KAMPALA INTERNATIONAL UNIVERSITY

COLLEGE OF ECONOMICS & MANAGEMENT

COURSE UNIT : INTRODUCTION TO COMPUTER
COURSE CODE : ITE1101/DIT/1102
YEAR : ONE
SEMSETER : ONE
LECTURERS NAME: MR BOUR SIMEO
GROUP ONE

NAME REG NO CO SIGNATURE MARKS

UR
SE
ABITEGEKA JACKSON 2024-08-32746 DIT
ABAHO ALISON 2024-08-30115 BIT
ABAHO ANIA 2024-08-31313 BIT
ABDUL HAMID 2024-08-27867 BIT
MUHAMMAD
AFEMA MARVIN 2024-08-29075 DIT
AGABA AHUMUZA 2024-08-27724 DIT
JAPHETH
AGABA MACKLINE 2024-08-31270 DIT
AGALILAHO KENNETH 2024-08-32235 BIT
ANGUDA JOEL 2024-08-27782 BIT
NGOLOBE
AHIRWE APOPHIA 2024-08-31393 BIT
AHUMUZA PROMISE 2024-08-29634 BIT
AHUMUZA FRANKLINE 2024-08-31811 DIT
AINEBYONA SYSON 2024-08-29062 BIT
AINEBYOONA DAPHINE 2024-08-28036 BIT
AINEMBABAZI ESTHER 2024-08-29138 BIT
AINEMBABAZI VIOLA 2024-08-17646 DIT
Describe the difference between symmetric encryption and asymmetric encryption and provide
examples of each encryption as commonly used in cyber security

What is the role of a firewall in network security and how it protects against unauthorized access
and cyber threats
 First of all, what is encryption, it is the process of locking up information using
cryptography then data encryption is the process that transforms readable data into unreachable
format to protect it from un authorized access

Therefore, understanding the difference between symmetric encryption and asymmetric

encryption is crucial for anyone interested in cyber security

They are two fundamental approaches to securing data, and they differ primarily in how they
manage keys for encryption and decryption

Symmetric encryption

This is the simplest kind of encryption that involves only one secret key to cipher and decipher
information, it is an old best known technique

It use a secret key that can either be a number, a word or a string of random letters

It also uses the same key for both encryption and decryption

Examples

1. AES (advanced Encryption standard 0widely used for secure data encryption
2. DES (data Encryption standard )an older standard that has largely been replaced by AES
due to security concerns
Uses cases
Suitable for encrypting large amounts of data due to its speed and efficiency

The main disadvantage of symmetric key encryption is that all parties involved have to exchange
the key used to encrypt the data before they can decrypt

Advantages

Easy to execute and manage: users have only one key for encryption and decryption so it’s easy
to execute and manage

Faster: since using a single key for encryption and decryption it’s faster to execute
Identify verification: it uses passwords authentication as a security purpose to prove the
receivers identity

Disadvantages

The chances of sharing encryption keys securely are less: it is difficult and challenging
to share keys in symmetric encryption

Symmetric is not that scalable, as it’s not suitable for various users

Asymmetric encryption

It is the type of encryption that uses a pair of keys to cipher and decipher information

It uses a pair of keys, a public key for encryption and a private key for decryption

Examples

RSA (Rivest –shamir-Adleman): commonly used for secure data transmission

ECC (Elliptic curve cryptography): provides similar security to RSA with smaller key sizes
and DSA (digital signature algorithm

Uses cases often used for secure communications, digital signatures and key exchanges

Asymmetric encryption enhances security in key distribution by using a pair of keys

making it ideal for secure communications over untrusted networks but it is slower and less
efficient for large data volumes

A public key for decryption. These keys are mathematically related but cannot be derived from
each other

Slower processing

Asymmetric algorithms are typically slower than symmetric ones making them less suitable for
encrypting large volumes of data

Enhanced security
Using two keys adds an extra layer of security the public key can be freely distributed while the
private key must be kept secret, the corresponding private key can only decrypt anything
encrypted with the public key

Comparison

Key management

Symmetric key encryption requires a secure exchange method which can be challenging, in
contrast, asymmetric key encryption simplifies key management as each user has a pair of keys

Uses cases

Symmetric encryption is commonly employed for secure communication over open networks
like the internet

Example scenario

Imagine sending a secure message to a friend with symmetric encryption ,you both need to share
the same key , however with asymmetric encryption , you can use your friends public key to
encrypt the message and only they , with their private can decrypt it

Same both use a key to transform plain text message to cipher text, which the recipient needs a
key to decipher back to the original plain text
A firewall acts as a barrier between a trusted internal network and untrusted external network
such as internet and monitors and controls incoming and outgoing network traffic based on
predefined security rules in other wards a firewall is a hardware component or software program
that is designed to monitor and filter the network traffic that is coming into or going out of
network

In general firewalls are installed to prevent attacks

Attacks covers many things e.g.

1. Someone probing a network for computers

2. Someone attempting to crash service on a computer
3. Someone attempting to crash a computer
4. Someone attempting to gain access to a computer to use resources or information
Description

Firewalls act as a security checkpoints for your computer network, they filter
incoming and outgoing traffic allowing only authorized data to pass through imagine them just
like as digital bouncers at club just like a bouncer checks ids , the firewall verifies if data is
legitimate before letting it in , this helps to block malicious software , hackers and unwanted
traffic from accessing valuable information and causing harm

Network access control

Firewalls enforce access control policies by examing network packets and determine whether to
allow or block them based on specified rules. This helps to prevent unauthorized access to the
network and protect against malicious activities

Traffic filtering:

Firewalls inspect network traffic at the packet level, analyzing various attributes such as source
and destination IP addresses port numbers protocols and packet contents filtering traffic based on
these attributes, firewalls can block potentially harmful or suspicious traffic such as known
malware or unauthorized connection attempts

Intrusion prevention
Firewall scan detect and prevent intrusion attempts by monitoring network traffic patterns and
identifying suspicious activities that may indicate an ongoing attack they can be configured to
generate adverts or take immediate action to block the malicious traffic

Network address translation (NAT)

Firewalls often perform network address translation allowing multiple devices with a
private network to share a single ip address .NAT provides an additional layer of security hiding
internal IP addresses from external networks making it more difficult for attackers to directly
target individual devices

Virtual private network (VAN)

Firewalls can facilitate secure remote access to networking by supporting VPN

connections .VPN tunnels created through the firewall enable encrypted communications
between remote users or branch officers and the internal network ensuring data confidentiality
and integrity

Application layer inspection:

Advanced firewalls may include application layer inspection capabilities, where they
analyze the content and behavior at network packets at the application, enabling better detection
and prevention at application layer attacks

By implementing a firewall as a part a comprehensive network security strategy,

organizations can protect their network infrastructure, control access to resource and mitigate
various types of cyber threats and attacks

Protecting against denial of service (DOS) attacks firewalls can also protect against
denial of service (DOS) attacks by limiting the amount of traffic that can reach the system, A
firewall can be configured to block traffic from a specific IP address or network that is flooding
the system with a large volume of traffic thereby preventing the system from being overwhelmed
and disrupted
 REFERENCES

Firewalls don’t stop dragons (a step by step guide to computer security for Non techies third
edition by care paker page 53-75

www.u.ke srays .com

Research gate

Break the code (cryptography for beginners) by Bud Johnson

All secrets die by Die by Dale Nelson