1.4 Network Security Flashcards

OCR GCSE Computer Science J277

1
Q

Malware

A

malicious software, created with the intent to:

Cause damage to computer systems or
Steal data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Vulnerabilities

A

Vulnerabilities can be caused by:

Human weakness
Software issues
Code quality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Virus

A

malware in the form of a program that attaches itself to another file and can replicate itself when the file is executed.

DEFENCE: Antivirus and anti-malware software
Don’t click on links from unknown sources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Worm

A

malware that is able to replicate itself and does not need to use another file as a vector.

DEFENCE: Antivirus and anti-malware software
Don’t click on links from unknown sources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Trojan

A

a piece of malware that is hidden inside another file in a computer system

A trojan is a piece of software that appears to be legitimate (such as a game), to trick the user into executing it.

DEFENCE: Antivirus and anti-malware software
Don’t click on links from unknown sources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

RAT

A

Remote Access Trojan

The main objective of a trojan is to steal confidential information or inflict damage.

A type of trojan is a remote access trojan (RAT). A computer with a RAT may become a bot under the remote control of a hacker.

DEFENCE: Antivirus and anti-malware software
Don’t click on links from unknown sources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Botnet

A

When the hacker controls many computers, the computers form a botnet.

A botnet (robot network) is a network of computers that are under the control of a single operator who can instruct all of the computers to do something at the same time. This could be to send out spam emails or perform a distributed denial of service (DDos) attack on a chosen target.

DEFENCE: Antivirus and anti-malware software
Don’t click on links from unknown sources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Spyware

A

a form of malware that captures data from a computing device and transmits it without the user’s knowledge.

DEFENCE: Anti-malware software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Keylogger

A

Spyware. A keylogger can keep a record of all keys pressed, meaning that usernames and passwords are recorded and transmitted back to the malicious software author.

DEFENCE: Anti-malware software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Ransomware

A

a form of malware that locks a computer or encrypts files, and therefore prevents a user from accessing their data.

The attacker will demand a fee (ransom) is paid before they release the files, although there is no guarantee that the user will get their files back, even after they have paid the ransom.

DEFENCE: Anti-malware software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Social Engineering

A

techniques used to trick users into giving away personal information by psychological manipulation

It is different to other cyber crimes because it involves humans trying to trick or manipulate other humans

DEFENCE: Security training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Phishing

A

an attack in which the victim receives a message disguised to look like it has come from a reputable source (for example, a bank), in order to trick them into giving up personal information.

DEFENCE: Security training
Network policy
Firewall
User awareness of phishing ‘clues’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Spear Phishing

A

Spear phishing is a more sophisticated version of the scam, where a fraudulent message is sent to a specific person and often includes personal details in order to appear legitimate.

For example, rather than sending phishing emails to a whole company, a spear phishing attack might just aim at the finance director and be more personalised

DEFENCE: Security training
Network policy
Firewall
User awareness of phishing ‘clues’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Pharming

A

deceiving users by sending them to a fake website that the user believes is the real one, with the intention of tricking them into submitting personal information.

DEFENCE: Security training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

DNS Poisoning

A

A more sophisticated method of pharming, known as DNS poisoning involves hacking a DNS (the database that allows your browser to find the website that you are visiting).

When the victim enters a correct web address of the site they wish to visit into their browser, they visit a website controlled by the attacker, rather than the legitimate website.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Blagging

A

an attack in which the attacker invents a scenario in order to convince the victim to give them personal information or money.

DEFENCE: Security training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Shouldering

A

a type of social engineering attack design to steal a victim’s password or other sensitive information by using close visual observation.

DEFENCE: Security training
Concealing your password or pin entry
User access levels
User awareness

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Hacker

A

someone who deliberately gains, or attempts to gain, unauthorised access to a computer system with the intent to cause damage or steal data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Ethical Hacker

A

expert in computer security who attempts to gain access to a computer system in order to find vulnerabilities.

If an ethical hacker is working with the permission of the network owner, this activity can be classed as penetration testing. However, if they are working without permission, the activity is illegal.

20
Q

Computer Misuse Act

A

Under the Computer Misuse Act, there are heavy penalties, including prison sentences, for anyone who makes an attempt to access a system without authorisation.

21
Q

Man-in-the-middle

A

where a hacker hacks the connection between two people or systems and intercepts the data they are passing to each other. The hacker may take the data or may alter it so that the recipient receives data that has been tampered with in some way. The users will be unaware that the data has been intercepted.

This kind of attack can be orchestrated by a malicious person setting up a free unencrypted Wi-Fi hotspot. Any data that is passed across the network can be readily intercepted.

22
Q

Server

A

is a computer that provides services to client computers. An example of a server is a web server that provides webpages. Servers are usually set up to run 24 hours a day, 7 days a week, constantly listening for requests for their services.

23
Q

Denial-of-Service Attack

A

Servers are configured to be able to cope with a certain volume of traffic.

In a denial-of-service attack, a server will be bombarded with requests at a level that it cannot cope with.

Anyone else who is trying to access the server will find that their request cannot be processed, therefore causing a denial of service.

DEFENCE: Firewall

24
Q

DDos

A

Distributed Denial of Service. A malicious attempt to overwhelm a server by bombarding it with requests.

In a distributed attack, the requests come from a large number of distributed computer systems, typically a botnet.

DEFENCE: Firewall

25
Q

SQL

A

stands for Structured Query Language and is a language that is used to form queries to extract or manipulate information in a database.

26
Q

SQL Injection

A

technique used by a malicious person to manipulate an SQL statement to their own benefit.

