Network security

avatar
Created by
Christelle Nacino

Cards (62)

  • Network
    A group of interconnected computers/devices
  • Network traffic
    Communications sent over a network
  • Data
    Units of information in computing, including integers, characters and Boolean
  • Networks operate on the principles of communication and sharing
  • These principles mean that network traffic and data risk being accessed by people who have no authority to do so (ie hackers)
  • Network attack
    An attempt to gain access to, steal, modify or delete data on a network
  • Forms of network attack
    • Active - where the hacker attempts to modify or delete data, or to prevent a network from operating correctly
    • Eavesdropping (passive) - where the hacker monitors a network in order to gain information
    • External - where someone outside of an organisation attempts to hack its network
    • Internal - where someone within an organisation attempts to hack its network
  • The number of network attacks is growing daily
  • Web server
    A computer that serves web pages to users
  • An example of an active attack is denial of service (DOS) attacks on the internet, which use many internet enabled computers to force a web server offline
  • An example of eavesdropping (passive) is wiretapping, where communications are monitored
  • Networks operate on the principles of communication and sharing. Unfortunately, these principles mean that network traffic and data can be more easily subject to access by people who have no authority to do so.
  • Forms of attack
    • Malware
    • Phishing
    • Brute force
    • Denial of service (DOS)
    • Data interception and theft
    • Structured query language (SQL) injection
    • Poor network policy
    • People
  • Malware
    Malicious software that is designed to hack a system
  • Types of malware
    • Viruses
    • Worms
    • Trojans
    • Spyware
    • Ransomware
  • Viruses
    • Programs embedded (hidden) within other files, replicate themselves and become part of other programs, often cause damage by deleting or modifying data
  • Worms
    • Programs similar to viruses except that they are not hidden within other files, often spread through emails
  • Trojans
    • Programs which pretend to be legitimate but in reality are malware, often disguised as email attachments, cannot spread by themselves - instead they deceive a user into installing the program
  • Spyware
    • Programs that monitor user activities (such as websites visited, usernames and passwords used) and send the information back to a hacker
  • Ransomware
    • Programs that attempt to blackmail a user into making a payment to a hacker, some encrypt documents and will not decrypt them until a ransom is paid
  • Phishing
    Emails that try to trick users into giving away personal details, the phishing email pretends to be a genuine message and tries to deceive the user into following a link to a fake website designed to catch data
  • Brute force
    Where a program is used to find a password by trying all possible combinations of characters until the correct one is obtained
  • Denial of service (DOS)

    Where a computer (or many computers) is used to prevent a server from performing its tasks by bombarding it with requests, making it very difficult for it to respond to legitimate requests
  • Data interception and theft
    Where data is intercepted during transmission using a packet sniffer, which examines data packets and sends the information gathered back to a hacker
  • Structured query language (SQL) injection
    Where SQL code is entered as a data input, which can cause errors or unintended operations
  • Poor network policy
    Where a network does not have security rules in place for users to follow
  • People
    Where users do not adhere to network policy, frequently ignore rules or accidentally/deliberately break them, increasing the chances of a network being compromised
  • Poor network policies tend not to have: levels of access to prevent users from accessing sensitive data unless they are authorised to do so, rules preventing the connection of external devices such as USB memory sticks which may contain and transmit viruses, regulation regarding secure passwords, rules to govern what websites can and cannot be visited, methods to prevent any user wirelessly connecting an unsecured laptop, tablet or smartphone, controls on what facilities can be accessed remotely, a formal backup procedure that is adhered to, a regular maintenance programme that is followed
  • A network manager must attempt to prevent and thwart all these types of threat, and remain aware of new threats as they emerge
  • Networks
    • Operate on the principles of communication and sharing
    • Traffic and data can be more easily subject to access by people who have no authority to do so
  • Network manager
    Ensures the network is safe from attacks and threats
  • Techniques to keep a network safe
    1. Penetration testing
    2. Network forensics
    3. Network policies
    4. User access levels
    5. Passwords
    6. Encryption
    7. Anti-malware software
    8. Firewalls
  • Penetration testing
    Determines how resilient a network is against an attack by probing for potential weaknesses and attempting to exploit them
  • Network forensics
    Monitoring the traffic on a network, copying and storing data packets for later analysis to identify invasive traffic or determine where data is being sent
  • Network policy
    Provides rules and guidelines on what network users can and cannot do
  • Network policy
    • Ensures users have secure, hard-to-guess passwords that are changed regularly
    • Prevents users from connecting unauthorised equipment
    • Gives users only the access levels they need
    • Has regular backup and disaster recovery procedures
    • Includes regular penetration testing and forensic analysis
    • Maintains high security with up-to-date anti-virus and firewalls
    • Prevents physical access to servers
  • User access levels
    Determine the facilities a user has access to, such as software, email, internet, documents, data, installing/removing software, maintaining other users' accounts
  • Restriction of user access levels limits the actions a user can take, thereby reducing the potential of threats
  • Networks operate on the principles of communication and sharing. Unfortunately, these principles mean that network traffic and data can be more easily subject to access by people who have no authority to do so.
  • Password
    Verifies who a user is. Without knowing the password, you cannot use a user ID to sign into a network.