Data security

Question 1

Network security

why do networks bring new risks that were not there with stand alone computers?

Answer 1

If a hacker gains access to one computer then he can access the whole network -everyone’s data

Question 2

What are 10 ways that your data is at risk?

Answer 2

1) Malware
2) Phishing
3) People being a ‘weak point’
4) Brute force attacks
5) Denial of service attacks
6) Data interception / theft
7) SQL injections
8) Poor network policies
9) Pharming
10) Spyware

Question 3

what is malware?

Answer 3

Malware is any software that can harm a computer or user

Question 4

Malware is any software that can harm a computer or user.

Give four examples of types

Answer 4

Viruses
Spyware
Adware
Pharming

Question 5

Types of malware - Viruses

give the three main types

Answer 5

1) Standard virus
2) Worms virus
3) Trojan virus

Question 6

Types of malware - Viruses

What is a standard virus (rather than a worm or Trojan virus)

Answer 6

A standard virus will hide in files / programmes and replicate themselves in order to spread. their aim is usually to delete or damage data

Question 7

Types of malware - Viruses

What is a worm virus (rather than a standard or Trojan virus)

Answer 7

These don’t necessarily damage data, they tend to replicate themselves using more and more of the computers resources to slow down and make your computer useless

Question 8

Types of malware - Viruses

What is a Trojan virus (rather than a worm or standard virus)

Answer 8

these look like normal, useable programmes like a game but in the background they are causing harm like deleting files or changing the computer set up or creating a portal for others to gain access to your system

Question 9

Types of malware - Spyware

what does it do?

Answer 9

it aims to spy and send back key info (passwords, usernames, purchases made etc)

Question 10

Types of malware - Spyware

A common piece is a key logger - what does it do?

Answer 10

It quietly runs in the background recording every key you hit. If you type in the same set of characters, regularly, this could be identified as your password.

Question 11

Types of malware - Spyware

why do they collect the data?

Answer 11

The reason for collecting this data is so that ‘senders’ of the spyware can use this information to steal your identification or sell your information to third parties who will then target you with advertisements.

Question 12

Types of malware - Adware

what does it do?

Answer 12

it doesn’t delete or damage data
it will display adverts or try to direct you to websites by changing your default homepage - all to try to get you to buy stuff

Question 13

Types of malware - Pharming

what is it?

Answer 13

Pharming malware seeks to change the IP address stored in the DNS (or cached on our computer) to another IP address so that the user is sent to a phoney website instead of the one they intended.

Question 14

Types of malware -
scareware
what is it?

Answer 14

This kind of malware often comes in the form of a pop up telling you that you have a virus. The pop up will them advertise purchasable software hoping that you will pass over your money.

Question 15

Types of malware -
Ransomware
what is it?

Answer 15

This malware will seek to lock your computer making it useless. It will then demand that you pay a sum of money in order for you to get your computer working again

Question 16

Types of malware -
toolkits
what is it?

Answer 16

These pieces of malware contain a set of tools, which once installed, allow a criminal to access your computer at an administrator level, allowing them to do pretty much what they like.

Question 17

What is Phishing?

Answer 17

Phishing seeks to acquire sensitive information about a user such as their usernames, passwords, bank details etc.

The way in which this is done is usually through the form of direct electronic communications (emails / phone calls).

These emails or phone calls try to impersonate legitimate companies (such as banks) and ask you to give away sensitive information.

Question 18

Data security

What are brute force attacks?

Answer 18

criminals will use trial and error to hack an account by trying thousands of different possible passwords against a particular username.

They will repeatedly try to ‘login’ with one password after another.

This threat can be easily reduced by ensuring that a system locks an account if more than three unsuccessful password attempts have been made.

The threat can also be reduced by ensuring that all users have complex passwords as these are less likely to be ‘tried’

Question 19

Data security

What are Denial of Service attacks (DoS)?