27
Q

Brute Force Attack

A

This type of attack uses a computer program to generate all combinations of characters until it finds the combination that matches the password.

If the password is short and made up of characters selected from a small character set, the password will be easy to find.

For example, if you have a password made up of six lower-case letters, there are only 626 = 308,915,776 possibilities. It would take a person a long time to try all of these passwords, but a computer could do it in seconds.

DEFENCE: Strong passwords with limited attempts
Penetration testing

28
Q

Dictionary Attack

A

A dictionary attack is a brute force attack that uses a list of passwords (the dictionary) to check if the password that is being cracked matches a password in the list. This list may include common passwords and also passwords that have been hacked from other sites.

Each password in the dictionary is tried in turn in an attempt to find the correct password.

You can find tools on the internet that will simulate a dictionary attack to test the security of your own passwords.

DEFENCE: Strong passwords with limited attempts
Penetration testing

29
Q

Information Commissioner’s Office

A

responsible for Data Protection in the UK

30
Q

Reputational Damage

A

Often the greatest impact of the failure of network security is reputational damage.

This is where customers or stakeholders find out about the attack and lose confidence in the organisation. They may take their business elsewhere, resulting in a loss of revenue for the organisation.

31
Q

Strong Password

A

Password strength is determined by the length of the password and the number of different types of characters that are used. For example:

Upper-case letters
Lower-case letters
Numbers
Special characters (e.g. *, $, #)

You should not use personal data as part of your password. Avoid using family and pet names, birthdays, or names associated with hobbies and interests.

32
Q

Default Password

A

Sometimes a system is set up with a default password. This is a password that is allocated by the system provider.

If the default password is weak, it should be changed immediately, especially if it appears that every new system user will be given the same password.

33
Q

Access Rights

A

The general rule is that a user should be given the lowest level of access needed to do their job.

In this way, there is less opportunity for the accidental loss of data and fewer accounts to investigate if a system is compromised.

When a user is given access to a computer system, their access to specific files within the system can be restricted. Setting appropriate permissions will help to prevent unauthorised access to sensitive or important data.

It is also possible to restrict the level of access that a user has; for example, the right to view, edit, or delete a file.

Most organisations store their data in databases; database management systems allow restrictions to be specified down to the individual record or even field level.

34
Q

Firewall

A

A firewall acts as a barrier between a trusted network and an untrusted network.

A firewall sits between two networks, usually a trusted network (such as your home network) and an untrusted network (such as the internet) as illustrated on the next slide.

The firewall will attempt to prevent malicious traffic entering the network. It can also be configured to prevent certain types of data from leaving the network.

35
Q

Physical Security

A

The physical security of network devices is also important.

Most large buildings are protected by security mechanisms to control access. This may be in the form of security guards who check that only authorised people can enter the building, or could be in the form of doors or barriers that can only be opened by someone with an appropriate smart card or access code.

CCTV is commonly deployed to record movement around the site and inside buildings.

Encryption
Physical locks
Biometrics

36
Q

Encryption

A

When data is encrypted, even if it is intercepted, it cannot be easily understood.

IMPORTANT: IT DOES NOT PREVENT DATA INTERCEPTION.

the process of applying an encryption algorithm (cipher) to plaintext to produce ciphertext that cannot be understood (without decryption)

37
Q

Symmetric Encryption

A

uses the same key for both encryption and decryption. Symmetric encryption schemes are faster than asymmetric encryption schemes because they use less complex mathematical operations, which means that data can be encrypted or decrypted at a speed and volume suitable for network communications.

38
Q

Asymmetric Encryption

A

uses a related set of keys, one public and one private. The keys work as a pair; one key is used to encrypt the message and the other to decrypt. Asymmetric encryption is slower, but allows the sender to be authenticated.

39
Q

Encryption Key

A

information that is needed by an encryption algorithm to encrypt (or decrypt) a message

40
Q

Pen testing

A

Penetration testing

a method of testing used to discover weaknesses of vulnerabilities in a system that could be exploited by hackers.

Organisations can spend large amounts of money on network security. It is important that the effectiveness of the measures they have put in place is tested. When a security system fails, the reputation of the business can suffer and they may also incur large fines if they have lost or compromised personal data.

Penetration testing is testing to make sure that the system is secure from hackers or other malicious attacks. It is used to discover weaknesses or vulnerabilities in a system that could be exploited.

41
Q

Black-box penetration testing

A

testing that does not rely on understanding the inner workings of a program

is designed to mimic an external attack on the system. The testing will assume that the attacker is unauthorised and has no knowledge of the system. The tester will use brute force methods and try to exploit well-known software vulnerabilities to get access to the system.

42
Q

White-box penetration testing

A

a method of testing where all possible routes through a program are identified and tested

is designed to mimic an attack from an insider who already has access to the system, and maybe has information about the way the system is configured and operates. This can help safeguard against the actions of someone who is inside the organisation and up to no good.

43
Q

Testing

A

the systematic process of checking that a subroutine, program or system works as expected.

44
Q

Anti-malware Software

A

Anti-malware or antivirus software is used to detect, quarantine, or remove malware such as viruses, trojans, and worms from computers.

Anti-malware software can have a real-time checker that scans files before they are used to keep the computer safe, and can also have scheduled scans, which perform checks upon computer files on a regular basis.

45
Q

Unauthorised Access

A

THREAT

Hacking, a personal attempting to gain unauthorised access to the network or device

Prevention/Mitigation: Strong passwords / Firewall / Physical security / 2FA / access rights