1.4 Network Security

avatar
Created by
Caitlin Allerton

Cards (38)

  • Network policies
    A set of rules by which users of the network must adhere to ensure appropriate working behaviour
    View source
  • User Access Levels

    Setting us different groups of users and giving them different degrees of system access
    View source
  • Penetration testing

    Employing an individual/group permission to try to hack the system in oder to reveal weakness, which can then be improved by the company
    View source
  • What are the different forms of attack?

    - Malware
    - Phishing
    - Brute force
    - Denial of service
    - Data interception and theft
    - SQL injection
    - Social engineering
    View source
  • What is malware?

    - It stands for malicious software and it is software written to infect computers and commit crimes like fraud and identity theft
    - They often exploit vulnerabilities in operating systems software
    View source
  • Types of malware
    - Viruses
    - Trojans
    - Worms
    - Ransomware
    - Spyware
    - Adware
    View source
  • What are the main types of viruses?

    - Standard virus
    - Worms virus
    - Trojan virus
    View source
  • Standard virus

    - These hide in files/programs and replicate themselves in order to spread into other programs/files
    - Their aim is usually to delete or damage data
    View source
  • Worm virus

    These don't necessarily damage data, instead they simply try to replicate themselves, using more and more of the computer's resources, slowing down your computer and making it useless
    View source
  • Trojan virus

    - These are often programs (such as game) which you can use
    - But in the background they will cause harm, like deleting your files, making annoying changes to your computer setup or creating a portal for other users to use in order to gain access to your system
    View source
  • Spyware
    - Aims is to spy o the user and send back as much information about them as possible
    - A common piece of spyware is a key logger, it quietly runs in the background recoring every key you hit, if you type in the same set of character, regularly, this could be identified as your password
    View source
  • Adware
    - It doesn't physically delete or corrupt a system's data
    - Instead it's aim is to download and display unwanted adverts and collect marketing information about your online habits
    - It will often also try to direct you to unwanted websites by changing your default homepage
    View source
  • Malware
    - Files are deleted, become corrupt or are encrypted
    - Computers crash, reboot spontaneously and slow down
    - Internet connections become slow
    - Keyboard inputs are logged and sent to hackers
    View source
  • Why does human error not help to prevent malware?

    - Not installing operating system updates
    - Not keeping anti-malware up to date
    - Not locking doors to computer rooms
    - Not logging off of locking their computer
    - Leaving printouts on desks
    - Writing computer passwords down on sticky notes attached to computers
    - Sharing passwords
    - Losing memory sticks/laptops
    - Not applying security to wireless networks
    - Not encrypting data
    View source
  • What is phishing?

    - Online fraud techniquies used by criminals
    - They are designed to get you to give away personal information (usernames, passwors, card info)
    - They acheive this by disgusing themselves as a trustworthy source in an electronic communication such as an email or fake website
    View source
  • What can phishing do?

    - Accessing a cictim's account to withdraw money, or purchase merchandise and services
    - Open bank accounts and credit cards, cashing illegitamate cheques
    - Gain access to high value corporate data
    - Financial services can blacklist the company, resulting in damage to brand reputation
    View source
  • Brute force attack
    - A trail and error method used by programs/hackers to decode encrypted data such as passwords and keys
    - It uses exhaustive effort to attempt to discover these sensitive details
    - They will reapeatly try to login with 1 passwor after another
    View source
  • Denial of service attack

    - Also known as a DoS attack
    - Involves flooding a server with useless traffic causing the server to become overloaded and unavaliable
    - Many well known DoS attacks have exploited limitations in the TCP/IP stack
    View source
  • What are the damages of a DoS attack?

