01 Section 2 - Network Security Threats Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

What are the different forms which network attacks come in?

A
passive attack
active attack
insider attack
brute force attack
denial-of-service attack
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a passive attack?

A

When someone monitors data travelling on a network and intercepts any sensitive data they find

  • use network-monitoring hardware and packet sniffer software
  • they are hard to detect if the hacker is quietly listening
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How can you protect against a passive attack?

A

using data encryption for send messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is an active attack?

A

When someone attacks a network with malware or other planned attacks
-they are more easily detected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How can you protect against an active attack?

A

having firewalls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is an insider attack?

A

Someone within an organisation exploits their network access to steal information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a brute force attack a type of, and what is it used to gain?

A

active attack

-used to gain information by cracking passwords through trial and error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a brute force attack?

A

When passwords are cracked through trial and error using automated software to produce hundreds of likely password combinations
-hackers may try lots of passwords against one username or vice versa

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are likely password combinations?

A

Real words with predictable number sequences

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How can you protect against a brute force attack?

A
  • locking accounts after a certain number of attempts

- using strong passwords will reduce the risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is denial-of-service attack?

A

DoS is where a hacker tries to stop users from accessing a part of a network or website
-involve flooding the network with useless traffic, making the network extremely slow or completely inaccessible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is malware?

A

Malicious software

  • software that can harm devices
  • it’s installed on someone’s device without their knowledge or consent
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the typical action of malware?

A
  • deleting or modifying files
  • scareware
  • locking files
  • spyware
  • rootkits
  • opening backdoors
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What ways can malware access a device?

A
  • viruses
  • worms
  • trojans
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is scareware?

A

e.g. tells the user their computer is infected with loads of viruses to scare them into following malicious links or paying for problems to be fixed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is malware in the terms of locking files?

A

Ransomware encrypts all the files on a computer. The user receives a message demanding a large sum of money to be paid in exchange for a decryption key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is spyware?

A

Secretly monitors users actions (e.g. key presses and sends this information to the hacker)

18
Q

What are rootkits?

A

They alter permissions, giving malware and hackers administrator-level access to devices

19
Q

What is opening backdoors in the terms of malware?

A

Holes in someone’s security which can be used for future attacks

20
Q

What is a virus in terms of accessing a device?

A
Viruses attach (by copying themselves) to certain files (e.g. .exe files and autorun scripts)
users spread them by copying infected files and activate them by opening infected files
21
Q

What is a worm in terms of accessing a device?

A

Worms are like viruses but they self-replicate without any user help, meaning they can spread quick
-they exploit weaknesses in network security

22
Q

What is a trojan in terms of accessing a device?

A

They are malware disguised as legitimate software

  • they don’t replicate themselves
  • users just install them not realising they have a hidden purpose
23
Q

What is social engineering?

A

Social engineering is a way of gaining sensitive information or illegal access to networks by influencing people

24
Q

What are the different types of social engineering?

A
  • over the telephone, someone ringing and pretending to be someone else and asking for information
  • phishing - phishing emails
25
Q

What is social engineering over the phone?

A

Someone rings up an employee of a company and pretends to be a network admin or somebody within the organisation
-the social engineer gains the employee’s trust and gets them to disclose confidential information

26
Q

What is phishing?

A

Where criminals send emails or texts to people claiming to be from a well-known business

  • the emails are sent to thousands of people and often contain spoof versions of the companies website
  • claim that a user should update their personal information, so criminal can steal their information
27
Q

What are the defences against social engineering?

A
  • email programs, browsers and firewalls have anti-phishing features
  • often giveaways such as poor grammar on the emails
  • treating emails with links with caution, especially if they ask you to fill in information
28
Q

What networks are vulnerable to SQL injection attacks?

A

Networks which make use of databases are vulnerable to SQL injection attacks

29
Q

What does SQL stand for?

A

Structured Query Language

30
Q

What is SQL?

A

It is one of the main coding languages used to gain information in databases

31
Q

What do SQL injection attacks involve?

A

Pieces of SQL typed into a website’s input box which then reveals sensitive information

  • if a website’s SQL code doesn’t have strong enough input validation then someone could enter a piece of SQL code which allows them to access people’s account information
  • if a website’s SQL code is insecure, SQL injection can be an easy way for hacker to get past a firewall
32
Q

What does a good network policy involve?

A
  • regularly testing and network forensics
  • passwords
  • enforcing user access levels
  • installing anti-malware software and firewall software
  • encrypting sensitive data
33
Q

What does penetration testing involve?

A

when organisations employ specialists to stimulate potential attacks on their network
-used to identify possible weaknesses in a network’s security and trying to exploit them, the results of the pentests are then reported back

34
Q

What does network forensics involve?

A

investigations undertaken to find the cause of attacks on a network, to conduct this an organisation needs to capture packets as they enter the network
-after the network is attacked, the packets can be analysed to prevent future attacks

35
Q

What does passwords in a network policy involve?

A

to help prevent unauthorised users accessing the network

-they should be strong, many character long, combination of letters, numbers and symbols and should be changed regularly

36
Q

What does user access level involve?

A

Controlling which part of a network different groups of users can access
-helps to limit the number of people with access to important data, to prevent an insider attack

37
Q

What does anti-malware software involve?

A

software designed to fins and stop malware from damaging a network

  • antivirus - program which isolates and destroys computer viruses
  • firewalls - to block unauthorised data and examine all data entering and leaving a network
38
Q

What does encryption in a network policy involve?

A

When data is translated into code which only someone with the correct key can access
-it is essential for sending data over a network securly

39
Q

What is encrypted text called?

A

cipher text

40
Q

What is text which hasn’t been encrypted called?

A

plain text

41
Q

What are types of malware?

A
  • scareware
  • spyware
  • rootkits
  • viruses
  • worms
  • trojans