1.4 Network Security Flashcards
What are networks ?
A group of interconnected computers/devices.
What are the forms of network attacks ?
- Active
- Eavesdropping(Passive)
- External
- Internal
What is an Active network attack ?
attempts to modify or delete data, or to prevent a network from operating correctly
What is an Eavesdropping (Passive) network attack ?
hacker monitors a network in order to gain information
What is an External network attack ?
someone outside of an organisation attempts to hack its network.
What is an Internal network attack ?
someone within an organisation attempts to hack its network.
What is Malware ?
Malware is malicious software that is designed to hack a system.
What is a virus ?
- Programs embedded within other files
- replicate themselves and become part of other programs
What are worms ?
- they are not hidden within other files
- often spread through emails.
What are Trojans ?
- Programs which act to be legitimate but are malware
- cannot spread by themselves
What is spyware ?
- Programs that monitor user activities
- send the information back to a hacker.
What is ransomware ?
- Programs that attempt to blackmail a user into making a payment to a hacker
- encrypt documents and won’t decrypt them
What is phishing ?
Emails that try to trick users into giving away personal details
What is a brute force attack ?
a program is used to find a password by trying all possible combinations of characters
What is a Denial of Service (DOS) attack ?
Where a computer is used to prevent a server from performing its tasks
What is a data interception and theft attack ?
- Where data is intercepted during transmission
-using software called a packet sniffer
What is a SQL injection attack ?
Where SQL code is entered as a data input
What is poor network policy ?
Where a network does not have security rules in place for users to follow.
What are features that poor network policies tend no to have ?
- Levels of access
- stopping the connection of external devices
- regulation regarding secure passwords
- Restriction on websites
- Preventing wireless connection/remote access
- Formal backup procedure
- Maintenance program
What are the methods to keep a network safe ?
- Penetration testing
- network forensics
- User access levels
- secure passwords
- encryption
- anti-malware software
- firewalls
What is penetration testing ?
probing the network for potential weaknesses and attempt to exploit them
What is network forensics ?
- monitoring the traffic on a network
-At regular intervals transmitted data packets are copied - stored for later analysis
What are user access levels ?
Determine the facilities a user has access to
What is a secure password ?
- one that is not easy to guess
- that requires at least eight characters
- at least one uppercase letter
- one number
- one special character
What is encryption ?
- process of disguising data so that it cannot be understood
What is anti malware software ?
scanning through all the files on a computer and checking them against a list of known malware
What are the three purposes of anti malware ?
- to detect malware that has been installed
- to prevent malware from being installed
- to remove malware from the system
What are firewalls ?
- tool that monitors traffic going into and out of a computer or network
- allows the traffic to pass through or blocks it.
Why can anti malware be ineffective ?
If not updated as it’s only reactive to what it knows.
Can firewalls be hardware-based or software based ?
YES