1.4 - Network security Flashcards
What are the forms of attack?
- Active
- Passive
- External
- Internal
What is an active attack?
Where the hacker attempts to modify or delete data
or
to prevent a network from operating correctly
What is a passive attack?
Where the hacker monitors a network in order to gain information
What is a passive attack also known as?
Eavesdropping
What is malware?
Malicious software that is designed to hack a system
What is an Internal attack?
Where someone within an organisation attempts to hack its network
What is an External attack?
Where someone outside of an organisation attempts to hack its network
What is Social engineering?
Tricking others into revealing their personal data by posing as a trusted source
Give some examples of some types of Social engineering:
- Phishing
- Shoulder surfing
- Blagging
What is phishing?
An attempt to gain personal information about someone by way of deception by email
What is a Brute force attack?
Automated or manual attempts to gain unauthorized access to secure areas by trying all the possible password or key combinations
How can a Brute force attack be sped up?
If multiple computer systems are used
What is a DoS attack?
Severs & devices are flooded w/too many requests/ packets, causing them to crash or become unstable
What does DoS stand for?
Denial of service
What is a DDoS?
A coordinated attack using a botnet of infected systems to overload a server with requests
What does DDoS stand for?
Distributed Denial of Service
What is a botnet?
A large group of devices controlled and use maliciously by an attacker
What is Data interception & theft?
Data may be intercepted during transmission, but physical theft can occur where storage devices/ data files are left insecurely
What are SQL injections?
Pieces of malicious SQL is entered into a website’s input box which then reveal sensitive information
When is a SQL used?
To search databases/ access information
What does SQL stand for?
Structured Query Language
Describe what happens when data is entered into a webform?
The website will contact the database server to find the account details & display them
Describe what happens when a hacker enters a malicious SQL into the password field:
It will modify the SQL that is executed
—> They can gain administrator privileges or view + edit contents of the database
What is Interception?
When data packets on a network are intercepted by a third party and copied to a different location than the intended destination
Name the software that is used in interception
Packet sniffers
What is Blagging?
Dishonestly persuading someone to divulge personal information by deception
Give an example of Blagging
Someone makes up a story to gain a person’s interest and uses this to encourage them to give away information about themselves, or even send money
What is Shouldering?
Looking over someone’s shoulder when they enter a password or PIN
What is spyware?
Software that secretly records the activities of a user on a computer
What is keyloggers?
Secretly records the key presses of a user on a computer
—> Data is sent back to the attacker
What is the main aim of keyloggers and spyware?
To record usernames, passwords & credit card information
What are worms?
Self-replicate without any user help. They spread from system to system by finding weaknesses in software.
—> Spread very quickly
What are Viruses?
Self replicates without any user help and spreads from system to system by attaching itself to infected files
How are viruses activated?
When opened by a human
What is Trojans?
Malware that is disguised as legitimate software - users are tricked into installing it
How are Trojans spread?
Users install them not realising they have a hidden purpose
—> Gives the attacker a backdoor access to the system
What is Ransomware?
Locks files on a computer system using encryption so that a user can no longer access them
What is the main aim of Ransomware?
Attacker demands money from the victim to decrypt the data
Why are ransomware attackers so hard to trace?
They use digital currencies (like bitcoin) which makes it hard to trace them
What measures should organisations be taking to prevent their network from having any vulnerabilities?
- Regularly test network & find any weaknesses
- Use passwords
- Enforce user access levels
- Install anti-malware software & firewall
- Encrypt sensitive data
Why should organisations be using passwords to prevent their network from having any vulnerabilities?
To prevent unauthorised people from accessing the network
Why should organisations Enforce user access levels to prevent their network from having any vulnerabilities?
To limit the number of people with access to sensitive information
What do user access levels determine the access to?
- Software
- Internet access
- Documents and data
- Ability to install and/or remove software
- Ability to maintain other users’ accounts
What is encryption?
The process of scrambling data into an unreadable format so that attackers cannot understand it if intercepted during transmission
How is data encrypted?
Using an encryption key - only at the correct destination will the encryption key convert the data back into its original form
What is anti-malware software?
Software used to locate and delete malware (like viruses) on a computer system
How does anti-malware software work?
- Software scans each file on computer and compares it against a database of known malware.
- Files w/ similar features of malware are identified and deleted.
Why must anti-malware software be regularly updated?
New forms of malware are created each day by attackers, therefore it must be regularly updated to keep systems secure
What are some other roles of anti-malware software?
- Checks all incoming and outgoing emails + attachments
- Checks files as they are downloaded
- Scans the hard drive for viruses and deletes them
Why should organisations Install anti-malware software & firewall to prevent their network from having any vulnerabilities?
To prevent & destroy malicious software attacks
Give some examples of anti-malware?
- Anti-virus software
- Anti-phishing tools
- Anti-spyware software
What is the main disadvantage of anti-malware?
It can only detect, prevent and remove known malware
What is a firewall?
A tool that examines all data entering & leaving the network & block any potential threats
How does a firewall check whether a data packet should be given access to the internet?
It examines the source and destination address of each data packet
What are some roles of a firewall?
- Blocks access to insecure websites
- Blocks certain programs from accessing the internet
- Blocks unexpected / unauthorised downloads
- Prevents specific users on a network accessing certain files
How can physical security be used to protect computer systems?
- Lock - Can be used to prevent access to certain locations that store confidential data (e.g. Server rooms)
- Biometric devices - Require input of a human characteristic. When inputted, this is checked against a database and will allow access to a certain user
- CCTV cameras
- Alarms
What is Penetration testing?
When organisations employ specialists to simulate potential attacks on their network
What is Penetration testing used for?
To identify possible weaknesses in a network’s security by trying to exploit them
—> Results are then reported back
What is Penetration testing also known as?
Pentesting
Give some common prevention methods for Spyware?
Anti-spyware
Give some common prevention methods for Viruses?
Anti-malware
Give some common prevention methods for a DoS attack?
Having a firewall
Give some common prevention methods for a Brute-force attack?
Strong passwords
Give some common prevention methods for Phishing?
User awareness
Give some common prevention methods for Blagging?
User awareness
Give some common prevention methods for Shoulder surfing?
Concealing passwords/ PINs
Give some common prevention methods for a SQL injection?
Penetration testing
What are features of a strong password?
*At least eight characters
* Include upper case
* Include lower case
* Include special characters
* Include numbers
