network threats Flashcards
(20 cards)
what is malware
software that replicates and fills up disk space and causes damage to data
4 types of malware
trojan, worm, ransomware and spyware
what does the trojan do
o Trojan – malware disguised as legitimate software and once installed, they damage data.
what does the worm do
o Worm – software that replicates across a network and uses up all the bandwidth.
what does ransomware do
o Ransomware – encrypts user’s data until money is paid for a decryption key.
what does spyware do
o Spyware – secretly monitors user’s actions.
what is social engineering
Social Engineering - using deception to manipulate users to gain personal data:
2 types of social engineering and description
o Phishing – fake emails are sent to a person so that they give away personal data.
o Shoulder Surfing – watching a person entering a password and using it to access an account.
what is brute force attack and what can happen to the user’s account
Brute Force Attack:
Uses automated software to crack passwords by trying all the possible combinations.
Gains access to a user’s account so they can view/edit/delete private data.
They can install malware or block your access to your account.
how to prevent brute force attack
To prevent this, you can use firewalls, strong passwords, and two-step verification.
what does (DOS/DDOS) stand for and what does it do
Distributed) Denial of Service
A server is flooded with more requests than it can process.
Server cannot respond so it crashes.
Data Interception and Theft
data that is sent is intercepted by a third-party.
what is SQL injection and how can it be prevented
Uses SQL commands typed into a websites input box to gain access to databases in that network.
websites use input validation that don’t permit characters used in SQL injections.
what is penetration testing
Penetration Testing:
Organisations employ specialists to simulate potential attacks on their network.
Used to identify weaknesses/vulnerabilities in the network’s security so that they can be addressed.
what is the anti malware software and how does it prevent vulnerabilities
Scans the computer for malware and alerts the user.
Requests actions such as stopping the download of malware to protect data.
what is encryption and how does this prevent vulnerabilities
Encryption:
Scrambles data using an algorithm that cannot be understood if intercepted.
Only authorised users can access personal data as a key is needed to decrypt it.
Required to follow Data Protection Act.
what are used access levels and how what do they prevent
Different users have restricted access to data eg only read and not write which prevents accidental changes
how do passwords prevent vulnerabilities and what happens after a set number of failed attempts
must be correctly entered to gain access so stronger passwords make it harder for a brute-force attack to succeed.
Account/device is locked
what is physical security
Physical Security:
o e.g. Locks, Alarms, Security guards, CCTV, Keycard entry, Passcode/Biometric entry to a room.
what do firewalls do to prevent vulnerabilities
Firewalls:
Examines ingoing and outgoing traffic on a network and blocks unauthorised access.
