computing systems security

avatar
Created by
Anisha

Cards (32)

  • This lesson covers the following from specification 1.6 System Security: Forms of attack, Threats posed to networks, Malware, Phishing, People as the weak point in secure systems (social engineering), Brute force attacks, DDOS, Data interception and theft, SQL injection, Poor network policy, Identifying and preventing vulnerabilities, Penetration testing, Network forensics, Network policies, Anti-malware software, Firewalls, User access levels, Passwords, Encryption
  • Passive attack
    Where the hackers are quietly listening, hard to detect
  • Active attack
    A planned attack, easily detected
  • Insider attack
    Someone within an organisation exploits their network access to steal information
  • Malware
    • Defence - firewall
  • Brute force attack
    Cracking passwords through trial and error to gain information, uses automated software to produce hundreds of likely password combinations
  • Brute force attack defence
    • Locking accounts after a certain number of attempts, using strong passwords
  • Denial-of-service attack

    Flooding the network with useless traffic, makes the network extremely slow or inaccessible
  • Malware
    Otherwise known as 'malicious software', software which can be damaging to a computer or network, examples include viruses, worms and trojan horses
  • Viruses
    • Malicious software designed to cause harm to a network or computer system, attaches itself to programs or files, can affect all components of an operating system, around 82,000 viruses are made each day, typically requires user interaction or intervention to spread, famous viruses include Stuxnet and CryptoLocker
  • Worms
    • Replicates itself in order to spread to other computers, often using a computer network, exploits vulnerabilities across the computer network, does not need to attach to a program, is a standalone program that can spread independently without needing user interaction
  • Trojan Horses
    • Disguised as genuine software but contains malicious code, designed to access a computer by misleading users of its intent, example: email appearing to have been sent from a bank asking to download security software which would improve security where in fact the software intention is to give unauthorised access to the system
  • Types of malware to research
    • Spyware
    • Adware
    • Botnet
    • Bug
    • Rootkit
    • Scareware
  • Data Interception and Theft
    Data travels across networks in packets, packets can be intercepted, hackers use network-monitoring hardware and software such as packet sniffers, defence - data encryption, data can also be intercepted physically, for example portable hard drives and other external hardware can be stolen
  • Social Engineering
    Relies on human interaction (social skills), commonly involves tricking users into breaking normal security procedures, method does not revolve around technical cracking techniques such as worms or viruses
  • Computer Phishing
    Form of social engineering, designed to acquire sensitive information such as usernames, passwords, card details etc., most common phishing attacks are sent through email, defence - many email programs, browsers and firewalls have anti-phishing feature
  • Poor Network Policy
    Could expose a network to numerous threats, users could be unaware of the risks of using software, opening emails, turning off firewalls etc., most networks restrict users to what they can/cannot do
  • SQL Injection
    Where an attacker can execute malicious SQL statements using software which controls a database management system, can affect websites that use SQL-based databases, companies that use SQL include Google, YouTube, PayPal, eBay, Cisco, exploits that have been identified must be patched quickly to reduce impact on businesses therefore important for organisations to update infrastructure regularly
  • SQL Injection
    • By exploiting the vulnerabilities of SQL through injection, attackers could access systems containing customer data, intellectual property and other sensitive information (exposing data), altering data, resulting in data integrity issues, delete data
  • Identifying and preventing vulnerabilities: Threats to networks are far more prevalent in recent years. How can organisations protect themselves from attack?
  • Network Forensics
    A branch of digital forensics, covers the forensic investigation of networks and their devices attached to them, primarily involves the examination of data sent across a network (or networks), may involve the use of various forensic techniques including 'packet sniffing'
  • Penetration Testing

    Tests performed under a controlled environment by a qualified person, checks for current vulnerabilities and explores potential ones in order to expose weaknesses in the system so they cannot be maliciously exploited, may use tools to help them in their duties, performed by a 'penetration tester'
  • Anti-malware software

    • Software with the aim of preventing malware from entering the system
  • Firewalls
    • Software that performs a 'barrier' between a potential attacker and the computer system, can be held on a server, or a standalone computer, many have this feature as part of an anti-virus package, not 100% effective - an attacker could exploit a vulnerability, monitor application and network usage, has the ability to block access from certain computer users and disable processes which may be perceived as a threat
  • Network Policies
    Outlines rules for network access, most common is Acceptable Use Policy (AUP), defines how a system can be secured through specific rules or requirements, explains how particular users should access and treat a system, specifies rules for use
  • User access levels
    Also known as system access rights, comes under system access control, allows a system administrator to set up a hierarchy of users, lower level users would have access to limited information and settings, higher level users can access the most sensitive data on the system
  • Passwords
    Typically a string of characters used to gain access to a service or system, discussion point: are there any alternatives to character password entry (e.g. biometrics?), research the Samsung Galaxy 8 - what security features does this device have to replace passwords?
  • Biometric security
    Can be used in addition to 'standard' password entry (via a keyboard), examples include: retina scan, fingerprint, voice, facial recognition, benefits of using biometrics?
  • Secure or Strong Passwords
    • 12 characters or more, the greater the characters, the stronger the password, mixture of capitals, lower case letters, numbers and symbols
  • Protecting password-based systems

    • Systems that use passwords often prevent against people guessing passwords non-stop (brute force) by applying rules: the time gap between entering one password and another, limits to the number of password guesses, complexity requirements of passwords, password encryption, password reset policies
  • Encryption
    Where data is translated into code so that only authorised users, or users with the key can decrypt it, users must need the key in order to decrypt the coded file
  • Caesar Cipher
    Cipher invented by Julius Caesar, designed to keep his messages secret, works by encrypting messages through movement of each letter a certain number of places to the left in the alphabet, key tells us how many places to the left the letters have been moved