1.4 - Network security

avatar
Created by
Leo von Malottki

Cards (41)

  • Network security
    Keeping networks, computers and the files, data and programs stored on them safe from attack, damage and unauthorised access
    View source
  • Threats to networks and computer systems
    • Internal sources
    • External sources
    View source
  • Malware
    Any kind of malicious program that is installed on a computer system with the intention to cause damage and disrupt its functionality or to steal information
    View source
  • Viruses
    • Computer program hidden within another program
    • Executed when host program is run
    • Can delete data or change system files
    • Can fill up hard drive
    View source
  • Worms
    • Do not need to be hosted in another program
    • Create a 'back door' for hacker to take over infected computer
    • Self-replicating
    • Use up computer resources and affect performance
    View source
  • Trojans
    • Programs users are tricked into installing under pretence they are legitimate and useful
    • Can delete files and use back doors to send information to hacker
    View source
  • Ransomware
    • Encrypts files on infected computer and only decrypts them once payment is made
    • Sometimes doesn't actually encrypt anything but still scares users into paying
    View source
  • Spyware
    • Comes packaged with other software
    • Gathers information about user and sends it to criminal
    • Includes keyloggers to obtain passwords and login details
    View source
  • Pharming
    • Users directed to fake website via malware on computer or DNS server poisoning
    View source
  • Social engineering
    Security attack that involves tricking or manipulating people into giving away critical information or access details
    View source
  • Phishing
    • Uses fake emails and websites to trick people into giving away sensitive data and information
    View source
  • Pretexting
    • Criminal invents a scenario to persuade victim to divulge information they might not otherwise
    View source
  • Shouldering
    • Finding out login details, passwords and PINs by watching people enter them
    View source
  • Brute force attack
    • Hacker attempts to crack password by systematically trying different combinations of letters and numbers until correct one is found
    View source
  • Denial of service (DoS) attack
    • Designed to bring down servers or websites by flooding them with superfluous bogus requests
    View source
  • Distributed denial of service (DDoS) attack
    • Uses a large number of compromised machines (botnet) to send huge number of login requests
    View source
  • Packet sniffing
    • Intercepting data using packet analysers as it is being transmitted across a network
    View source
  • Man-in-the-middle (MITM) attack

    • Intercepting a device's connection to the internet, often by luring users into using a fake Wi-Fi hotspot
    View source
  • SQL injection
    Bypassing security to circumvent the need to enter legitimate login credentials and gain access to a database
    View source
  • Penetration testing
    1. Testers take on role of hackers and try to gain unauthorised access in a controlled attack
    2. Assesses security awareness of users
    3. Demonstrates effectiveness of network security policies
    4. Checks ability to respond to security incidents and recover data
    View source
  • Anti-malware software
    • Performs real-time scans of incoming network traffic
    • Performs periodic scans of whole system
    • Quarantines detected malware to prevent it running
    View source
  • Penetration testing

    A controlled attack to identify weaknesses and vulnerabilities in computer systems so that they can be addressed
    View source
  • Penetration testing

    • Assesses the security awareness of users to see how likely they are to fall for social engineering ploys
    • Demonstrates the effectiveness of network security policies
    • Checks the organisation's ability to respond to security incidents and to recover any data that has been lost or compromised following an attack
    View source
  • Anti-malware software

    Software designed to detect and remove malware
    View source
  • How anti-malware software protects systems
    1. Performs real-time scans of incoming network traffic to detect whether they have been infected with a virus
    2. Performs periodic scans of the whole system looking for malicious applications
    3. If a virus or other malware is detected or manages to install itself it is quarantined to prevent it from running and allow users to attempt to clean or remove it
    View source
  • Anti-malware software

    • Often uses heuristic analysis to detect previously unknown viruses as well as new variants of viruses already in circulation
    • Suspect code can be tested in a sandbox to simulate what would happen if the program was allowed to run
    View source
  • Anti-malware software needs to be able to get regular updates from the internet as it relies on using up-to-date definitions of the viruses and malware that are known about and how to identify them by their code
    View source
  • Firewall
    A device or software designed to prevent unauthorised access to a network
    View source
  • How firewalls work
    1. Inspect and filter incoming and outgoing data packets to ensure they meet the configured security criteria
    2. If a packet does not meet the security criteria it is not allowed through
    View source
  • Firewalls
    • Protect a network or computer from attempts by hackers to break in from the outside
    • Protect against attempts by malware to send data packets out of the network from infected machines
    View source
  • User access levels
    Different user groups have different permissions to access software, hardware and files
    View source
  • User access levels
    • Prevent normal users from installing new software so malware cannot be installed
    • Limit access to confidential information to only those who need it to protect against insider attacks
    View source
  • Passwords
    Help prevent unauthorised access to a network or computer
    View source
  • Passwords
    • Should be long and use a combination of letters, numbers and symbols to be difficult to crack
    • Should not be used for multiple accounts and should never be written down
    • Should not use personal information that could be guessed
    View source
  • Two-factor authentication (2FA)

    Adds an extra layer of security to passwords by requiring a code from another device the user has
    View source
  • Biometric authentication

    Security process that uses unique biological characteristics to verify identity
    View source
  • Encryption

    Protects data so it cannot be read by unauthorised persons
    View source
  • Encryption
    • Wi-Fi networks should use secure encryption like WPA2
    • Files on a network or removable storage can be encrypted
    View source
  • Physical security
    Protecting hardware, software, networks and data from physical actions that could cause harm
    View source
  • Physical security measures
    • Keeping servers in a locked room
    • Ensuring backups are kept off-site in a different secure location
    View source