1.4 Network Security Flashcards
Define malware
. A network threat
. Malicious software is installed without knowledge or consent.
. Has the intentions to cause damage or steal information
. Defence- anti virus
Define spyware
. Network threat
. Logs keystrokes to gain information unlawfully
. Defence- anti spyware
Define social engineering
. Network threat
. Where someone from inside the company steals or causes damage to data
. Often done innocently
. Defence- clear network security policies
Define brute force attack
. Network threat
. A specialist automated software is used to try out combinations of characters and likely passwords in order to access a network through trial and error
. Defence- strong, complex passwords
Define denial of service attacks
. Network threat
. A hacker floods a network with useless date traffic.
. Makes network slow
. Prevents legitimate users from being able to access network
. Defence- firewall
Define data interception and theft
. Network threat
. Data is monitored whilst travelling across a network
. Packet sniffing software is used to check the packets of data being sent for predefined parameters
. Defence- encryption
Define SQL injection
. An attack when SQL script is entered into the input box by the user to change the way the scripts will run
Defence- validation
Define penetrative testing
. Method of identifying and preventing vulnerabilities
. When a controlled attack is made on a network to mimic the possible impact of a real attack. Help identify vulnerable areas of the network and also test the ability to recover after an attack
Define network forensics
. Method of identifying and preventing vulnerabilities
. When investigations are made to find the cause of an attack. Data packets are captured as they enter the network. If an attack had occurred, these packets can be analysed to help discover how the attack happened
Define network policies
. Method of identifying and preventing vulnerabilities
. Documented procedures that clearly explains who can do what, how, when and why when using the network
Define firewalls
. Method of identifying and preventing vulnerabilities
. These can be hardware or software placed between the networks and the Internet to prevent harmful requests from the Internet reaching the network. Incoming and outgoing data packets are analysed and if they meet the requirements set within the firewall, they are allowed through to the network, if not they’re blocked
Define user access levels
. Method of identifying and preventing vulnerabilities
. When permissions are allocated to user accounts. These restrict or allow access to data, applications and resources to the network
Define passwords
. Method of identifying and preventing vulnerabilities
. Requirement should be set to ensure that passwords need to be complex
Define encryption
. Method of identifying and preventing vulnerabilities
. When data is scrambled before being transmitted across the network. The intended recipient for the data is provided with the key to decrypt the data when it is received. If the data is intercepted, it cannot be understood
