1.4 | Network Security

Cards (27)

  • Malware is a type of software that is designed to cause damage to a computer system or to steal private information.
  • Viruses are a type of malware and malicious software designed to cause harm to a network or computer system. The virus attaches itself to programs or files on a computer or server which can then affect all components of an operating system.
  • Worms don't need to attach to a program, instead it replicates itself in order to spread to other computers. They often use computer networks.
  • A Trojan horse is a malicious computer programs that is designed to access a computer through misleading the victim. For example an email claiming to be a bank and asking to download security software.
  • Social Engineering is the process of manipulating people into giving out personal information or performing actions that are harmful to them. An example is Phishing telephone calls. The hacker will request similar prompts to a bank or any sensitive information.
  • A brute force attack is an attempt to crack a password or username. This involves the hacker trying possible passwords and passphrase until the correct one is found.
  • Denial of Service attack is a method of overloading a website with unwanted traffic. This makes the website very slow potentially causing the server to lock up or crash.
  • Data Interception and theft is the act of intercepting the travelling data/ packets. To prevent it, all data should be encrypted.
  • SQL injection is a technique used to gain access to a database through the use of input boxes for users to enter passwords or users. The hacker uses SQL statements that will be executed by the website and update the database that the website is using. To prevent this, every time a user is able to type in text, it should be checked to see that it doesn't include malicious code.
  • Penetration Testing is a tool that is used to test if networks are secure. The tests include a qualified person in a controlled environment tries to deliberately break into a system and explores potential vulnerabilities to expose weaknesses in the system so they can not be maliciously exploited.
  • Anti-malware software is software designed to constantly check for symptoms of an attack. If a virus or other piece of malware is detected, it will be prevented from operating and the file will be "quarantined" to prevent further harm.
  • Firewalls can be a piece of software that performs a 'block' between a potential attacker and the computer system. It can monitor application and network usage and has the ability to block access from certain computer users and disable traffic.
  • What are user access levels also known as?
    System access rights
  • What is the purpose of user access levels?
    To allow a system administrator to set up a hierarchy of users with different permissions
  • How do lower level users differ from higher level users in terms of access?
    Lower level users have limited access, while higher level users can access sensitive data
  • How does a school network illustrate user access levels?

    • Students can read and write to their own user area
    • Students can read but not write in a shared area
    • Staff can read work in student folders but cannot write
    • Staff can create, edit, and delete files in the student shared area
  • What is a password?
    A string of characters used to gain access to a service or system
  • What is a biometric password?
    A password validated by fingerprint readers, iris scanners, or facial recognition software
  • What is the purpose of special hardware "dongles"?
    To be inserted into the computer before anyone can access it
  • What might a password policy enforce?
    It may enforce strong passwords, check password length, and require regular changes
  • Why are longer passwords more secure?
    Because they are more difficult to guess
  • What is encryption?
    It is the process of translating data into code so that only authorized users can read it
  • What is required to decrypt an encrypted file?
    A key
  • What is the Caesar Cipher?
    A simple encryption method that shifts letters a certain number of places in the alphabet
  • If the key for a Caesar Cipher is 3, what is the decrypted message for "ABZOVMQBA"?
    "DECRYPTED"
  • What does physical security refer to?
    The most basic level of security
  • What are some measures of physical security?
    • Lock the computer room when not in use
    • Keep keys safe
    • Use fingerprint scanners and swipe cards
    • Restrict access to USB ports and floppy disk drives
    • Install surveillance cameras
    • Use lockable computer cases
    • Secure backup tapes and discs