1
00:00:00,120 --> 00:00:01,680
In this lesson we're going to talk

2
00:00:01,680 --> 00:00:03,480
about the CIA triad.

3
00:00:03,480 --> 00:00:04,680
Now this is important because

4
00:00:04,680 --> 00:00:08,280
by default our networks are fundamentally not secure.

5
00:00:08,280 --> 00:00:09,390
When they were developed and all

6
00:00:09,390 --> 00:00:10,470
these different networking standards

7
00:00:10,470 --> 00:00:12,000
were created many years ago,

8
00:00:12,000 --> 00:00:14,370
security was not in the discussion.

9
00:00:14,370 --> 00:00:16,680
Instead, over the years we've tried to bolt on

10
00:00:16,680 --> 00:00:18,330
and add on security as we go

11
00:00:18,330 --> 00:00:20,670
to make these networking protocols more secure.

12
00:00:20,670 --> 00:00:24,300
But to begin with, a network is a very unsecure place.

13
00:00:24,300 --> 00:00:26,130
We have to be careful in order to minimize

14
00:00:26,130 --> 00:00:27,990
and eliminate these risks over time,

15
00:00:27,990 --> 00:00:30,750
and that's where network security is going to come into play.

16
00:00:30,750 --> 00:00:32,280
If we can understand the various threats

17
00:00:32,280 --> 00:00:33,600
that are facing our networks,

18
00:00:33,600 --> 00:00:34,710
then we're going to be better able

19
00:00:34,710 --> 00:00:36,780
to defend our networks against the onslaught

20
00:00:36,780 --> 00:00:40,170
of cyber attacks then we are facing on a daily basis.

21
00:00:40,170 --> 00:00:41,880
The way we look at security in our networks

22
00:00:41,880 --> 00:00:44,670
is based on something called the CIA triad.

23
00:00:44,670 --> 00:00:46,290
Now this stands for confidentiality,

24
00:00:46,290 --> 00:00:48,060
integrity, and availability.

25
00:00:48,060 --> 00:00:49,620
Those are the three tenants

26
00:00:49,620 --> 00:00:52,200
that make up this triad that give us security.

27
00:00:52,200 --> 00:00:54,150
We're going to talk more about these three components

28
00:00:54,150 --> 00:00:56,700
of the CIA triad in this lesson.

29
00:00:56,700 --> 00:00:59,550
Our first one is C for confidentiality.

30
00:00:59,550 --> 00:01:01,110
Now, confidentiality is concerned

31
00:01:01,110 --> 00:01:03,480
with keeping your data safe and private.

32
00:01:03,480 --> 00:01:05,010
We want to use things like encryption

33
00:01:05,010 --> 00:01:07,500
and authentication to verify that somebody has the need

34
00:01:07,500 --> 00:01:10,710
to know and that they should be allowed to see that data.

35
00:01:10,710 --> 00:01:12,450
By using encryption, we can ensure

36
00:01:12,450 --> 00:01:13,650
that data can only be read

37
00:01:13,650 --> 00:01:15,990
or decoded by the intended recipient,

38
00:01:15,990 --> 00:01:18,180
and that person is going to have a secret encryption

39
00:01:18,180 --> 00:01:20,580
or decryption key to be able to read it.

40
00:01:20,580 --> 00:01:22,980
Now, to do this, we can use either symmetric encryption

41
00:01:22,980 --> 00:01:24,720
or asymmetric encryption.

42
00:01:24,720 --> 00:01:26,430
Now if you're not familiar with those concepts,

43
00:01:26,430 --> 00:01:27,840
we're going to cover them here for you

44
00:01:27,840 --> 00:01:29,280
to bring you up to speed.

45
00:01:29,280 --> 00:01:30,630
Symmetric encryption is something

46
00:01:30,630 --> 00:01:32,850
that is the basis of confidentiality.

