network threats

    avatar
    Created by
    Dion

    Cards (6)

    • MALWARE (software designed to cause harm or damage to a computer)
      • viruses: Programs embedded (hidden) within other files. They replicate themselves and become part of other programs. Viruses often cause damage by deleting or modifying data.
      • worm: Programs similar to viruses except that they are not hidden within other files. Worms often spread through emails.
      • trojans: Programs which pretend to be legitimate but in reality are malware. They are often disguised as email attachments. Trojans cannot spread by themselves - instead they deceive a user into installing the program.
    • SOCIAL ENGINEERING (manipulate people into giving up their personal information)
      • phishing: sending emails or text messages (SMs) claiming or appearing to be from a bank/ e-commerce site asking for personal details.
      • vishing: phone calls
      • human error: ignore rules, or accidentally or deliberately break them
      • blagging: inventing a scenario to persuade a victim to give out information
    • HACKING
      • brute force: program to find a password by trying all possible combinations of characters until correct one
      • denial of service (DoS): computer used to prevent a server from performing its tasks by bombarding the server with requests and the server is tied up trying to handle all the DOS requests - difficult for it to respond to legitimate requests.
      • data interception & theft: shouldering, gaining access of a computer (irl) and man in the middle attack (communications between two parties is intercepted)
      • SQL injection: inputted as data, which can cause errors or unintended operations.
    • penetration testing is the process of testing a system to see if it can be penetrated by an attacker
      • external: position of hacker targeting email servers, web servers, firewalls to see if a hacker can get in and how far and what they can do
      • internal: position of user to see how much damage it could cause
    • PREVENTING 1
      • anti-malware: detects, prevents, removes malware on a system eg harmful programs, important files eg OS from being changed / detected, viruses (regular updates)
      • firewall: application preventing unauthorised connections to & from Internet / private network (eg access from where, type of traffic, web site addresses) / accessing suspicious sites (acting as proxy server)
      • password protection: validation techniques & access levels
      • user access levels: limits actions user can take, reducing the chance of threats
    • PREVENTING 2
      • encryption: altered with secret code and are unreadable to unauthorised parties.
      • physical security: cctv, security locks and guards