1.3.3 PART 2 Network Security Flashcards
Malware?
Any software designed to harm computer systems or networks
Types of malware?
Trojan horse
Spyware
Virus
Worm
Adware
Ransomware
Trojan horse?
Disguises as a legitimate program;
can’t self-replicate, Requires human intervention to install
Spware
Steals data can monitor key strokes
Virus
Attaches & self-replicates- self executing
Worm?
Standalone program that can spread between file;
Doesn’t need to attach to files
Self-executing
Aims to spread across networks
Adware?
Displays unwanted adverts for user on computer system
What’s a cyberattack?
An attempt by hackers to damage or destroy a computer network or system.
Types of cyberattacks?
Phishing
Pharming
Social Engineering
Brute force attack
(Distributed) Denial of service (DDos/ Dos)
SQL Injection
Phishing?
Fake email from trustworthy source to steal money, gain access to sensitive data, or install malware.
Pharming
Redirect a site’s traffic to a bogus sit, which attempts to steal details
Social Engineering?
Manipulating someone to provide data / info.
Denial of Service?
Flooding a server with requests, preventing client requests receiving responses
If distributed- multiple attacking computers flood one server with requests.
SQL Injection?
Instantiating an SQL command into a database, in order to retrieve data.
Buffer overflow?
Occurs when a program accidently writes data to a location too small to handle it
Methods of network protection?
Anti-malware
Anti-spyware
Education / training
Passwords
Firewalls
Proxy servers
Code quality
Anti-malware / anti-spyware?
Detects malware / spyware & removes it.
Education / training?
Teaching people to:
Check emails thoroughly
Identify bogus links
Use portable media
How can passwords protect?
Companies / individuals can incorporate:
A strong password policy
Use a password manager
Changing passwords yearly
2FA
Auto-update and Auto backup?
An up-to-date OS improves security
Can return to backup save points- prior to malware installation
What is a firewall?
Hardware/software that monitors, filters and blocks traffic/ packets being transmitted, sitting between two networks
Acting as a barrier between a trusted and untrusted network, using static filtering or stateful inspection
What is the purpose of a firewall?
Attempts to prevent malicious traffic entering the trusted network
Can be configure to prevent certain data leaving the network
What is static filtering?
Checking the headers of packets arriving from an untrusted network
Checks against a set of rules (packet filters) defined by the network admin
What type of firewalls use stateful inspection?
Sophisticated firewalls, due to needing to carry out more intelligent filtering.
What is stateful inspection?
Dynamic filtering; continuously monitoring inbound/outbound traffic, after a connection is established.
Analyses packet types and the payload.
What is a prerequisite of stateful inspection?
Firewall must maintain a connection table
Tracks all conversations between networks.
What’s a proxy server?
An intermediate stage when requesting resources from a server.
This proxy makes a web request on behalf of the terminal- hiding the IP address of the requesting device- Enables anonymous surfing
Benefits of a proxy server?
Prevents unauthorized network access
Restricts website access
Protects company data and intellectual property
How does improved code quality reduce malware threats?
It’s harder to find exploitable flaws
