network threats

avatar
Created by
Dion

Cards (6)

  • MALWARE (software designed to cause harm or damage to a computer)
    • viruses: Programs embedded (hidden) within other files. They replicate themselves and become part of other programs. Viruses often cause damage by deleting or modifying data.
    • worm: Programs similar to viruses except that they are not hidden within other files. Worms often spread through emails.
    • trojans: Programs which pretend to be legitimate but in reality are malware. They are often disguised as email attachments. Trojans cannot spread by themselves - instead they deceive a user into installing the program.
  • SOCIAL ENGINEERING (manipulate people into giving up their personal information)
    • phishing: sending emails or text messages (SMs) claiming or appearing to be from a bank/ e-commerce site asking for personal details.
    • vishing: phone calls
    • human error: ignore rules, or accidentally or deliberately break them
    • blagging: inventing a scenario to persuade a victim to give out information
  • HACKING
    • brute force: program to find a password by trying all possible combinations of characters until correct one
    • denial of service (DoS): computer used to prevent a server from performing its tasks by bombarding the server with requests and the server is tied up trying to handle all the DOS requests - difficult for it to respond to legitimate requests.
    • data interception & theft: shouldering, gaining access of a computer (irl) and man in the middle attack (communications between two parties is intercepted)
    • SQL injection: inputted as data, which can cause errors or unintended operations.
  • penetration testing is the process of testing a system to see if it can be penetrated by an attacker
    • external: position of hacker targeting email servers, web servers, firewalls to see if a hacker can get in and how far and what they can do
    • internal: position of user to see how much damage it could cause
  • PREVENTING 1
    • anti-malware: detects, prevents, removes malware on a system eg harmful programs, important files eg OS from being changed / detected, viruses (regular updates)
    • firewall: application preventing unauthorised connections to & from Internet / private network (eg access from where, type of traffic, web site addresses) / accessing suspicious sites (acting as proxy server)
    • password protection: validation techniques & access levels
    • user access levels: limits actions user can take, reducing the chance of threats
  • PREVENTING 2
    • encryption: altered with secret code and are unreadable to unauthorised parties.
    • physical security: cctv, security locks and guards