1.3/1.4 Flashcards
what is compression?
the idea of trying to reduce the file size
what is the need of using compression
reducing number of bits in a file
making the storage capacity of the file lower
making data transfer of the file quicker
What is lossy compression?
Removing some of the data=reduce its size.
What is lossless compression?
Making the size of a file smaller without losing any of the information in the file.
advantages/disadvantages of lossy compression?
advantages = reduces file size , suitable for images,sound and videos
disadvantages = some of the data is lost and cannot be recovered , reduces quality of the image/sound ,
advantages and disadvantages of lossless compression?
advantages = none of the data is lost it is encoded differently , can be turned back into the original format , can be used on types of data ,
disadvantages = usually less effective = reducing the file size
what are the advantages of networking?
users can share files.
users can share peripherals: printers and connection to other networks e.g the internet.
users can access their files from any computer on the network
what are the characteristics of local area newtork (lan)
covers a small geographical area located on a single site.
all the hardware for a lan is owned by the organisation using it.
lan are wired with utp cable,fibre optic or wireless using Wi-Fi.
what are the characteristics of wide area network (wan)
covers a large geographical areas , connecting lan’s together.
infrastructure between the lans is leased from telecommunication companies who own and manage it.
wan’s are connected with telephone lines , fibre optics cables or satellite links
which hardware are needed for home solution
personal home devices for connecting to the internet tend to be multi-functions , all - in one devices acting as
switch
router
wireless access point
disadvantages of networking?
malware and viruses spread very easily between computers.
if a server fails the computers connected to it may not work.
the computer may run more slowly if there is a lot of data travelling on the network.
what is the client-server model?
where devices are reliant on services provided and managed by a central server;
what are the roles of client-server model?
manages access to the internet
provides email services
runs a backup of data
what are the advantages of client-server model?
- easier to manage security files
- easier to take backups of all shared data
- easier to install software updates to all computers
what are the disadvantages of client -server model?
- can be expensive to set up and maintain
- requires it specialists to maintain
- users will lose access if the server fails
what is the peer to peer model?
.
peer is a computer on a network and is equal to all other peers.
what is the role of the peer to peer model?
- peers serve their own files to each other
- each peer is responsible for its own security
-each peer is responsible for its own backup - peers usually have their own printers
- you can send print jobs to another peer to process but that peer would need to be switched on to be able to communicate with the connected printer
advantages of the peer to peer model?
- very easy to maintain
- cheaper to set up
- no expensive hardware to be required
disadvantages of the peer to peer model
- the network is less secure
- users will need to manage their own backups
- can be difficult to maintain a well ordered file store
what are the factors that affect the performance of a network?
bandwidth
the number of users
transmission media
the error rate
latency
what does network performance mean?
concerned with how well data is transmitted through the network
how does bandwidth affect the performance of the network?
measures how much data can be transferred over a network in a given time
how does the number of users affect the performance of the network?
the bandwidth of the network is shared between the users of a network
how does transmission media affect the performance of the network?
what the data is transmitted through.data can be carried around networks via cables or wirelessly
how does error rate affect the performance of the network
the number of errors that occur during data transmission
how does latency affect the performance of the network
measure of how much time it takes for a packet of data to travel across the network.
what is the hardware needed to connect stand-alone computers into a lan?
nic (network interface controller)
switch
wap
router
tranmission media: copper cables , fibre optic cables , radio waves
what does the nic do
enables the computer to be connected to a network.
what does the switch do
connects wired devices on a lan
what does the wap do
connects wireless devices on a lan
what does the router do?
connects different types of network together
what does the tranmission media do?
copper cable - transmits electrical signals (typically used in ethernet cables)
fibre optic cables - made up of thin glass strands (or fibres) which transmit data as pulses of light
radio wave - uses parts of em spectrum to connect devices wirelessly
what is the internet?
worldwide collection of computer networks
what is a dns
domain name system, it matches each domain name to its matching ip address
what is hosting
websites and others internet services needed to be placed on a web server.
what is the cloud?
storage, services and applications that are accessed via the internet
what the webserver?
this is a dedicated computer on the internet that responds to http and https requests by returning web pages requested by a client computer
what is a star topology?
all nodes are connected through a central point typically a switch or a hub.
what is a mesh topology?
all nodes are involved in the transmission of a message
node
device which is connected to a network
adv of star topology
fast - each node has its own connection to the centre.
