CS (Security + Networks) Flashcards
(14 cards)
Different forms of attacks on networks?
Malware, phishing, brute force, DDoS, sql injection, and data interception
What is malware?
software written to infect computers. exploit vulnerabilities in operating system software. can be viruses, trojans, spyware, ransomeware etc
What is phishing?
online fraud technique used by criminals with the intention of trying to give them sensitive information.
What is brute force attack?
trial and error method used by programs to decode encrypted data like passwords and keys.
What is distributed denial of service?
flooding a server with useless traffic and it becomes overloaded and unavailable.
What is data interception and theft?
an attacker monitors data streams to and from a target in order to get sensitive information. technique known as ‘sniffing’.
What is SQL injection?
injects malicious SQL code into an application, allowing the attacker to view or modify a database
How do you protect yourself from malware?
firewall, anti-virus, anti spyware
latest software security updates
staff training + backup files
How do you protect yourself from phishing?
strong security software
staff training- spotting fake emails
-not disclosing any information
-disabling browser pop-ups
How do you protect yourself from brute force attacks?
network lockout policy
progressive delays
staff training
challenge response techniques
How do you protect yourself from DDoS?
firewall
packet filter on routers
monitoring systems
configuring web server
How do you protect yourself from data interception?
encryption
staff training
virtual networks
investigating network vulnerabilities
How do you protect yourself from SQL injections?
penetration testing
database permissions
parameter queries
7 most common prevention methods?
physical security
encryption
passwords
user access levels
firewalls
anti-malware software
penetration testing
