network security

Cards (32)

  • Malware
    Any type of harmful program that seeks to damage or gain unauthorised access to your computer system
  • Virus
    • Can replicate itself and spread from system to system by attaching itself to infected files
    • Is only activated when opened by a human
    • Can change data or corrupt a system so that it stops working
  • Worm
    • Can replicate itself and spread from system to system by finding weaknesses in software
    • Does not need an infected file or human interaction to spread
    • Can spread very quickly across a network once it has infiltrated it
  • Trojan
    A harmful program that looks like legitimate software so users are tricked into installing it, and secretly gives the attacker backdoor access to the system
  • Spyware
    • Secretly records the activities of a user on a computer, with the main aim of recording usernames, passwords and credit card information, which is then secretly passed back to the attacker
  • Keylogger
    • Secretly records the key presses of a user on a computer, with the main aim of recording usernames, passwords and credit card information, which is then stored or sent back to the attacker
    • Can be downloaded or plugged into the USB port
  • Ransomware
    Locks files on a computer system using encryption so that a user can no longer access them, and the attacker demands money from the victim to decrypt (unlock) the data
  • Attackers usually use digital currencies like bitcoin which makes it hard to trace them
  • SQL Injection

    A malicious SQL query (command) is entered into a data input box on a website, which can trick the website into giving unauthorised access to the website's database
  • If the website is insecure
    The SQL query can view and edit the contents of a database or even gain administrator privileges
  • DoS (Denial of Service) attack

    When a computer repeatedly sends requests to a server to overload the system, which will slow the system and may take websites offline temporarily
  • DDoS (Distributed Denial of Service) attack

    A coordinated attack using a botnet of infected systems to overload a server with requests
  • Botnet
    A large group of devices controlled and used maliciously by an attacker
  • Brute-Force Attack

    Every possible combination is tested in order from start to finish, which is not a quick method but should break the password eventually, and can be sped up if multiple computer systems are used at the same time
  • Social Engineering

    Tricking others into revealing their personal data by posing as a trusted source
  • Social Engineering

    • Impersonating an IT technician of a school via email and asking for a student's username and password
  • Data Interception

    Data packets on a network are intercepted by a third party (e.g. a hacker) and copied to a different location than the intended destination
  • Packet Sniffers

    Software used to intercept and analyse data packets
  • Penetration tests

    Carried out as part of ethical hacking to review the system's security, find any risks or weaknesses, and fix them
  • Internal tests

    To see how much damage could be done by somebody within the company with a registered account
  • Targeted tests

    Conducted by the company's IT department and the penetration team cooperating together to find faults in the system
  • Anti-malware software

    Used to locate and delete malware, like viruses, on a computer system
  • How anti-malware software works

    1. Scans each file on the computer and compares it against a database of known malware
    2. Identifies and deletes files with similar features to malware in the database
  • There are thousands of known malware, but new forms are created each day by attackers, so anti-malware software must be regularly updated to keep systems secure
  • Roles of anti-malware software

    • Checking all incoming and outgoing emails and their attachments
    • Checking files as they are downloaded
    • Scanning the hard drive for viruses and deleting them
  • Firewall
    Manages incoming and outgoing network traffic by processing each data packet to check whether it should be given access to the network by examining the source and destination address
  • Roles of a firewall

    • Blocking access to insecure / malicious web sites
    • Blocking certain programs from accessing the internet
    • Blocking unexpected / unauthorised downloads
    • Preventing specific users on a network accessing certain files
  • Rules for choosing a strong password

    • Contains a mix of uppercase and lowercase letters, punctuation and numbers
    • Is of a substantial length (at least 8 characters)
    • Is regularly changed
  • Types of access levels

    • Read-Only (user can only view a file and is not allowed to change any data)
    • Read and Write (user can read and edit the data in a file)
    • No access (user can't view or edit the file)
  • Encryption
    The process of scrambling data into an unreadable format so that attackers cannot understand it if intercepted during transmission
  • How encryption works

    1. The original data (known as plaintext) is converted to scrambled ciphertext using an encryption key
    2. Only at the correct destination will the encryption key be used to convert the ciphertext back into plaintext to be understood by the receiving computer
  • Physical security measures

    • Locks
    • Biometric devices (fingerprint, iris, voice)
    • Keycards
    • Security staff
    • CCTV cameras
    • Alarms