47
00:01:32,850 --> 00:01:34,890
Both the sender and the receiver are going to use

48
00:01:34,890 --> 00:01:37,140
the exact same key, which is why we call it

49
00:01:37,140 --> 00:01:40,170
symmetric encryption or symmetric key cryptography.

50
00:01:40,170 --> 00:01:43,470
Now we can go from plain text to cipher text using one key,

51
00:01:43,470 --> 00:01:45,450
and then the other person who wants to read it will use

52
00:01:45,450 --> 00:01:48,150
that same key to decrypt it from cipher text back

53
00:01:48,150 --> 00:01:49,980
into plain text so they can actually read it

54
00:01:49,980 --> 00:01:51,300
in normal language.

55
00:01:51,300 --> 00:01:54,780
In fact, symmetric encryption is almost 1,000 times faster

56
00:01:54,780 --> 00:01:56,490
than using asymmetric encryption

57
00:01:56,490 --> 00:01:58,140
where we use two different keys.

58
00:01:58,140 --> 00:01:59,700
Now we're going to cover asymmetric encryption

59
00:01:59,700 --> 00:02:01,860
in just a second, but first we need to talk

60
00:02:01,860 --> 00:02:03,960
about some problems with symmetric encryption.

61
00:02:03,960 --> 00:02:05,400
Now, there is one large problem

62
00:02:05,400 --> 00:02:06,810
with symmetric encryption though,

63
00:02:06,810 --> 00:02:09,210
and this is that we both have to have the same key

64
00:02:09,210 --> 00:02:11,160
to encrypt and decrypt that data.

65
00:02:11,160 --> 00:02:12,840
Now, if you and I have never met before,

66
00:02:12,840 --> 00:02:14,040
how are we going to make sure we both

67
00:02:14,040 --> 00:02:15,810
have the same shared key?

68
00:02:15,810 --> 00:02:17,550
Well, if I'm doing this on a large scale,

69
00:02:17,550 --> 00:02:19,500
let's say I encrypted a folder on my Google Drive

70
00:02:19,500 --> 00:02:21,180
that I wanted to share with all of my students.

71
00:02:21,180 --> 00:02:24,060
I would have a 300,000 people who need to access

72
00:02:24,060 --> 00:02:25,830
that Google Drive, and I have to give each

73
00:02:25,830 --> 00:02:27,330
of them a copy of that key.

74
00:02:27,330 --> 00:02:30,240
That'd be a really hard task to do and to do it securely.

75
00:02:30,240 --> 00:02:31,770
Now, let's imagine that one

76
00:02:31,770 --> 00:02:33,810
of those students shouldn't have access anymore.

77
00:02:33,810 --> 00:02:35,280
Now I have to go and change that key

78
00:02:35,280 --> 00:02:38,670
and give it to the other 299,999 people

79
00:02:38,670 --> 00:02:40,920
who still need access, and I have to have a secure way

80
00:02:40,920 --> 00:02:42,720
to redistribute that new key to all

81
00:02:42,720 --> 00:02:44,850
of those people who still need to access it.

82
00:02:44,850 --> 00:02:46,530
You see, this is the biggest problem we have

83
00:02:46,530 --> 00:02:47,730
with symmetric encryption.

84
00:02:47,730 --> 00:02:49,170
It's key management.

85
00:02:49,170 --> 00:02:51,210
Even though symmetric encryption is fast,

86
00:02:51,210 --> 00:02:52,950
and even though it's secure, we still have

87
00:02:52,950 --> 00:02:55,740
to figure out a way to get a secured, shared secret key

88
00:02:55,740 --> 00:02:58,020
to all the users who need to use it.

89
00:02:58,020 --> 00:03:00,150
So how are we going to solve that problem?

90
00:03:00,150 --> 00:03:02,910
Well, enter the world of asymmetric encryption.