Answer 19

This is done by acquiring multiply computers (often through malware) to repeatedly try to access (or log into) a website.

This sudden, massive increase in traffic puts the web server under extreme pressure and will ultimately cause the server’s CPU and memory to be under so much strain that the website will crash.

Criminals may then demand money in return for the attack to be stopped.
Or criminals will do this to punish websites that they deem unethical or corrupt.

Question 20

Network security - preventative measures

what are 8 ways to prevent vulnerabilities?

Answer 20

1) Penetration testing
2) Network forensics
3) Network policies
4) Antimalware software
5) firewalls
6) User access levels
7) Passwords
8) Encryption

Question 21

Network security - preventative measures

what is penetration testing?

Answer 21

Getting an expert to simulate attacks such as DoS, Brute force etc.
What is learned can then improve security

Question 22

Network security - preventative measures

What are network forensics?

Answer 22

Network traffic is monitored by software.

In the event of an attack, this monitoring can play an important part in finding out how the attack was carried out and also by whom.

The monitoring software will monitor data packets and so after an attack, suspicious data packets can be analysed forensically.

Question 23

Network security - preventative measures
How can Network policies help?
What should they include?

Answer 23

Networks should have an Acceptable Use Policy (AUP)
They may include rules / procedures such as:
Use complex passwords
Have different levels of access (only certain people in a company can access sensitive data)
Locking computers if the user leaves their desk
No installing of software and downloading files from the WWW
No use of USB sticks

Question 24

Network security - preventative measures
How can Back up policies help?
What should they include?

Answer 24

Networks should also have a Backup Policy
They may include rules / procedures such as:
The person responsible for backing up
The time and frequency that data should be backed up
The media on which back ups should be stored on
The location of the storage of backups (offsite)
The data to be backed up (all or changes since last backup etc.)

Question 25

Network security - preventative measures
How can Disaster Recovery policies help?
What should they include?

Answer 25

Networks should also have a Disaster Recovery Policy
They may include rules / procedures such as:
The person responsible for backing up
The media on which back ups have been stored and its location
The organisations who will help supply the resources / hardware to get the system back up and running.

Question 26

Network security - preventative measures
How can a Firewall help?
What should they include?

Answer 26

When files are sent across the internet, they are broken down into small packets of data.

The part of the computer which receives these packets is made up of 256 ports (you can think of these ports like a country’s ports, which manage people in and out of the country)

A firewall monitors the data which flows through the ports.

They also keep ports closed and open only those that they expect data to be sent to. For example, incoming emails are usually sent to port 110.

Having ports closed protects the computer from hackers, plus its continual monitoring will help detect hacker activity.

Question 27

Network security - preventative measures
How can User Access Levels help?
What should they include?

Answer 27

This is where users of a computer system will be given different access rights depending on their role in the company.

What this means is that depending on their role in the company, some users will have access to certain parts of the system with other parts inaccessible.

For example, in a school, students will only have access to their documents within their own account, whereas the network manager will have access to all accounts and all students documents.

Access levels are important to ensure that employees cannot view sensitive company information (payroll etc) and cannot sabotage vital system data.

Question 28

Network security - preventative measures

How can Passwords help?

Answer 28

Passwords are in place to ensure that a network has no unauthorised access.

It is important that passwords are strong (long and with a combination of alpha and numeric characters) so that they are harder to crack under a Brute Force Attack.

They should also be changed regularly.

Question 29

Network security - preventative measures

How can Encryption help?

Answer 29

Encryption is where data is scrambled before being sent across a network so that it is unreadable if intercepted.

To encrypt data, an encryption key is used which will convert ‘plain text’ into ‘cipher text’.

An encryption key is an algorithm which will systematically alter each piece of data in a file. For example, a key may convert each letter in a text file to the next letter in the alphabet:
e.g. ‘hello’ becomes ‘ifmmp’

For the ‘cipher text’ to be converted back to ‘plain text’, the same key is required by the recipient to reverse the encryption.