    - Loss of access to a service for customers
    - Lost revenue
    - Lower productivity
    - Damge ro reputaion
    View source
  • Data interception and theft
    The unauthorised act of stealing computer-based information from an unknowing victim with the intent of compromising privacy or obtaining confidential information
    View source
  • SQL injections

    - SQL stands for Structured querying language used to work with databases
    - This is a code injection technique used to exploit weaknesses in a website form
    - Makes use of vulnerabilities in poorly coded database applications
    - Code can be entered into text boxes and is then executed by the server
    View source
  • What are the damages that an SQL injection can cause?

    - Contents of databases can be output, reavealing private data
    - Data in the database can be amended or deleted
    - Spread viruses
    - Corrupt data in databases
    View source
  • White-hat hackers

    - Opposite of black-hat, known as "ethical hackers", often experts in compromising computer security

    - They use their abilities for good, ethical and legal resources

    - Often employed to test security and find flaws that can be fixed
    View source
  • Grey-hat hackers

    - Doesn't work for personal gain, but may technically commit crimes

    - Attempt to compromise with computer systems without permission (which is illegal) but then informs the organisation of the fact
    View source
  • Black-hat hackers

    - Criminals who perform illegal activities for personal gain

    - The typical "hacker" that is portrayed by the media
    View source
  • Types of software that can help to prevent maleware

    - A firewall
    - Spam filter
    - Anti-virus software
    - Anti-spyware software
    - Anti-spam
    View source
  • How to prevent against phishing?

    - Have an awareness of spotting fake emails and websites

    - Don't disclose personal or corporate information

    - Disable browser pop-ups
    View source
  • How to prevent against brute force attack?

    - Network lockout policy: locks account after 3 password attempts

    - Using progressive delay: this is where, if you get the password wrong it will lock you out for a certain amount of time

    - People/Staff training: using effective, strong passwords with symbols, letters, numbers and mixed cases

    - Using challenge response techniques (I'm not a robot, reCAPTCHA forms)
    View source
  • How to prevent a denial of service attack?

    - Having a strong firewall

    - Packet filters on router

    - Configuring the web server this would be done by the network manager and they would add additional modules to a web server that have the ability to spot when denial of service attacks are taking place

    - Auditing, logging and monitoring of systems (this won't prevent DoS attacks but it will help you to identify it quickly)
    View source
  • How to prevent data interception and theft?

    - Encryption of data packets/frames

    - Using passwords, locking computers, logging off, being aware of how to use portable media

    - Network forensics
    View source
  • Network forensics
    Your network manager could run monitoring software so monitor data packets and see where they have gone
    View source
  • Encryption
    This would make it difficult for packets to be intercepted and decrypted
    View source
  • How to prevent SQL injections?

    - Validation on input boxes, this would make it so that only the correct information can be inputted and nothing more

    - User access levels: this allows you to set databases permissions, this would prevent certain users modifying a database table

    - Penetrating testing: this is where you employ hackers to hack your own system so you can identify any vulnerabilities and weakness and make changes to your system
    View source
  • Network policies

    - Acceptable use Policy (AUP)

    - Backup Policy

    - Disaster Recovery Policy
    View source
  • Acceptable use Policy (AUP)

    They may include rules / procedures such as:
    - Use complex passwords

    - Have different levels of access (only certain people in a company can access sensitive data)

    - Locking computers if the user leaves their desk

    - No installing of software and downloading files from the WWW

    - No use of USB sticks
    View source
  • Backup Policy

    They may include rules / procedures such as:
    -The person responsible for backing up

    -The time and frequency that data should be backed up

    -The media on which back ups should be stored on

    -The location of the storage of backups (offsite)

    -The data to be backed up (all or changes since last backup etc.)
    View source
  • Disaster Recovery Policy

    They may include rules / procedures such as:
    -The person responsible for backing up

    -The media on which back ups have been stored and its location

    -The organisations who will help supply the resources / hardware to get the system back up and running.
    View source
  • What physical security can you install?

    - Alarms
    - Cameras
    - Door locks
    - Security guards
    - Guard dogs
    - Fences (parameter)
    - Biometric sensors
    View source