91
00:03:02,910 --> 00:03:05,760
Now, asymmetric encryption is used to give confidentiality

92
00:03:05,760 --> 00:03:08,940
as well, but it does this by using two different keys,

93
00:03:08,940 --> 00:03:11,340
one for the sender and one for the receiver.

94
00:03:11,340 --> 00:03:14,490
Now, RSA is by far the most popular implementation of this,

95
00:03:14,490 --> 00:03:18,330
and it uses what we call public key infrastructure, or PKI.

96
00:03:18,330 --> 00:03:20,010
Now PKI is where we encrypt the data

97
00:03:20,010 --> 00:03:22,440
between an email sender and an email receiver,

98
00:03:22,440 --> 00:03:25,170
or when you're going to an e-commerce site like Amazon,

99
00:03:25,170 --> 00:03:27,960
you're going to be using PKI to do a key exchange.

100
00:03:27,960 --> 00:03:30,480
This way, you can get a secure email exchange

101
00:03:30,480 --> 00:03:32,670
or secure web browsing, and it solves the problem

102
00:03:32,670 --> 00:03:34,650
of having to distribute those keys ahead of time

103
00:03:34,650 --> 00:03:36,720
because we're using public keys.

104
00:03:36,720 --> 00:03:39,510
So how does asymmetric encryption work?

105
00:03:39,510 --> 00:03:42,450
Well, it works on the concept of having a key pair.

106
00:03:42,450 --> 00:03:45,120
This key pair is made up of a public and a private key.

107
00:03:45,120 --> 00:03:46,800
The public key, anybody can know,

108
00:03:46,800 --> 00:03:48,900
and we can share with everyone in the entire world.

109
00:03:48,900 --> 00:03:51,780
But the private key is something that only I should know

110
00:03:51,780 --> 00:03:53,400
and nobody else should see it.

111
00:03:53,400 --> 00:03:55,470
Let's see how this works in the real world.

112
00:03:55,470 --> 00:03:57,750
Well, when we look at this, there's a sender and receiver,

113
00:03:57,750 --> 00:03:59,490
and they're both going to use different keys

114
00:03:59,490 --> 00:04:01,530
to encrypt and decrypt the message.

115
00:04:01,530 --> 00:04:03,090
In this case, if I'm the sender,

116
00:04:03,090 --> 00:04:04,860
and I want to send something to the receiver,

117
00:04:04,860 --> 00:04:06,570
I'm going to use the receiver's public key,

118
00:04:06,570 --> 00:04:09,630
which everyone in the world can know because it's public.

119
00:04:09,630 --> 00:04:12,360
Now, once I've encrypted that data using their public key,

120
00:04:12,360 --> 00:04:14,790
the only key in the entire world that can open up

121
00:04:14,790 --> 00:04:16,440
that message and decrypt it,

122
00:04:16,440 --> 00:04:18,300
is going to be their private key.

123
00:04:18,300 --> 00:04:21,120
And the only person with that private key is that receiver.

124
00:04:21,120 --> 00:04:22,920
So we know it has confidentiality

125
00:04:22,920 --> 00:04:25,110
'cause only they can decrypt this message.

126
00:04:25,110 --> 00:04:26,970
This guarantees that we're going to have confidentiality

127
00:04:26,970 --> 00:04:29,190
of the data because nobody can read it except them,

128
00:04:29,190 --> 00:04:32,310
and once I encrypt that data, even I can't read it

129
00:04:32,310 --> 00:04:34,890
because I don't have the receiver's private key.

130
00:04:34,890 --> 00:04:36,870
So how does this work if we're going to use

131
00:04:36,870 --> 00:04:38,190
e-commerce for instance?

132
00:04:38,190 --> 00:04:40,710
Well, I said before that we can use asymmetric keys

133
00:04:40,710 --> 00:04:42,480
as a way to do a key exchange,

134
00:04:42,480 --> 00:04:44,580
and we're going to be able to share a symmetric key

135
00:04:44,580 --> 00:04:47,280
through that by creating an encrypted tunnel.

