Identifying and preventing vulnerabilities

avatar
Created by
Chloe Lynch

Cards (18)

  • How to prevent vulnerabilities
    Penetration testing
    Anti-malware software
    Firewalls
    User access levels
    Passwords
    Encryption
    Physical Security
  • Penetration Testing
    practice of deliberately trying to find security holes in your own system
  • Goal of Penetration Testing
    identify targets
    identify possible entry points
    attempt to break in
    report back findings
  • Anti-malware software
    will detect malware such as viruses, worms, trojans and spyware
  • What happens when Anti-malware software detects malware
    when malware detected it is send to the anti-virus company where the malware is verified
    once verified the company creates a signature of the virus
    the signature is added to the virus database and computers will run an update
  • Viruses can morph to avoid detection from anti-malware software which makes it harder to create a signature
  • Encryption
    a way of securing data so that it cannot be read without the encryption key
  • How Encryption works
    passwords stored by websites are almost always stored in an encrypted form
    if hacker obtains the data in the password database, they will not be able to read passwords easily
    devices and computers can also have their storage and hard disk data encrypted
  • Encryption of transmitted data
    HTTPS (Secure HyperText Transfer Protocol)
    your web browser sends it key and form data, encrypting it with the server's key
    the server encrypts the web page you request using your web browser's key
  • Encryption of individual files
    files can be encrypted individually on a computer using a password so only people with the password can view the file
    software such as zip files allow encryption to be applied
  • Encryption of drives
    ordinary computer drives can be encrypted so that a password is needed to access the infomation
    for removeable media, special hardware can be bought which encrypts data on the disk
  • Firewalls
    separate a trusted network from an untrusted network
    data is sent around a network in small packets of infomation which are checked to see where they are coming from / going to
    packets that dont match filtering rules are dropped (packet filter)
    firewalls can be run on dedicated hardware or as software
  • Firewall capabilities
    prevents attackers from gaining access to computers on a network
    can block certain malicious computers by filtering packets from a certain IP address
    can prevent access to certain ports on the network (port blocking)
    malicious or inappropriate websites can be blocked
    dedicated hardware firewalls are expensive
    software firewalls will slow down a computer
  • User Access Levels
    Access rights may be set on disks, folders and even individual files
    People on different levels have different levels of access
    e.g. admin, teachers and students in schools have different levels of access to data
  • Password policy
    passwords are often checked as they are created to make sure that the conform to the parameters given in a required policy
  • Password policies feature examples
    minimum length of characters
    include at least one lowercase letter
    include at least one uppercase letter
    include at least on special character / symbol
    change password every month
  • Physical Security
    where hardware, software and networks are protected by physical methods
  • Examples of Physical Security
    Security lighting
    fingerprint scanners
    swipe cards