network security

avatar
Created by
jasleen kaur

Cards (14)

  •  
    Malware
    A term for any software which is designed with malicious intent. Malware may damage the computer, monitor user activity and files or delete or damage data. There are many different types of malware which behave in different ways.
  •  
     
    Social Engineering
    Attempting to gain access to computer systems by targeting the people using the system instead of using technical measures to attack the system itself. People are often the weakest security point in a computer system and examples such as watching someone enter their password or pretending to be their boss and telling them to do something urgently aim
    to take advantage of this fact.
  •  
    Phishing
    Attempting to trick someone in to revealing information such as their password, financial, or other private information by pretending to be someone else. Phishing usually takes place by email, and involves sending an email which pretends to have come from the user's bank or
    other trusted organisation or person.
  • Brute-force attack
    Attempting to guess a code or password by trying every possible solution until the correct one is found. The attack may work through a list of
    common passwords or dictionary words, or simply start with a code of 0000, followed by 0001 etc.
  • Denial of Service Attack
    Attempting to send more traffic or data to a computer system than it is able to handle. If successful, this results in parts of the system, or even
    the whole system, being unable to process the data is receiving and failing.
  •  
    Data Interception
    Attempting to access data whilst it is being transferred between devices, usually over a network. The victim usually has no idea that their data has been stolen, and the attacker may access usernames and passwords or
    whole files.
  •  
    SQL Injection
    Entering SQL code into a data input field on a web site or application. If the system is not correctly coded, and uses a SQL database, the code could be run directly on the database, allowing the attacker to access,
    change or delete the entire database.
  • Penetration Testing
    An authorised hacking attempt where a person or company attempts to hack into a system or network and then reports their finding to the system's owner. This allows security flaws to be fixed before real hackers
    can take advantage of them.
  • Anti-Malware Software
    Software which attempts to detect, prevent and remove malware on a computer system. Anti-Virus software is a common example of anti-
    malware software.
  •  
    Firewall
    A network security device which checks traffic passing through it against a set of rules, only traffic which meets the rules is allowed through. This prevents traffic from unauthorised devices or using unauthorised
    protocols from passing through.
  • User Access Level
    Controlling which aspects of a system or network users can access. Users are allowed access only to the parts of the system the need, preventing them from accidentally or deliberately damaging sensitive parts of the system or accessing sensitive data.
  • Password
    A secret word or phrase, usually provided alongside a username, to control access to a system or network. Only someone who knows the correct password can access the system.
  •  
    Encryption
    The process of converting data so that it cannot be easily read or
    understood without first being decrypted. It is often used to keep important data secure when sharing it over a network.
  •  
    Physical Security
    Securing the physical components of a system or network. This could be
    as simple as locking a portable computer to a desk or advanced as storing servers in a reinforced building with multiple locked doors.