136
00:04:47,280 --> 00:04:49,530
So what we're going to do here in e-commerce

137
00:04:49,530 --> 00:04:52,710
is using asymmetric to then turn over to symmetric.

138
00:04:52,710 --> 00:04:54,690
In this case, if I wanted to be the client,

139
00:04:54,690 --> 00:04:56,700
and I wanted to go to Amazon to buy something,

140
00:04:56,700 --> 00:04:57,870
I would do it this way.

141
00:04:57,870 --> 00:05:01,320
First, I'm going to request the website by going to amazon.com,

142
00:05:01,320 --> 00:05:03,300
and I'm going to use the secure version of the website

143
00:05:03,300 --> 00:05:07,380
by going to https://amazon.com.

144
00:05:07,380 --> 00:05:09,900
Now, when I go to that server, the server is going to tell me

145
00:05:09,900 --> 00:05:11,790
that it has a public key available.

146
00:05:11,790 --> 00:05:13,260
That public key is going to have

147
00:05:13,260 --> 00:05:15,630
what we like to call a digital certificate.

148
00:05:15,630 --> 00:05:17,880
Now, when you buy a Verisign certificate

149
00:05:17,880 --> 00:05:20,790
or some other trusted certificate for your server,

150
00:05:20,790 --> 00:05:23,700
that server is going to then hold a copy of your public key

151
00:05:23,700 --> 00:05:26,550
for you and any client who wants to get it can go to

152
00:05:26,550 --> 00:05:29,490
that trusted third party and get a copy of your public key.

153
00:05:29,490 --> 00:05:32,220
So my web client is going to go to Verisign,

154
00:05:32,220 --> 00:05:34,020
it's going to grab Amazon's public key,

155
00:05:34,020 --> 00:05:36,390
and then I'm going to create a random number

156
00:05:36,390 --> 00:05:37,470
and whatever I'm going to choose,

157
00:05:37,470 --> 00:05:39,060
and I'm going to encrypt that random number

158
00:05:39,060 --> 00:05:41,610
using the public key that Amazon has.

159
00:05:41,610 --> 00:05:44,310
Now, I'm going to send that back over to the Amazon server

160
00:05:44,310 --> 00:05:47,130
because Amazon will be the only person who can unlock

161
00:05:47,130 --> 00:05:49,890
that message and decrypt it using their private key,

162
00:05:49,890 --> 00:05:51,690
which is part of their server code.

163
00:05:51,690 --> 00:05:54,750
Now, they can open that message and see that random number.

164
00:05:54,750 --> 00:05:56,970
So now that they have the random number I chose,

165
00:05:56,970 --> 00:05:59,040
I know it because I chose it, and they know it

166
00:05:59,040 --> 00:06:00,750
because they decrypted the message.

167
00:06:00,750 --> 00:06:03,480
So we've used a asymmetric encryption to be able

168
00:06:03,480 --> 00:06:05,010
to pass this random number,

169
00:06:05,010 --> 00:06:07,320
which will now act as our symmetric key.

170
00:06:07,320 --> 00:06:09,150
Now we can both create a tunnel,

171
00:06:09,150 --> 00:06:10,530
and that tunnel can be secured

172
00:06:10,530 --> 00:06:12,690
by that symmetric key we just chose,

173
00:06:12,690 --> 00:06:14,970
and we can use that for the entire session.

174
00:06:14,970 --> 00:06:17,880
This becomes known as a session key, which is simply

175
00:06:17,880 --> 00:06:20,760
that random number that I chose and sent over to Amazon.

176
00:06:20,760 --> 00:06:23,730
Now we can communicate securely for the rest of the session,

177
00:06:23,730 --> 00:06:25,470
creating a nice, secure encrypted tunnel

178
00:06:25,470 --> 00:06:27,510
between me and the Amazon server.

179
00:06:27,510 --> 00:06:29,190
Now, why would I do it this way?

