1.4 Flashcards
What is a network attack?
An attempt to gain access to steal,modify or delete data on a network
What is malware? Name the 5 types of malware
a malicious software designed to hack a system- virus ,trojan, spyware ,ransomware ,worm
What is a virus?
Programs embedded in other files which replicate themselves to become part of other programs
What is a worm?
Like viruses but not hidden within files- they’re often spread via emails
What is spyware?
Programs that monitor user activity like webs visited or usernames and passwords- this information is then sent back to the hacker
What is a trojan?
Programs that pretend to be legitimate but are actually malware- often pretend to be email attachments
What is ransomware?
Programs that blackmail a user to make a payment to the hacker
What is social engineering?
Manipulation of people in order to make them perform desired actions to gain information
What is phishing?
A phisher sends emails that look legitimate asking for a verification but usually contain a fraudulent link which asks for personal information.
What’s the name of a phishing attack over the phone?
vishing
What is baiting?
In baiting- the victim is lured into a trick of the promise of an item (i.e music for free or downloads)
What is Quid Pro Quo?
Promises an exchange for information that they do not have authorisation to but the information tends to be exchanged for a service NOT an item
What is tailgating/piggybacking?
When somebody(without proper authorisation) follows someone without proper authorisation
What is a Brute Force Attack? How can we make these attacks harder to carry out?
Using trial and error to guess a password (often using a program) by using all possible combinations until the correct one is obtained ——- using complex passwords with lots of character combinations
What is hacking?
Gaining unauthorised access to data in a system
What is Denial of Service? And distributed denial of service?
An attack where the aim is to prevent anyone using the resources e.g. lots of bots (computers) will form a botnet and will bombard a website with too many requests so that it crashes and prevents a server from carrying out its function
What is Data Interception?
Data accessed en route i.e. by packet sniffing software
What is SQL injection?
Fake database operations produced to change the way data is entered/ processed by database servers. Often SQL codes are entered as data inputs to cause errors
What is Penetration Testing?
authorised users hack a network for weaknesses and try to exploit them—– basically tests how resilient a network is against an attack
What are Firewalls?
These firewalls are often hardware (expensive) or software and monitor traffic going in/out of a network and either allows traffic to block or pass depending on the firewall policy. Packet filter firewalls decide whether packets should be dropped
What is an acceptable use policy?
When network managers make sure there is a policy that users have long/complex passwords, levels of access ,backups, strict rules on authorised access, penetration testing, no physical access to servers
What is anti malware software?
A software which scans files to detect and remove malware
What are network policies?
Policies to determine what users can/cant do and rules of how data is safeguarded
Give 2 ways we can prevent SQL injection taking place:
limit user access levels and use firewalls
Give some basic methods to safeguard data
dual credentials, complex passwords, different passwords for different areas of functionality
Give some security measure to safeguard data
physical security (biometrics, CCTV), WIFI access security, complex passwords, encrypt data
Give some network policies to safeguard data
Data backups regularly, disaster recovery plan, anti malware software, firewalls, acceptable use policy ( i.e. dont give data to 3rd parties), user access levels
What are Key loggers, adware , tracking cookies all examples of?
Spyware
What is smishing?
– This method sends malicious text messages to trick users into clicking on
a malicious link or handing over personal information.
What is pretexting?
This type of attack involves fraudsters creating a good pretext or a fabricated scenario that
they use to try and steal their victims’ personal information.
What do levels of access allow us to do?
determine what a user can access and what
they can do, such as:
• Types of software
• Email
• Internet access
• Documents and data
• Ability to install and/or remove software
What is the purpose of a router?
A client requests files and services from a server which responds to requests.
How is encrypted data deciphered?
encryption key
Name some prevention methods of malware
Use anti-virus or anti malware software to identify and remove suspected malware
Scan email attachments
Keep software up to date and download security patches
Use a firewall and keep it up to date
Look out for common phishing language e.g. “verify your account”
Name prevention methods of attacks like brute force or DOS or Data interception or SQL injection
Use two-factor authentication (2FA), e.g. unique code
Distribute data servers so that it is harder for attackers to attack
Use anti-DDoS software to prevent attacks
Use a Virtual Private Network (VPN) to encrypt data
Use secure SQL statements that anticipate attacks
What are the effects of malware?
- Computer may crash or slow down
- When a worm infects a computer, the internet connection may become slow as the worm searches online for other computers to infect.
- Files may be deleted, become corrupt or encrypted.
How can you prevent malware?
- Strong security software (firewall, anti-virus, anti-spyware, anti-spam).
- Staff training: caution opening attachments.
- Back up files regularly.
What are the effects of phishing?
1) Accessing a victim’s account and withdraw money
2) Gaining access high-value corporate data.
How can you prevent phishing?
1) Strong security software (firewall, anti-virus, anti-spam).
2) Staff training: awareness of spotting fake websites & emails.
3) Staff training: never disclose personal or financial information.
What are the effects of SQL injection?
1) Contents of the database can be output, revealing data that otherwise would be hidden.
2) Data in the database can be amended and deleted.
3) New rogue records can be added.
Whats the main difference between a worm and a virus?
worms dont need to attach to a program
What does SQL injection result in access to…
databases which means attacker can manipulate data
What is network forensics?
a close examination of data sent across networks i.e packet sniffing software