reliable - if a fault occurs in one link other links are not neccessary affected
disadv of star topology
if the central switch/hub fails then the whole network goes down.
adv of mesh topology
full mesh - if you get a break in any of the connections you can still route your traffic
having no central switch means there is no single point of failure
disadv of mesh topology?
full mesh - expensive
usually implemented wirelessly
what is ethernet?
traditional protocol used to connect devices in a wired lan
it defines how data should be physically transmitted between different devices, using MAC addresses to determine which device the data should be sent to.
adv of ethernet
stable connection
more secure
signal quality usually better
disadv of ethernet
expensive
difficult to add extra devices
devices can be used in one devices
what is wi-fi
set of protocols that defines how network devices can communicate wirelessly using radio waves.
what does the wi-fi protocol determine?
frequency band and channel that should be used.
data transmission rates
how devices should be authenticated when they attempt to join a network.
adv of wifi
cheap setup costs
can handle large numbers of users
connect multiple devices without the need for extra hardware.
disadv of wifi
tends to have slower data transfer speeds
connection isn’t stable
less secure then a wired network as it is more vulnerable to hacking.
what is bluetooth?
another form of wireless protocol that can be used over short distances using ultra high frequency (uhf) radiowaves
it is very secure and does not require a clear line of sight between the two devices
encryption?
the process of disguising a message so that it cannot be understood by anyone but its intended recipient.
how is encryption done?
by scrambling data into cipher text using a ‘master key’ created from ssid of the network and the password.
data is decrypted by the reciever using the same master key , so this key is not transmitted.
handshaking protocol is used to ensure that the reciever has a valid master key before transmission to the device begins.
protocols used for wireless encryption include…
WEP , WPA , WPA2
IPv4 format?
written in 4 numbers
separated by periods (.) e.g 193.74.211.63
each number in the range 0-255
IPv6 format?
written in 8 numbers
separated by colons
each group is made up of four hex values representing 16-bits
why is MAC address used?
its used to route frames on a local area network.
e.g 00:0a:95:9d:68:16
each mac address is unique to every network interface card.
what is the purpose of using ip addressing on a wide area network
is used to route packets on a wide area network
format for an iPv4 address?
32 bits in size.
written as four numbers separated by periods (.), each number in the range of 0-255
e.g 69:89:31:212
what is a mac address?
unique number that identifies the actual device that is connected to a lan
its part of the NIC inside the device and is assigned when the NIC is manufactured and cannot be changed
what does the IP address represent
location on the device on the network.
every time a device connects to the internet it is assigned an ip address to use for that session by the internet service provider.
why is IPv4 being replaced by IPv6
because the unique static address are running out.
format for an IPv6 address?
128 bits
written in 8 groups, separated from by colons, each group is made up of four hex values representing 16 bits
what are standards?
official definitions or rules that exist for various aspects of computing
why are hardware and software standards important?
they allow different manufacturers to make components and programs that are compatible and will work with each other. without standards only hardware and software made by the same company could be used together
it is clear that networks require standards in order to work conveniently
give examples of when standards are used in computer science?
ascii/unicode - character sets
ieee - standards for computer cables
html - standards for creating websites
documents, image and sound standards e.g pdf
what is a protocol?
set of rules that allow two devices to communicate
what are the common protocols?
TCP/IP (TRANSMISSION CONTROL PROTOCOL/INTERNET PROTOCOL/
HTTP (HYPER TEXT TRANSFER PROTOCOL)
HTTPS (HYPER TEXT TRANSFER PROTOCOL SECURE)
FTP ( FILE TRANSFER PROTOCOL)
POP (POST OFFICE PROTOCOL)
IMAP (INTERNET MESSAGE ACCESS PROTOCOL)
SMTP (SIMPLE MAIL TRANSFER PROTOCOL)
TCP (transmission control protocol)?
provides an error free transmission between 2 routers
IP (internet protocol)?
route packets across a wide area network
along with TCP its makes up the TCP/IP protocol stack.
HTTP (hypertext transfer protocol)?
a client server method of requesting and delivering HTML web pages.
HTTPS (hypertext transfer protocol secure)
encryption and authentication for requesting and delivering html web pages.
used when sensitive information needs to be transferred e.g passwords
FTP ( file transfer protocol)
used for sending files between computers usually on wide area network.