180
00:06:29,190 --> 00:06:31,170
Why wouldn't I just use an asymmetric key

181
00:06:31,170 --> 00:06:33,390
the entire time it sent data back and forth?

182
00:06:33,390 --> 00:06:36,570
Well, the problem is asymmetric is pretty slow.

183
00:06:36,570 --> 00:06:39,120
In fact, symmetric key is a thousand times

184
00:06:39,120 --> 00:06:40,470
faster than asymmetric.

185
00:06:40,470 --> 00:06:43,740
So we want to use symmetric to the maximum extent possible,

186
00:06:43,740 --> 00:06:46,200
but there's some things that symmetric doesn't do well,

187
00:06:46,200 --> 00:06:47,430
like a key exchange.

188
00:06:47,430 --> 00:06:50,250
So for that reason, we're going to use asymmetric

189
00:06:50,250 --> 00:06:52,410
to do the handshake and exchange a key,

190
00:06:52,410 --> 00:06:54,690
and then we're going to switch over to symmetric using

191
00:06:54,690 --> 00:06:57,300
that key we just exchanged to get those faster speeds

192
00:06:57,300 --> 00:06:59,610
for all the rest of our data transfer.

193
00:06:59,610 --> 00:07:00,870
All right, the next thing we need

194
00:07:00,870 --> 00:07:03,330
to talk about is the I in the CIA triad.

195
00:07:03,330 --> 00:07:04,860
This is integrity.

196
00:07:04,860 --> 00:07:06,570
Now, integrity is all about making sure

197
00:07:06,570 --> 00:07:08,370
that the data you have was not modified

198
00:07:08,370 --> 00:07:10,410
in storage or in transit.

199
00:07:10,410 --> 00:07:12,270
This verifies that the source of the traffic

200
00:07:12,270 --> 00:07:15,390
that it originated from was where you thought it came from.

201
00:07:15,390 --> 00:07:16,980
We're not going to be subject to an on path

202
00:07:16,980 --> 00:07:18,450
or man in the middle attack here

203
00:07:18,450 --> 00:07:21,810
because we want to make sure that that data has integrity.

204
00:07:21,810 --> 00:07:23,490
Also, this will help us prevent forms

205
00:07:23,490 --> 00:07:27,150
of spoofing like IP spoofing, ARP spoofing, or Mac spoofing.

206
00:07:27,150 --> 00:07:29,280
Integrity violations can also happen

207
00:07:29,280 --> 00:07:31,140
if there's a defacement of your corporate webpage,

208
00:07:31,140 --> 00:07:33,240
for example, because somebody is changing the data

209
00:07:33,240 --> 00:07:35,760
on your server, and you didn't authorize it.

210
00:07:35,760 --> 00:07:38,460
All these are examples of integrity violations.

211
00:07:38,460 --> 00:07:39,750
Now, another example of this would be

212
00:07:39,750 --> 00:07:41,340
if somebody went to your e-commerce site,

213
00:07:41,340 --> 00:07:42,930
and they went to buy a product that's supposed to sell

214
00:07:42,930 --> 00:07:46,410
for a hundred dollars, but they actually changed that to $10

215
00:07:46,410 --> 00:07:49,230
by removing a zero, that would be an integrity breach

216
00:07:49,230 --> 00:07:51,270
because they also modified the electronically stored

217
00:07:51,270 --> 00:07:53,190
financial records on your server.

218
00:07:53,190 --> 00:07:55,290
So what if I decide to add a couple of zeros

219
00:07:55,290 --> 00:07:56,610
to my bank account balance?

220
00:07:56,610 --> 00:07:57,443
Guess what?

221
00:07:57,443 --> 00:07:58,890
That's also an integrity breach

222
00:07:58,890 --> 00:07:59,970
because I'm changing the balance,

223
00:07:59,970 --> 00:08:01,860
and I'm not authorized to do that.

