Chap 22- Network security Flashcards
(32 cards)
What activities does network security covers? Explain.
•Confidentiality: Keeping data private.
•Correctness(Integrity)
•Avalability
Ways to protect data confidentiality
•Ensuring only authorized users can access parts of Network resources
•Stopping misuse: Authorized people accessing file they aren’t supposed to be.
•Encrypting data: Can’t read w/o the encryption key.
What if the data is lacked of correctness (Integrity)?
-An error in patient’s health record or in manufacturing control system could cause serious consequences
Ways that will disable the availability of the network
•Broken network hardware components
•Corrupted program code
•Virus/DOS that
×Slow down the network performance/stop it working
×Delete data
×Alter data or program code
×Allow data to be stolen or eavesdropped on
What’s DOS & DDOS?
-Denial of service, Distributed Denial of Service
-Attack on a network preventing legitimate users from accessing to its service
Reasons why security is important.
•Required to run organization
-If data lost/fail to fulfil order(DOS) >Lose trust>Bankrupt
-School’s cant run effectively if they can’t access to their data(Timetables,presentation,..)
•Private/Confidential
-If data leak(not secure)>sue>lose trust>Close down
•Financially Valuable
-If business plan to raise revenue is obtained by competitor>Undercut the business/Lose chance to raise
What’s two-factors authentication?
Security check where users have to type secure token from device or SMS from mobile
What are ways to secure data?(as organization)
•Acess control: Controls what permission a user has to particular file
•Firewall: Monitor and contol data that is sent moving from one network to another.
•Physical security: Only authorized people (network technicians & Sysadmin) can physically access.
Why should organisation buy hardware based firewall than using software based?
•More flexiblilty in terms of rules
•Allow faster throughput of data.
What does firewall do?
•Inspects incoming, outgoing data
•Use firewall policy to decide whether to allow data to move from one network to another
•Rules designed to protect from wide range of potential threats
Why is electronic lock system better than traditional?
•Record Entry/Exit times
•Deactivate individual card if employee lose it or leave company
Ways to secure data physically?
•Install burglar alarm
•Security tagging
•Physical locking down equipment (safe)
•Physical guards
•Surveillance Technology
Why is physical security so important?
•Anyone with physical access can easily bypass access control or authentication system.
•Could copy, modify, delete any data on network.
•Install malware to gain remote access
What can firewall policy do?
•Stop certain protocols from being used.(FTP->prevent copying organization data to external sever)
•Block data coming/going to certain Network Address(URL/IP)
[ Eg.Website,server,
computer,another country and organization]
•Stop attempts at hacking by disallowing data matches pattern attacker would use
What can organization do in firewall to meet certain circumstances?
They can customize the firewall policy to meet their circumstances.
What’s NAS? Typical home/organization use consists?
•Network attached storage connected to a network.
•Provide file storage for devices in network.
Home:Single Hard Drive,Associated network hardware
Organization: Several Hard drive
Additional features of NAS?
•Accessible via internet
•Specialist app for smartphones to access files stored on NAS
Mistakes users make with NAS?
•Not changing device’s default password (Use complex)
•Not updating software running on NAS(fix security weaknesses)
Pros & Cons of USB flash drive?
Pros
•Easy to transport
•Cheap for amount of storage available
•Very convenient to use
Cons
•Easily lost large amount of sensitive information on drive
*Use encrypted Flash drive
USB?
Universal Serial Bus
Intentions of cyber attack?
•Make system unavailable
•Delete or modify information
•Gain access to data in system
•Physical damage a device(By overriding safety limits)
Social engineering?
Attacks rely on exploiting human’s behavior to reveal sensitive information
Forms of social engineering?
•Phishing: Attempt to get sensitive information through sms,VC, email, fake web(domain spoofing)
•Pharming: Spread malware that changes IP of domain name to fake web. [Malware can infect DNS->Everyone is redirected to bogus sites]
•Shoulder Surfing:Directly observing a user by looking over shoulder, using hidden cam to gain confidential information.(username,PIN)
How to prevent Pharming?
•Chrck the http address of intended website
•HTTPS? when enter sensitive information
•Install latest security updates
•Install latest antivirus software
