1.4 system security Flashcards
Malware
Software written to cause loss of data, encryption of data, fraud and identity theft:
virus, worm, trojan, ransomware and spyware
Social engineering
Most vulnerabilities are caused by humans. Not locking computers. Using insecure passwords. Not following/poor company network policies. Not installing protection software. Not being vigilant with email/files received. Not encrypting sensitive data
Phishing
Sending emails purporting to be from reputable companies to induce people to reveal personal information
Brute-force attack
A trial and error method of attempting passwords. Automated software is used to generate a large number of guesses
Denial of service attack
Flooding a server with so much traffic it is unable to process legitimate requests
Data interception and theft
Stealing computer-based information
SQL injection
A hacking technique used to view or change data in a database by inserting SQL code instead of data into a text box on a form
Penetration testing
Testing designed to check the security and vulnerabilities of a system
Anti-malware software
Antimalware software protects against infections caused by many types of malware, including viruses, worms, Trojan horses, rootkits, spyware, key loggers, ransomware and adware
Firewall
A computer application used in a network to prevent external users gaining unauthorised access to a computer system
User access level
The amount of access a given user is allowed to a computer. On a network most users will have restricted access. Whereas a systems administer or network technician would be allowed much greater access with fewer restrictions
Password
A secret word or phrase that must be used to gain access to a computer / program / interface / system
Physical security
Any form of real world physical security to help protect data and systems e.g. Alarms, locks, security patrols etc