224
00:08:01,860 --> 00:08:03,600
All of these things are things that we don't want

225
00:08:03,600 --> 00:08:05,460
to happen inside of our network.

226
00:08:05,460 --> 00:08:08,460
So how do we ensure that we have integrity?

227
00:08:08,460 --> 00:08:10,440
Well, we're going to use hashing.

228
00:08:10,440 --> 00:08:12,750
Now, hashing is an algorithm that runs a string of data

229
00:08:12,750 --> 00:08:14,490
through the algorithm and then it creates

230
00:08:14,490 --> 00:08:16,560
a hash or a hash digest.

231
00:08:16,560 --> 00:08:18,810
This serves as a unique individual fingerprint

232
00:08:18,810 --> 00:08:20,700
for a file or a data set.

233
00:08:20,700 --> 00:08:22,170
All right, if you see here on the screen,

234
00:08:22,170 --> 00:08:24,870
I have the word password written in three different ways

235
00:08:24,870 --> 00:08:26,324
I have it written as password,

236
00:08:26,324 --> 00:08:28,050
I have it written as password with a capital P,

237
00:08:28,050 --> 00:08:29,070
and I have it written as password

238
00:08:29,070 --> 00:08:31,260
with a capital P and a period at the end.

239
00:08:31,260 --> 00:08:33,990
Notice, those three hashes are vastly different

240
00:08:33,990 --> 00:08:36,630
even though I changed very little, just adding a period

241
00:08:36,630 --> 00:08:39,179
or changing a letter from lowercase to uppercase.

242
00:08:39,179 --> 00:08:41,880
In this example, I'm using an MD5 hash for each one

243
00:08:41,880 --> 00:08:44,430
of these, and this algorithm ensures drastic changes

244
00:08:44,430 --> 00:08:47,520
to the output when a slight change is made to the input.

245
00:08:47,520 --> 00:08:48,870
Now by just adding that period

246
00:08:48,870 --> 00:08:51,210
or making a capital letter instead of a lowercase letter,

247
00:08:51,210 --> 00:08:54,480
we have this huge amount of change to the hash digest.

248
00:08:54,480 --> 00:08:57,120
That's how we're using them as individual fingerprints.

249
00:08:57,120 --> 00:08:59,280
Once I run this data through the algorithm,

250
00:08:59,280 --> 00:09:01,530
I get this hash, and the data and the hash

251
00:09:01,530 --> 00:09:03,510
are then going to be sent over to the receiver.

252
00:09:03,510 --> 00:09:05,640
Now, when the receiver gets the data, they're going to run it

253
00:09:05,640 --> 00:09:07,500
through the same hash on their own side

254
00:09:07,500 --> 00:09:09,360
and compare that hash that they get

255
00:09:09,360 --> 00:09:10,800
to the hash that I sent them.

256
00:09:10,800 --> 00:09:12,240
If the two are going to match,

257
00:09:12,240 --> 00:09:14,520
that means there's integrity in the transmission.

258
00:09:14,520 --> 00:09:17,190
If they don't match, it's going to reject that transmission

259
00:09:17,190 --> 00:09:18,690
and ask for it to be sent again

260
00:09:18,690 --> 00:09:20,400
because it assumes it was bad

261
00:09:20,400 --> 00:09:22,410
or there was some kind of an integrity breach.

262
00:09:22,410 --> 00:09:24,480
All right, let's move to our third component

263
00:09:24,480 --> 00:09:25,830
of the CIA triad.

264
00:09:25,830 --> 00:09:28,020
This is the A for availability.

265
00:09:28,020 --> 00:09:29,340
Now availability is going to measure

266
00:09:29,340 --> 00:09:31,440
the accessibility of that data.

267
00:09:31,440 --> 00:09:34,410
Can I get to the data when I want to and where I want to?

268
00:09:34,410 --> 00:09:35,910
That's what we're asking here.