POP (post office protocol)
retrieves emails from a mail server
removes it from server
transfers it to your device
SMTP ( simple mail transfer protocol)
sends email to an email server
IMAP (internet message access protocol)
used by mail clients to manage remote mail boxes and retrieve email from a mail server
what is the concept of layering?
to divide the complex task of networking into smaller , simpler tasks that work with each other
the hardware and/or software for each layer has a defined responsibility.
each layer provides a service to the layer above it
adv of layering?
reduces the complexity of the problem into manageable sub-problems.
devices can be manufactured to operate at a particular layer.
products from vendors will work together.
4 layer model or TCP/IP stack:
layer 4 - application layer - browsing using HTTPS
layer 3 - transport layer - TCP error handling
layer 2 - internet layer - IP routing
layer 1 - networking layer - mac frames (sent over fibre optic)
different forms of attack?
malware
phishing
brute force
denial of service
data interception and theft
SQL injection
what is a malware?
software which is specifically designed to disrupt, damage or gain unauthorised access to a computer system.
e.g virus , worms , trojan horses , ransomware , spyware
what is phishing?
use fake emails and websites to trick people into giving away their sensitive data and info.
what is social engineering?
form of attack that involves tricking people into giving away critical info or access details. e.g phishing
what is brute force attack?
trial and error method of attempting passwords and pin numbers .
automates software is used to generate a large number of consecutive guesses
e.g by trying every word in the dictionary
what is denial of service attack
flooding a server with useless traffic causing the server to become overloaded and unavailable.
what is data interception and theft?
the unauthorised act of stealing computer-based info from an unknowing victim with the intent of compromising privacy or obtaining confidential info
e.g sniff username
what is SQL injection?
a hacker tries to insert extra SQL commands into input boxes on web forms in web pages hoping the server will carry these commands in error
threats to a malware?
files are deleted, become corrupted or are encrypted.
computer crashes, reboots spontaneously and slow down.
internet connection becomes slow.
keyboard inputs are logged and sent to hackers
threats to phishing?
access a victims account to withdraw money etc
open bank accounts and credit cards cashing illegitimate cheques.
gains access to high value corporate data
financial service can blacklist the company, resulting in damage to brand reputation
threats to a brute force attack
theft of data
access to corporate systems
threats to a denial of service attack
loss of access to a service for customers.
loss of revenue
lower productivity
damage to reputation
threats to data interception and theft attack
usernames and passwords compromised allowing unauthorised access systems.
disclosure of corporate data
theft of data
threats to SQL injection
contents of databases can be output, revealing private data
data in the database can be amended or deleted
new rogue records can be added to the database
threats to a social engineering?
not installing operating systems updates.
not keeping anti-malware up to date
not keeping doors to computer rooms
not logging off or locking their computers
common prevention methods?
penetration testing ( used to test to identify vulnerabilities)
anti-malware software.
firewalls (designed to prevent unauthorised access to networks , they inspect and outgoing data packets)
user access levels
passwords
encryption
physical security
common prevention methods?
penetration testing ( used to test to identify vulnerabilities)
anti-malware software.
firewalls (designed to prevent unauthorised access to networks , they inspect and outgoing data packets)
user access levels
passwords
encryption
physical security
prevention of malware?
strong security software (firewall , spam filter , anti virus , anti spyware)
enabling OS and security software updates.
educate users being cautious of opening email attachments and downloading software.
backup files regularly onto removable device
prevention of phishing?
strong security software
educate users on awareness of spotting fake emails and websites
educate users not disclosing personal or corporate info.
staff training: disabiling
prevention of phishing?
strong security software
educate users on awareness of spotting fake emails and websites
educate users not disclosing personal or corporate info.
staff training: disabiling
prevention of phishing?
strong security software
educate users on awareness of spotting fake emails and websites
educate users not disclosing personal or corporate info.
staff training: disabiling
prevention of phishing?
strong security software
educate users on awareness of spotting fake emails and websites
educate users not disclosing personal or corporate info.
staff training: disabiling
prevention of brute force attack
network lockout policy: locks account after 3 passwords attempts
using progressive delays
staff training: using effective passwords with symbols, letters numbers and mixed cases.
using challenge response e.g ‘i am not a robot’ and reCAPTCHA
prevention of denial of service attack
strong firewall
packet filters on routes
configuring the web server
auditing , logging and monitoring of systems
prevention of data interception and theft
encryption
using virtual networks
staff training: use of passwords, locking computers, logging off, use of portable media
investigating your own networks vulnerabilities
preventing SQL injection?
validation on input boxes
using parameter queries
setting databases permission
penetrating testing
