crucial for the operation of the global Internet. ICMP (Internet Control Message Protoco l) 1. Function: ICMP is a network layer protocol used by network devices to send error messages and operational information. It's an integral part of the IP protocol. 2. Messages: Includes error messages like "destination unreachable" and "time exceeded," and operational messages like "echo request" (used by the ping command) and "echo reply." 3. Usage: ICMP is often used for diagnostic purposes to troubleshoot network issues. For exa mple, the ping command uses ICMP to check the reachability of a host. Learning Outcomes: By understanding the above concepts: 1. Define and Explain Internet Terminologies: You'll be familiar with terms related to routing algorithms and protocols, such as OSPF, BGP, and ICMP. 2. Analyse the TCP/IP Protocol: Understand the role of routing protocols in the broader context of the TCP/IP suite and how they contribute to the efficie nt operation of the Internet. 3. Explain and Apply IP Addresses: Recognize the importance of IP addressing in routing and how protocols like ICMP operate at the IP level to provide diagnostic and error information. 8 - Principles of network security Topic ra tionale This topic will contribute to your learning by: explaining key cryptography explaining message integrity and digital signature examining authentication By engaging in this learning, you will be working towards the following learning outcome: be able to explain fundamental cyber security concepts and technologies Read Required reading The following sections of Chapter 8: Security in Computer Networks (Kurose & Ross, 2021) 8.1 What Is Network Security? 8.2 Principles of Cryptography 8.3 Message Integrity and Digital Signatures Key Cryptography Cryptography is the practice of securing information by converting it into an unreadable format, ensuring that only someone with the appropriate key can read it. 1. Symmetric Key Cryptography: Function: The same key is used for both encryption (converting plaintext to ciphertext) and decryption (converting ciphertext back to plaintext). Example: AES (Advanced Encryption Standard). Pros: Faster than asymmetric cryptography. Cons: Key distribution is a challenge; if the key is compromised, the security of all encrypted data is at risk. 2. Asymmetric Key Cryptography: Function: Uses a pair of keys: a public key (known to everyone) for encryption and a private key (known only to the recipient) for decry ption. Example: RSA (Rivest – Shamir – Adleman). Pros: Enhanced security; even if the public key is known, the data cannot be decrypted without the private key. Cons: Slower than symmetric cryptography. Message Integrity and Digital Signature 1. Message Integrity: Function: Ensures that a message has not been altered during transmission. Mechanism: Uses cryptographic hash functions like SHA - 256. The sender generates a hash of the message and sends both the message and the hash. The receiver recalculates t he hash upon receipt and compares it to the received hash. 2. Digital Signature: Function: Validates the authenticity and integrity of a message or document. Mechanism: The sender generates a hash of the message and then encrypts the hash with their private k ey. The receiver decrypts the hash using the sender's public key and compares it to the recalculated hash of the received message. Usage: Digital signatures are used to verify the identity of the sender and ensure that the message has not been tampered wit h. Authentication Authentication is the process of verifying the identity of a user, system, or application. 1. Password - Based Authentication: The most common method where users provide a username and password. 2. Two - Factor Authentication (2FA): Requires two forms of identification, such as a password and a one - time code sent to a mobile device. 3. Certificate - Based Authentication: Uses digital certificates to authenticate a user or device. 4. Biometric Authentication: Uses unique biological characteri stics, such as fingerprints or facial recognition. Learning Outcomes: By understanding the above concepts: 1. Explain Fundamental Cyber Security Concepts and Technologies: You'll have a comprehensive understanding of the foundational principles of network security, from encryption methods to authentication mechanisms. This knowledge is crucial for anyone looking to ensure the confidentiality, integrity, and authenticity of data in a networked environment. 9 - Security in practice Topic rationale This topic will contribute to your learning by: knowing how to secure emails explaining firewalls examining intrusion detection systems. By engaging in this learning, you will be working towards the following learning outcome: be able to explain fundamental cyber security concepts and technologies. Read Required reading The following sections of Chapter 8: Security in Computer Networks (Kurose & Ross, 2021) 8.5 Securing E - Mail 8.9 Operational Security: Firewalls and Intrusion Detection Systems Securing Emails Emails are a primary communication method, and securing them is crucial to protect sensitive information from unauthorized access and malicious threats. 1. Encryption: End - to - End Encryption: The email content is encrypted on the sender's side and only decrypted on the recipient's side. Even if intercepted during transit, the content remains unreadable. TLS (Transport Layer Security): Encrypts the connection between mail servers, ensuring that emails in transit are secure. 2. Digital Signatures: Validates the authenticity of an email and ensures it hasn't been tampered with during transit. 3. Anti - Phishing Measures: Tools and filters that detect and block phishing emails, which are malicious emails attempting to trick users into revealing sensitive information. 4. Secure Email Gateways: Scans incoming and outgoing emails for malware, spam, and other threats. Firewalls A firewall is a network security device or software that monitors and filters incoming and outgoing network traffic based on an organization's security policies. 1. Function: Acts as a barrier between a trusted internal network and untrusted external networks, such as the Internet. 2. Types: Packet - Filtering Firewalls: Examin es packets and allows or blocks them based on source and destination IP addresses, port numbers, and protocols. Stateful Firewalls: Keeps track of active connections and makes decisions based on the context of the traffic. Proxy Firewalls: Acts as an inter mediary, forwarding requests from clients on behalf of the user. Next - Generation Firewalls (NGFW): Combines traditional firewall capabilities with advanced functionalities like intrusion prevention, SSL inspection, and application awareness. Intrusion Detection Systems (IDS) An IDS monitors network traffic for suspicious activity and issues alerts when such activity is discovered. 1. Types: Network - Based IDS (NIDS): Monitors traffic on a network segment, looking for malicious patterns. Host - Based IDS (HIDS): Installed on a specific device or server and monitors system logs and activity for suspicious behavior.