269
00:09:35,910 --> 00:09:38,280
This is increased by designing redundant networks,

270
00:09:38,280 --> 00:09:41,010
by having multiple components doing the same functions.

271
00:09:41,010 --> 00:09:43,230
We're going to talk a lot more about redundant networks

272
00:09:43,230 --> 00:09:44,640
and talk about high availability

273
00:09:44,640 --> 00:09:46,740
and redundancy in a separate lesson

274
00:09:46,740 --> 00:09:48,570
as we start digging more into how we can create

275
00:09:48,570 --> 00:09:50,580
good availability within our networks.

276
00:09:50,580 --> 00:09:51,990
But for now, let's talk about

277
00:09:51,990 --> 00:09:53,970
how availability could be compromised.

278
00:09:53,970 --> 00:09:55,260
Well, there's lots of different things

279
00:09:55,260 --> 00:09:57,210
that you can do to hurt your availability.

280
00:09:57,210 --> 00:09:58,800
You could crash a router or switch

281
00:09:58,800 --> 00:10:00,810
by sending improperly formulated data to it,

282
00:10:00,810 --> 00:10:02,400
like the old ping of death attack,

283
00:10:02,400 --> 00:10:04,140
and that would actually turn off your router or switch

284
00:10:04,140 --> 00:10:05,940
and make the entire network go down.

285
00:10:05,940 --> 00:10:08,730
Therefore, your availability would be failed as well.

286
00:10:08,730 --> 00:10:11,730
Now, you can also flood a network with just so much traffic,

287
00:10:11,730 --> 00:10:13,290
even if it's legitimate requests,

288
00:10:13,290 --> 00:10:15,600
that they simply can't be processed in time.

289
00:10:15,600 --> 00:10:17,340
This is known as a denial of service

290
00:10:17,340 --> 00:10:19,290
or distributed denial of service attack,

291
00:10:19,290 --> 00:10:21,270
and this can make your network fail as well.

292
00:10:21,270 --> 00:10:23,340
This can also happen when you have a good problem.

293
00:10:23,340 --> 00:10:26,040
For instance, if my site became wildly popular overnight

294
00:10:26,040 --> 00:10:27,150
and had a million people try

295
00:10:27,150 --> 00:10:28,890
to access it all at the same time,

296
00:10:28,890 --> 00:10:30,210
that could crash my website

297
00:10:30,210 --> 00:10:32,340
because I became too popular too fast.

298
00:10:32,340 --> 00:10:34,500
This would also be considered a denial of service,

299
00:10:34,500 --> 00:10:36,450
even though it was more of a self-imposed one

300
00:10:36,450 --> 00:10:38,280
by becoming too popular.

301
00:10:38,280 --> 00:10:40,230
Now, you can also have a power outage in your area

302
00:10:40,230 --> 00:10:41,670
and that could cause your network to fail.

303
00:10:41,670 --> 00:10:42,930
Or maybe there's a flood

304
00:10:42,930 --> 00:10:45,330
and your server room is now underwater, and guess what?

305
00:10:45,330 --> 00:10:47,550
That's going to take a hit to your availability as well.

306
00:10:47,550 --> 00:10:49,590
All these are things that can really hurt you.

307
00:10:49,590 --> 00:10:50,850
Maybe you have some really old routers

308
00:10:50,850 --> 00:10:52,290
and switches that are out of warranty

309
00:10:52,290 --> 00:10:53,670
and one of them dies from old age.

310
00:10:53,670 --> 00:10:55,800
Well, that's going to hurt the availability of your network

311
00:10:55,800 --> 00:10:57,480
because the network is going to go down

312
00:10:57,480 --> 00:10:59,190
when that core switch goes down.

313
00:10:59,190 --> 00:11:00,330
I think you get the idea,

314
00:11:00,330 --> 00:11:02,370
but we will dive deeper into this later on

315
00:11:02,370 --> 00:11:04,383
as we cover availability more in depth.