1.4 Network Security Flashcards
To get a nine, obviously (35 cards)
Define malware
Software which is specifically designed to disrupt, damage or gain unauthorised access to a computer system (e.g. viruses, worms, Trojan horses, ransomware, spyware, adware, scareware, etc.)
Define phishing
The fraudulent practice of sending emails purporting to be from reputable companies in order to include individuals to reveal personal information (e.g. to find passwords and credit card numbers)
Define brute force attack
A trial and error method of attempting passwords and pin numbers. Automated software is used to generate a large number of consecutive guesses (e.g. by trying every word in the dictionary)
Define denial of service attack
Flooding a server with useless traffic causing the server to become overloaded and unavailable
Define data interception and theft
The unauthorised act of stealing computer-based information from an unknowing victim with the intent of compromising privacy or obtaining confidential information
Define SQL Injection
A technique used to view or change data in a database by inserting additional code into a text input box, creating a different search string
Examples of threats of networks
Malware, phishing, brute force, denial of service, data interception and theft, SQL injection, people as a ‘weak point’ in secure systems
What are the signs/effects of malware?
1) Files are deleted, become corrupt or are encrypted
2) Computers crash, reboot spontaneously and slow down
3) Internet connections become slow
4) Keyboard inputs are logged and sent to hackers
How do viruses attach and spread?
Viruses attach by copying themselves to certain files. Users spread them by copying infected files and activate them by opening infected files.
How do worms attach and spread?
Worms are like viruses but they self-replicate without any user help, meaning they can spread very quickly. They exploit weaknesses in network security.
How do Trojans work?
Trojans are malware disguised as legitimate software. Unlike viruses and worms, Trojans don’t replicate themselves - users install them not realising they have a hidden purpose.
What are the effects of phishing?
1) Accessing a victim’s account to withdraw money or purchase merchandise and services
2) Open bank accounts and credit cards, cashing illegitimate cheques
3) Gain access to high value corporate data
4) Financial services can blacklist the company, resulting in damage to brand reputation
What are the effects of a brute-force attack?
1) Theft of data
2) Access to corporate systems
What are the effects of a denial-of-service attack?
1) Loss of access to a service for customers
2) Lost revenue
3) Lower productivity
4) Damage to reputation
What are the effects of data interception and theft?
1) Usernames and passwords compromised, allowing unauthorised access to systems
2) Disclosure of corporate data
3) Theft of data
4) Can sell personal information on the dark market
What are the effects of SQL Injection (Structured Query Language)?
1) Contents of databases can be output, revealing private data
2) Data on the database can be amended (altered) or deleted
3) New rogue (unauthorised) records can be added to the database
What does SQL Injection give criminals?
SQL injection gives criminals easy access to insecure data. SQL injections are pieces of SQL typed into a website’s input box which then reveal sensitive information.
Give examples of people as a weak point
1) Not installing operating system (OS) updates
2) Not encrypting data
3) Not keeping anti-malware up to date
4) Not applying security to wireless networks
5) Sharing passwords
What is caused by people being careless?
Many system vulnerabilities are caused by people being careless. Social engineering is a way of gaining sensitive information or illegal access to networks by influencing people (e.g. telephone calls or phishing emails)
What should organisations do to prevent vulnerabilities?
1) Regularly test the network for security weaknesses and investigate problems
2) Use passwords
3) Enforce user access levels
4) Install anti-malware and firewall software
5) Encrypt sensitive data
What is penetration testing?
When organisations employ specialists to simulate potential attacks on their network. Pentesting is used to identify possible weaknesses in a network’s security by trying to exploit them. The results are then reported back.
What is anti-malware software?
Anti-malware software is designed to find and stop malware from damaging a network and the devices on it (e.g. anti-virus programs which isolate and destroy computer viruses)
What are firewalls?
Firewalls are a type of anti-malware software. Companies use firewalls to block unauthorised access. Firewalls examine all data entering and leaving the network and block any potential threats.
What are user access levels?
User access levels control which parts of the network different groups of users can access (e.g. business managers will have a higher access level allowing them to access more sensitive data, like pay info and have write access to files that others can only read). User access levels help limit the number of people with access to important data, so help prevent insider attacks on the network.