1.4. Network Security

avatar
Created by
.

Cards (51)

  • What is malware?

    Malicious software that harms computer system or steals data.
  • Describe a virus:

    It is attached to a file - it damages, changes, deletes files and are often downloaded from the internet or emails.
  • Describe a worm:

    It doesn't need to be attached to another file - enters through system security gaps and tricks the user into running them.
  • Describe a trojan horse:

    Appears to be a legitimate program, but is trying to steal/delete data - for example, a fake anti-virus program.
  • Describe a ransomware:

    Takes files hostage by encrypting them so they are unreadable - ransom is asked for by hackers before they'll decrypt them.
  • Describe a spyware:

    Monitors what you are doing on your computer and can send information to criminals - for example, a key logger can note the passwords you type in.
  • What is social engineering?

    Tricking people into making mistakes that give away data or make access to networks easier.
  • What are examples of social engineering?

    Phishing, pharming, shoulder surfing, and more.
  • What are examples of malware?

    Viruses, worms, trojan horses, ransomware, and spyware.
  • What is phishing?

    Getting user to reveal important details such as bank passwords - usually from emails that pretend to come from legitimate sources.
  • What is pharming?

    Software that redirects users to a fake website that can steal authentication details when user tries to log in - normally done via viruses.
  • What is shoulder surfing?

    Watching someone enter a password without them knowing and then using it to enter a system.
  • What are brute force attacks?

    Trial and error methods of gaining access.
  • What is an example of a brute force attack?

    Trying to work out someone's password by making a computer generate and try different passwords.
  • What is a botnet?

    A network of computers that hackers secretly have control over.
  • How are botnets formed?
    Computers are infected with malware so they can be forced to secretly do tasks for hackers.
  • How can botnets be used?

    In sending phishing or spam emails, or carrying out DDOS attacks.
  • What does DDOS stand for?

    Distributed denial of service.
  • What do DDOS attacks do?

    They stop websites from loading.
  • How are DDOS attacks carried out?

    Bot computers are used to send repeated requests for data to a website - this overwhelms sever traffic so it won't load for any users.
  • What is the purpose of DDOS attacks?

    To export money to stop the attack, or to harm business productivity, or even for political reasons.
  • What are physical threats?

    Data being physically stolen or damaged.
  • What are examples of physical threats?

    Theft of devices such as USB sticks, or damaging the hardware so data is deleted or corrupted.
  • What is SQL?

    Structure query language.
  • What is a SQL injection?

    A type of attack that involves inserting and executing malicious SQL statements to find data - usually written into search bars are forms on websites.
  • What is SQL?

    A programming language written to search for, add to and change records - it is used for searching in a database of information for particular records and is commonly used in websites.
  • What is the purpose of SQL injections?

    To gain access to important data such as credit card details.
  • What is data interception / theft?

    Finding data whilst it is travelling around and between networks and stealing it.
  • How may data interception or theft be carried out?

    In insecure Wi-Fi networks, or in the ethernet by tapping cables, or physically stealing USB sticks.
  • What is packet sniffing?

    Hackers monitor network traffic to find data worth stealing - inspecting packets to see what sort of data they hold so they only steam useful things.
  • What are network forensics?

    Forensic investigations of networks and attached devices.
  • Why are network forensics carried out?

    To figure out where weaknesses are by examining data packets sent - what they contain and where they are going - as they can be used to gather legal evidence and detect intrusions.
  • What is penetration testing?

    Attempting to hack a network to identify flaws so they can be fixed.
  • What are anti-malware software?

    Software used to prevent malware from entering the system.
  • What are the functions of anti-malware?

    • Quarantine
    • Downloads
  • What is quarantining?

    Malware found on system being quarantined to prevent it from being ran.
  • What do anti-malware do to downloads?

    They scan files being downloaded for threats against a database of known threats.
  • What is a drawback of anti-malware?

    They must be kept up to date as new malware are being produced all the time.
  • What is a firewall?

    A software or hardware that provides a barrier into your computer system.
  • How do firewalls work?

    Only requested traffic can enter the system, which stops unwanted access such as hackers spying on your system - they also scan incoming and outgoing data packets and compare them to rules to decide what to do with them.