1.4 Network Security

Question 1

ways to spot a phishing email

Answer 1

• Poor spelling and grammar.
• The message asks for personal information.
• Generic greeting/impersonal
• You didn’t initiate any action to cause the email.
• sense of urgency in the information

Question 2

what is malware

Answer 2

software written to infect computers and commit crimes like fraud and identity theft

Question 3

what is phishing

Answer 3

designed to get you to give away personal information using emails purporting to be reputable companies

Question 4

what is a brute force attack

Answer 4

a trial and error method to decode encrypted data such as passwords and keys carries carried out by programs

Question 5

what is a denial of service attack

Answer 5

involves flooding a server with useless traffic causing it to overload and become unavailable

Question 6

what is data interception and theft

Answer 6

an attacker monitors data streams to and from a target to gather sensitive information

Question 7

what is an SQL injection

Answer 7

a code injection technique used to attack data driven applications

Question 8

what does it mean when people are the weak point of a network

Answer 8

when system vulnerabilities are caused by people being careless

Question 9

what is the purpose of a malware attack

Answer 9

• to delete, corrupt, or encrypt files
• computers can crash, spontaneously reboot or slow down
• keyboard inputs can be logged and sent to hackers
  internet connections can become slow (due to worms)
• malware can pass from the computer to the server it is connected to, to all the other clients also connected, and spread very quickly

Question 10

what is the purpose of a phishing attack

Answer 10

• gain access to high value corporate information
• access a victim’s bank account ot withdraw money
• open new bank accounts and cards in victim’s name
• cash illegitimate cheques
• financial services can blacklist the company (damage to reputation)

Question 11

what is the purpose of a brute force attack

Answer 11

• theft of data
• access to corporate systems

Question 12

what is the purpose of a denial of service attack

Answer 12

• loss of access to a service for customers
• lost revenue
• lower productivity
• damaged reputation
• average cost of downtime = over £4000/min

Question 13

what is the purpose of data interception and theft

Answer 13

• disclosure of corporate data
• theft of data
• usernames and passwords compromised allowing unauthorised access to systems

Question 14

what is the purpose of an SQL injection

Answer 14

• data in the database can be amended or deleted
• contents of database output, revealing private data
• new rogue records can be added to the database

Question 15

what are examples of when people can be a weak point of a system

Answer 15

• sharing passwords
• losing memory sticks/laptops
• not installing systems updates
• not logging off/locking computer
• not encrypting data
• not applying security to wireless networks
• not keeping anti-malware up to date

Question 16

what are 7 common prevention methods

Answer 16

• penetration testing
• anti-malware software
• firewalls
• user access levels
• passwords
• encryption
• physical security

Question 17

how do you limit threats posed from a malware attack

Answer 17

• strong security software (firewall, spam filter, anti-virus, anti-spyware)
• enabling operating system and security software updates
• training staff to recognise suspicious emails and links
• backup files regularly onto removable media

Question 18

how do you limit threats posed from a phishing attack

Answer 18

• strong security software
  Training staff to:
• disable browser pop-ups
• not disclose personal or corporate information
• be aware of spotting fake emails and websites

Question 19

what do we mean by strong security software

Answer 19

firewall, spam filter, anti-virus, anti-spyware

Question 20

how do you limit the threats posed from a brute force attack

Answer 20

• use a network lockout policy (locks after 3 password attempts)
• use progressive delays (wait times to retry passowords)
• staff training: using effective passwords with symbols etc
• using challenge and response eg “i am not a robot or reCAPTCHA

Question 21

how do you limit the threats posed by a denial of service attack

Answer 21

• strong firewall
• packet filters on routers
• configuring the web server
• auditing, logging and monitoring of systems

Question 22

what is configuration of a web server

Answer 22

spotting when attacks are taking place and then preventing them from reaching the server

Question 23

how do you limit the threats posed by data interception and theft

Answer 23

• encryption
• using virtual networks
• staff training: logging off and locking computers/offices & use of passwords and portable media
• investigating your own network vulnerabilities

Question 24

how do you limit threats posed by SQL injection

Answer 24

• validation on input boxes (eg. looking for code that would not be relevant in that box)
• using parameter queries
• penetration testing
• setting database permissions (not all users can perform all actions on a database)

Question 25

what is penetration testing

Answer 25

aims to identify weaknesses in a system using a hacker to attempt to break in

Question 26

what does anti-malware software do

Answer 26

- prevents harmful programs from being installed on the computer - prevents important files such as the operating system from being changed or deleted - if virus does manage to install itself, the software will detect it when it performs regular scans

Question 27

how does anti-malware software help to prevent attacks

Answer 27

They detect and remove types of malware and prevent viruses It does this by looking through its database of virus signatures and looks out for typical virus behaviour.

Question 28

what is a firewall

Answer 28

A firewall sets the rules for how data packets can enter or leave the network. it can block certain IP addresses and block computers on a network from accessing specific sites or categories of sites on a network

Question 29

what three things are common security criteria of a firewall

Answer 29

- where the access is from (the computer's address) - the type of traffic (eg .exe files which may carry viruses) - specific web site addresses

Question 30

how do user access levels help to prevent attacks

Answer 30

user access rights define groups and allocate specific permissions to those groups this level of control ensures that people only have access to areas they have the authority to use and if there is a virus or malware then it is limited to the areas the user has access to

Question 31

how do passwords help to prevent attacks

Answer 31

it is the easiest way to stop unauthorised access to your computer

Question 32

how does encryption help to prevent attacks

Answer 32

Encryption changes the data before it is transmitted so it can only be deciphered by someone with the appropriate key. to anyone intercepting the message it would be unintelligible

Question 33

why do we need encryption

Answer 33

There are devices that can read network transmissions just by scanning transmissions without leaving any evidence

Question 34

how does physical security help to prevent attacks

Answer 34

it simply makes it difficult for unauthorised people getting access to the server or computers