Network security Flashcards
Whats are the forms of attack
Active - A Hacker attempts to delete/modify data or prevent a network from operating correctly
Passive - Hacker monitors a network to gain information
External - Someone outside of the organisation tries to hack the network
Internal - Someone inside the network tries to hack the network
Name some threats to Networks
Malware
Phishing
brute force
Denial of service (DOS)
data interception/theft
Structured query language injection
poor network policy
people
Name the 5 types of malware and what they do
Viruses - programs are hidden within other files the replicate to become a part of other programs they cause damage by deleting/modifying data
Worms - Similar to viruses but not hidden in files they often spread through emails
Trojans - Programs that pretend to be legitimate but malware they trick the user into installing the program
Spyware - Monitors user activities and sends information to hacker
Ransomware - Programs that blackmail the user to pay a ransom like encrypting documents and encrypting them after they have paid
How does phishing work
Tries to trick the user into giving away details they pretend to be genuine (Like a fake roblox website telling you to type in your password)
How does Brute force work
A program tries to crack a password using all possible combinations
Denial of service
A computer or many computer bombards a web server with many requests so that the web focuses on the DOS request leaving the legitimate ones
Data interception and theft
A packet sniffer examines data and send information to the hacker
how does Structured query language work
SQL code is entered as data input this causes errors and unintended operations
Poor network policy
Rules to prevent users form doing certain actions that could harm the network
People
Users may accidentally or deliberate download programs when they are not meant to and the program may contain potential threats
What are the 8 techniques to identify and prevent vulnerabilities/threats name what some do
Penetration testing
Network forensics
Network policies
User access levels
Secure passwords
Encryption - even if the hacker has the data it is disguised so he wont know what it means
anti-malware software - detects prevents and removes malware but if not up to date it is vulnerable to newer malware
firewalls - Blocks unauthorised connections to and from the internet
What is penetration testing
The system is tested to find any vulnerabilities in a network this can be done using a software
How does a secure password prevent threats
Without knowing the password you are unable to access the network
How does having a network policy prevent threats
Having a set of rules lets the users know what they can and cannot do like downloading thing that might have malware and if they break them they can be dealt with