networks security

avatar
Created by
india short

Cards (28)

  • networks are at risk of attack when people access data and network with no permission to do so
  • there are four kinds of attacks: active, eavesdropping, external or internal
  • external and internal: someone outside or inside the organisation hacks the network
  • active: attempts to modify or delete data or stop network operating correctly
  • threats to networks: malware, phishing, brute force, denial of service, data interception, SQL injection, poor policy or people
  • malware: bad software designed to target system (includes: viruses, worms, trojans, ransomware or spyware)
  • virus: program hidden within files and delete data
  • worms: viruses but not hidden, spread by emails
  • trojans: pretend to be legitimate but aren't, cannot replicate and require user installation
  • spyware: monitor users activity and send info back to hacker
  • ransomware: blackmail user into paying hackers by threats or withholding documents
  • phishing: emails to trick users to give away personal details
  • brute force: a program tries all possible passwords until correct one found
  • DOS: server overloaded with requests so cannot respond to actual requests
  • data interception: data packets taken during transmission by packet sniffers and sent to hacker
  • SQL injection: insert code into SQL query which causes errors
  • poor network policy: no rules for users to follow
  • people: human error
  • network policies have: levels of access, rules, maintenance, password requirements
  • ways to keep networks safe: penetration testing, network forensics, network policies, user access levels, secure passwords, encryption, anti-malware and firewalls
  • penetration testing: tests how resilient a network is to attack and checks for weaknesses
  • network forensics: monitors network traffic, copies data packets and are analysed to identify malicious activity
  • network policies: ensures users don't accidentally or intentionally cause threats
  • user access levels: only allowed to access what's needed on a server in terms of abilities and software
  • secure passwords: harder to guess or crack
  • encryption: disguises data so even if intercepted it is useless to hacker
  • anti-malware: detects, prevents and removes malware by scanning through files and checking against list. Only detects known malware
  • firewall: monitors traffic and either blocks data or allows it to pass through dependent on rules set