1.4 Network Security Flashcards

To get a nine, obviously (35 cards)

1
Q

Define malware

A

Software which is specifically designed to disrupt, damage or gain unauthorised access to a computer system (e.g. viruses, worms, Trojan horses, ransomware, spyware, adware, scareware, etc.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define phishing

A

The fraudulent practice of sending emails purporting to be from reputable companies in order to include individuals to reveal personal information (e.g. to find passwords and credit card numbers)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Define brute force attack

A

A trial and error method of attempting passwords and pin numbers. Automated software is used to generate a large number of consecutive guesses (e.g. by trying every word in the dictionary)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Define denial of service attack

A

Flooding a server with useless traffic causing the server to become overloaded and unavailable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define data interception and theft

A

The unauthorised act of stealing computer-based information from an unknowing victim with the intent of compromising privacy or obtaining confidential information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define SQL Injection

A

A technique used to view or change data in a database by inserting additional code into a text input box, creating a different search string

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Examples of threats of networks

A

Malware, phishing, brute force, denial of service, data interception and theft, SQL injection, people as a ‘weak point’ in secure systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the signs/effects of malware?

A

1) Files are deleted, become corrupt or are encrypted

2) Computers crash, reboot spontaneously and slow down

3) Internet connections become slow

4) Keyboard inputs are logged and sent to hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How do viruses attach and spread?

A

Viruses attach by copying themselves to certain files. Users spread them by copying infected files and activate them by opening infected files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How do worms attach and spread?

A

Worms are like viruses but they self-replicate without any user help, meaning they can spread very quickly. They exploit weaknesses in network security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How do Trojans work?

A

Trojans are malware disguised as legitimate software. Unlike viruses and worms, Trojans don’t replicate themselves - users install them not realising they have a hidden purpose.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the effects of phishing?

A

1) Accessing a victim’s account to withdraw money or purchase merchandise and services

2) Open bank accounts and credit cards, cashing illegitimate cheques

3) Gain access to high value corporate data

4) Financial services can blacklist the company, resulting in damage to brand reputation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the effects of a brute-force attack?

A

1) Theft of data

2) Access to corporate systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the effects of a denial-of-service attack?

A

1) Loss of access to a service for customers

2) Lost revenue

3) Lower productivity

4) Damage to reputation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the effects of data interception and theft?

A

1) Usernames and passwords compromised, allowing unauthorised access to systems

2) Disclosure of corporate data

3) Theft of data

4) Can sell personal information on the dark market

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the effects of SQL Injection (Structured Query Language)?

A

1) Contents of databases can be output, revealing private data

2) Data on the database can be amended (altered) or deleted

3) New rogue (unauthorised) records can be added to the database

17
Q

What does SQL Injection give criminals?

A

SQL injection gives criminals easy access to insecure data. SQL injections are pieces of SQL typed into a website’s input box which then reveal sensitive information.

18
Q

Give examples of people as a weak point

A

1) Not installing operating system (OS) updates

2) Not encrypting data

3) Not keeping anti-malware up to date

4) Not applying security to wireless networks

5) Sharing passwords

19
Q

What is caused by people being careless?

A

Many system vulnerabilities are caused by people being careless. Social engineering is a way of gaining sensitive information or illegal access to networks by influencing people (e.g. telephone calls or phishing emails)

20
Q

What should organisations do to prevent vulnerabilities?

A

1) Regularly test the network for security weaknesses and investigate problems

2) Use passwords

3) Enforce user access levels

4) Install anti-malware and firewall software

5) Encrypt sensitive data

21
Q

What is penetration testing?

A

When organisations employ specialists to simulate potential attacks on their network. Pentesting is used to identify possible weaknesses in a network’s security by trying to exploit them. The results are then reported back.

22
Q

What is anti-malware software?

A

Anti-malware software is designed to find and stop malware from damaging a network and the devices on it (e.g. anti-virus programs which isolate and destroy computer viruses)

23
Q

What are firewalls?

A

Firewalls are a type of anti-malware software. Companies use firewalls to block unauthorised access. Firewalls examine all data entering and leaving the network and block any potential threats.

24
Q

What are user access levels?

A

User access levels control which parts of the network different groups of users can access (e.g. business managers will have a higher access level allowing them to access more sensitive data, like pay info and have write access to files that others can only read). User access levels help limit the number of people with access to important data, so help prevent insider attacks on the network.

25
What are passwords?
Passwords help prevent unauthorised users accessing the network. Passwords should be strong - many characters long, a combo of letters, numbers and symbols, and be changed regularly.
26
What is encryption
Encryption is when data is scrambled into a code which only someone with the correct key can decrypt, meaning unauthorised users cannot read it. Encryption is essential for sending data over a network securely.
27
What is physical security?
Physical security protects the physical parts of a network from intentional or unintentional damage (e.g. fire, flooding, theft). Physical security can involve many different things such as locks and passcodes to restrict access to certain areas (e.g. server rooms) or surveillance equipment (e.g. cameras or motion sensors to deter intruders)
28
How can we protect against malware?
1) Strong security software (firewall, spam filter, antivirus, anti-spyware, anti-spam) 2) Enabling OS and security software updates 3) Staff training (being cautious of opening email attachments and downloading software) 4) Backup files regularly onto removable media
29
How can we prevent against phishing?
1) Strong security software 2) Staff training (awareness of spotting fake emails and websites) 3) Staff training (not disclosing personal or corporate information 4) Staff training (disabling browser pop ups)
30
How can we protect against brute-force attacks?
1) Network lockout policy (locks account after 3 incorrect password attempts) 2) Using progressive delays 3) Staff training (using effective passwords) 4) Using challenge response (e.g. "I am not a robot" and reCAPTCHA)
31
How can we protect against denial-of-service attacks?
1) Strong firewall 2) Packet filters on routers 3) Configuring the web server 4) Auditing, logging and monitoring of systems
32
How can we protect against data interception and theft?
1) Encryption 2) Using virtual networks 3) Staff training (use of passwords, locking computers, logging off, use of portable media) 4) Investigating your own network vulnerabilities (increased spam emails?) 5) Two-step verification or biometric scanning 6) Changing passwords regularly
33
How can we protect against SQL Injection?
1) Validation on input boxes 2) Using parameters queries 3) Setting database permissions 4) Penetration testing
34
7 common prevention methods:
- Penetration testing - Anti-malware software - Firewalls - User access levels - Passwords - Encryption - Physical security
35
What is social engineering?
The use of deception to manipulate individuals into revealing confidential or personal information that may be used for fraudulent purposes