1.4 Network Security

Created by

ilhan

Cards (72)

What is malware?
Malware is any type of harmful program that seeks to damage or gain unauthorized access to your computer system.
View source
How does a virus spread?
A virus can replicate itself and spread from system to system by attaching itself to infected files.
View source
When is a virus activated?
A virus is activated when opened by a human.
View source
What can a virus do once activated?
Once activated, a virus can change data or corrupt a system so that it stops working.
View source
How does a worm differ from a virus in terms of spreading?
A worm does not need an infected file or human interaction to spread.
View source
How quickly can a worm spread across a network?
A worm can spread very quickly across a network once it has infiltrated it.
View source
What is a trojan?
A trojan is a harmful program that looks like legitimate software to trick users into installing it.
View source
What does a trojan do once installed?
A trojan secretly gives the attacker backdoor access to the system.
View source
Do trojans self-replicate?
No, trojans do not self-replicate or infect other files.
View source
What is SQL?
SQL (Structured Query Language) is a programming language used for manipulating data in databases.
View source
What is an SQL injection?
An SQL injection is when a malicious SQL query is entered into a data input box on a website.
View source
How can an SQL injection be exploited?
If the website is insecure, the SQL query can trick the website into giving unauthorized access to the website’s database.
View source
What can an SQL injection be used for?
An SQL injection can be used to view and edit the contents of a database or even gain administrator privileges.
View source
What is a DoS attack?
A DoS (Denial of Service) attack is when a computer repeatedly sends requests to a server to overload the system.
View source
What is the impact of a DoS attack?
A server overload will slow the system and may take websites offline temporarily.
View source
What is a DDoS attack?
A DDoS (Distributed Denial of Service) attack is a coordinated attack using a botnet of infected systems to overload a server with requests.
View source
How does a brute-force attack work?
Every possible combination is tested in order from start to finish.
View source
Is a brute-force attack a quick method?
No, it is not a quick method but it should break the password eventually.
View source
How can a brute-force attack be sped up?
A brute-force attack can be sped up if multiple computer systems are used at the same time.
View source
What is social engineering?
Social engineering means to trick others into revealing their personal data by posing as a trusted source.
View source
Give an example of social engineering.
Impersonating an IT technician of a school via email and asking for a student's username and password.
View source
What is data interception?
Data interception is when data packets on a network are intercepted by a third party and copied to a different location than the intended destination.
View source
What software is used for data interception?
Software called packet sniffers are used to intercept and analyze data packets.
View source
What are the types of malware discussed in the study material?
Virus
Worm
Trojan
Spyware
Keylogger
Ransomware
View source
What are the characteristics of a virus?
Can replicate itself
Spreads by attaching to infected files
Activated when opened by a human
View source
What are the characteristics of a worm?
Can replicate itself
Spreads by finding weaknesses in software
Does not need human interaction to spread
View source
How does ransomware work and why is it difficult to trace attackers?
Ransomware locks files using encryption.
Attackers demand money to decrypt data.
They use digital currencies like bitcoin for anonymity.
View source
What is the difference between a DoS attack and a DDoS attack?
DoS: Single source overloads a server.
DDoS: Multiple sources (botnet) overload a server.
View source
What are the impacts of a DoS attack?
Slows the system
May take websites offline temporarily
View source
What is the process of a brute-force attack?
Tests every possible password combination.
Not quick but will eventually break the password.
Can be sped up with multiple systems.
View source
What is data interception and how is it done?
Data interception involves copying data packets by a third party.
Packet sniffers are used to intercept and analyze data.
View source
What is the purpose of a penetration test?
To review the system's security and find risks or weaknesses
View source
What are the four main types of penetration tests?
Internal tests, external tests, blind tests, and targeted tests
View source
What is the focus of internal penetration tests?
To see how much damage could be done by someone within the company
View source
What do external penetration tests aim to do?
To infiltrate a system from outside the company
View source
What is the purpose of blind penetration tests?
To simulate what a real attacker would do without inside information
View source
How are targeted penetration tests conducted?
By the company's IT department and the penetration team working together
View source
What is the primary function of anti-malware software?
To locate and delete malware on a computer system
View source
How does anti-malware software identify malware?
By scanning files and comparing them against a database of known malware
View source
Why must anti-malware software be regularly updated?
To keep systems secure against new forms of malware
View source