1.4 Network Security

avatar
Created by
Grace Saunders

Cards (17)

  • Malware
    Software that is malicious, i.e. it wants to cause harm to either you or the computer system
  • Types of malware
    • Viruses
    • Worms
    • Trojan Horses
  • Virus
    Malicious software designed to cause harm to a network or computer system. It attaches itself to programs or files on a computer or server and can affect all components of an operating system.
  • Worm
    Does not need to attach to a program, instead it replicates itself in order to spread to other computers, often using a computer network and exploiting vulnerabilities across the network.
  • Trojan Horse
    A malicious computer program that is designed to access a computer by misleading users of its intent.
  • Social Engineering
    Attacks that rely on human interaction (social skills). They usually involve an attacker contacting a legitimate computer user and tricking them into breaking normal security procedures.
  • Brute Force Attack
    An attempt to crack a password or username or find a hidden web page, or find the key used to encrypt a message, using a trial and error approach and hoping, eventually, to guess correctly.
  • Distributed Denial of Service (DDoS) Attack

    A method of overloading a website with unwanted traffic. Typically many hundreds of thousands of "zombie" computers are used to access a web site at the same time, flooding it with traffic that it cannot handle.
  • Data Interception and Theft
    Data travels across networks in packets, and these packets can be intercepted at any point in their journey. It is a relatively simple task to re-assemble messages from unencrypted packets and the data can be intercepted and stolen.
  • SQL Injection
    When a website has an input box for users to enter information such as usernames and passwords, it could be possible to type text that also contains SQL statements that will be executed by the web site and update the database that the website is using.
  • Penetration Testing
    A tool used to test that networks are secure. Tests are performed under a controlled environment by a qualified person, who deliberately tries to break into a system or simulate a genuine cyber attack.
  • Anti-Malware Software
    The most common form of anti-malware software is given the generic title of "anti-virus software", although in practice anti-virus packaged can be very powerful and will do much more than just prevent viruses.
  • Firewall
    A piece of software that performs a 'block' between a potential attacker and the computer system. It can monitor application and network usage and has the ability to block access from certain computer users and disable traffic that may be perceived as a threat.
  • User Access Levels
    Allow a system administrator to set up a hierarchy of users who have different permissions when they access different parts of the system. Lower level users would have access to limited information and settings, whereas higher level users can access the most sensitive data on the system.
  • Passwords
    A string of characters used to gain access to a service or system. It is also possible to use a biometric password, where a fingerprint reader, iris scanner or even facial recognition software is used to validate that the user is actually genuine.
  • Encryption
    Where data is translated into code so that only authorised users, or users with the key can decrypt and read. Users must have the key in order to decrypt the coded file.
  • Physical Security
    The most basic level of security which includes locking computer rooms, restricting access to vulnerable parts of the computer, and securing backup media.