Network Security

Question 1

What is malware?

Answer 1

Software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system

Question 2

Name 6 types of malware

Answer 2

• Ransomware
• Spyware
• Adware
• Trojan
• Virus
• Worms

Question 3

What is ransomware?

Answer 3

Malware where the hacker will prevent you from accessing your data until a ransom is paid

Question 4

What is spyware?

Answer 4

A program that monitors user activities and sends the information back to a hacker

Question 5

What is a trojan?

Answer 5

Malware that downloads onto a device disguised as a legitimate program

Question 6

What is a computer virus?

Answer 6

Self replicating malware that often causes damage by deleting or modifying data

Question 7

What is a worm?

Answer 7

Self replicating malware often not causing damage until it reaches it’s intended target

Question 8

What technical vulnerabilities could a computer have that a hacker could exploit if not dealt with?

Answer 8

• Unpatched software
• Out of date anti malware

Question 9

What is unpatched software?

Answer 9

Software that hasn’t been updated to the latest standard.

Question 10

What is social engineering?

Answer 10

Deception to try to gain personal information

Question 11

Name 2 examples of social engineering

Answer 11

• Phishing
• Shoulder surfing

Question 12

What is phishing?

Answer 12

Emails that try to trick users into giving away personal details

Question 13

What is shoulder surfing?

Answer 13

The ability to get information or passwords by observing as someone types them in

Question 14

Describe 2 examples of shoulder surfing?

Answer 14

• Looking over someone’s shoulder
• Using a CCTV camera

Question 15

What indicators are that an email is a phishing email?

Answer 15

• They don’t say your name
• Strange email address
• A forged link
• Requesting personal information
• A sense of urgency
• Poor spelling and grammar

Question 16

What is a brute force attack?

Answer 16

Trying all possible passwords until the correct one is found

Question 17

What is a Denial of Service (DoS) attack?

Answer 17

Flooding a server or network with pointless requests so that it either fails or slows down

Question 18

What is Distributed Denial of Service (DDoS) attack?

Answer 18

A DoS attack using multiple devices (zombies) to send requests

Question 19

What is data interception and theft?

Answer 19

Stealing data or intercepting it with a man-in-the-middle attack

Question 20

What is a SQL injection?

Answer 20

Typing code into a website to break into the database to retrieve information

Question 21

What is penetration testing?

Answer 21

Hacking your system to test for vulnerabilities, which will then be fixed

Question 22

What is a network policy?

Answer 22

A policy that provides rules and guidelines on what network users can and cannot do

Question 23

What are user access levels?

Answer 23

Different levels of permissions given to users to access facilities on a computer

Question 24

What is encryption?

Answer 24

Converting readable data to an encoded version that can only be decoded with a key

Question 25

What is anti-malware software?

Answer 25

A type of computer program which detects, prevents and removes malware on a system

Question 26

What is a firewall?

Answer 26

A tool that monitors traffic going in and out of a network and either allows it to pass or blocks it

Question 27

What is network forensics?

Answer 27

Monitoring traffic on a network to help identify invasive traffic from hackers or to determine where data is being sent.

Question 28

What methods can be used to keep a network safe?

Answer 28

- Penetration testing - User access levels - Secure passwords - Encryption - Anti-malware software - Firewalls - Physical security

Question 29

How might a hacker try to guess the correct password in brute force attacks?

Answer 29

Using a list of most common passwords

Question 30

How can you help protect against a brute force attack?

Answer 30

- Using strong passwords - Change your password regularly - Strong network policies - Progressive delays - Lock out code - Challenge response

Question 31

What are progressive delays?

Answer 31

Only allow subsequent attempts after a given amount of time for putting your password in

Question 32

What is a lock-out code?

Answer 32

Only allowing a small number attempts of putting your password in, then the user will be locked out of the system

Question 33

Give an example of a challenge response?

Answer 33

‘I’m not a robot’

Question 34

What is spear phishing?

Answer 34

Phishing with an intended target

Question 35

What is the purpose of anti-malware?

Answer 35

To detect, prevent and remove malware

Question 36

What is a disadvantage of anti-malware?

Answer 36

- It can only detect known malware - The longer time a user has gone without updating their anti-malware, the less effective it will be

Question 37

What is more effective? Hardware-based firewalls or software-based?

Answer 37

Hardware-based, but it is more expensive

Question 38

What is physical security?

Answer 38

Using physical means to prevent network threats

Question 39

Name some examples of physical security

Answer 39

- CCTV - Alarms - Door locks - Fences - Security guards