Network Security

avatar
Created by
francesca kabeya

Cards (31)

  • What are prevention methods against malware?
    Install anti-virus software, implement user access levels to prevent standard users from being able to install software, educate users
  • What are prevention methods against brute-force attacks?
    Use longer/complex passwords and use two-factor authentication.
  • What are prevention methods against denial of service attacks?
    Install firewalls to reject packets from the same source/ to limit the number of packets that can be accepted within a time frame.
  • What are methods to prevent SQL injection attacks?
    Input validation so passwords cannot use characters which can be used in SQL injection attacks.
  • What can be used to prevent data encryption/theft?
    Encryption on Wi-Fi networks and not connecting to unsecure public networks. Use MAC authentication so only known devices can connect.
  • What is user-based security?
    Strong passwords
    User-access rights
  • What is network-based security?
    Firewalls
    Anti-malware software
    Regular backups
    Encryption
  • A virus is a type of malware that is attached to another file or program, it deletes data and corrupts files.
  • A worm is a type of malware that is self-replicating and slows down the computer
  • Trojan is a type of malware that slows down the computer and creates backdoors.
  • Ransomware is a type of malware that denies the user access to their system until a ransom is paid.
  • Social engineering involves tricking or manipulating people into giving away critical information or access details. Methods include phishing, pretexting and shouldering.
  • Brute force attacks involve the use of automated software to crack passwords in order to gain access to a system.
  • Denial of service attacks occur when a server is flooded with bogus requests in order to bring it down.
  • Data interception and theft can occur through packet sniffing or the use of fake Wi-Fi hotspots as data travels across a network to its destination.
  • SQL injection uses SQL commands entered into input fields on online forms to gain access to databases
  • What is a common method for breaking into databases on a network?
    SQL injection. An SQL query is entered into the input box on a website. The code allows the hacker to bypass security this gives them unauthorised access.
  • How can networks prevents SQL injections?
    Prohibit characters being used in SQL queries with input validation. Use input sanitation to remove special characters before processing it.
  • What is a denial of service attack?
    A website is flooded with useless communications which prevents legitimate users from gaining access.
  • How does a firewall protect a network?
    Inspects data packets being sent and received to make sure they meet the security criteria and rejects those that did not meet the security criteria.
  • Why is encryption needed?
    To follow legislation
    So data will be meaningless if intercepted/cannot be understood
  • How do firewalls protect computer systems and data?

    Scan incoming and outgoing traffic, compares traffic to a criteria. Blocks traffic that is unauthorised.
  • How does anti-malware help protect a computer system?

    Scans for viruses and malware. If identified alerts user and requests action such as deleting malware or stopping the download of malware.
  • How can encryption help protect computer systems?

    Scrambles data using an algorithm so it cannot be understood if intercepted. A key is needed to decrypt.
  • How can user-access levels protect a computer system?

    Limits the data users can access, only allows specific users to access data to prevent accidental changes to compromise security.
  • Penetration testing is used to underside weaknesses in a computer system so they can be addressed.
  • User based security includes strong user access rights and strong passwords
  • Firewalls control the transmission of data in and out of the network against a criteria If the data doesn’t meet the criteria it is rejected. Firewalls also manage which devices can be connected by using MAC authentication.
  • Anti-malware software is used to detect and eliminate malicious software.
  • Brute force attacks are automated software to repeatedly try and crack passwords in order to gain access to a system.
  • How can you prevent SQL injection?
    Use input validation to set details that don’t permit characters which are used in SQL injection attacks.
    Input sanitisation to remove special characters and SQL command words from input before processing it.