4) Network Security Flashcards
What is malware?
A software that can harm devices
What does malware do?
- delete or modify files
- scareware make them beleive theres viruses
- locking files
- Spy ware
How do malware access your device?
- viruses attactch to certain devices
- worms (soread really quickly and exploit weaknessnes)
- Trojans (malware disguised)
What is people at the weakpoint?
Catfishing people for information saying there a big company
What is phishing?
Criminals send emails or texts pretending to be a big company. They then say to update all details and all their details are gone
A way you can spot phishing?
Poor grammar
Whats a brute force attack?
Type of attack to gain information by cracking passwords through trial and error. Eg use an automated software to produce likely combinations
What is penitrating testing?
An organisation uses employes to stimulate attacks on their network
Find the weak point of a network
What is anti maleware software?
Designed to find and stop maleware damaging a network and devices on it. Companies use firewalls to prevent it
Whats physical security?
Protects the physical parts of the network.
Eg locks and cameras
What are user access levels?
Control which parts of the network different groups can access
What are passwords?
Help unathorised users access the network.
What is a virus?
- It can replicate istelf and spread from system to system by attaching itself to infected files
When is a virus activated?
When opened by a human
What is a worm?
Replicate itself and spread system from system to system by findjng weakness of a system
Whats a worm?
Replictaes itself and spread from system to sysetm by finding weakness in system
Whats a trojan?
A harmful program that looks real so users are tricked to install it
What is spyware?
Secretley records the activities of the user on a computer. Main aim is to record usernames,passwords and credit card information
What is a keylogger?
Secretly records the key presses of a user on a computer. Data is stored and sent back. Main aim is to record usernames and credit card information
What is Ransomware?
- Locks files on a computer using encryption so they can no longer use them
- Demand money for them to unlock (btc)
What is SQL injection?
- Programing langauge to manipulate data in databases
- It can trick the website into giving unauthorised access.
- Can view and edit the contents of the database
How is SQL injection used?
Malicious SQL query is entered into a data input box on a website
Whats a DOS attack?
- A computer repeatedly sends requests to a server to overload a system. It will make the server offline
What is a Brute force attack?
- Every combination is tested from start to finish. Not quick but can break password eventually and sped up with multiple computer systems
What is social engineering?
- Trick others into revealing their personal data by posing a trusted source
- eg. IT asking for password
What is Interception?
- Data packets are intercepted by a third party and copied to a different location.
- Packet sniffers are used to intercept and analyse data packets
Whats the purpose of a penetration test?
To find any risks or weaknesses and fix them
What are the 4 main type of penetration tests?
- Internal tests (see how much damage is done within the company)
- External tests (infiltrate a system from outside a company)
- Blind tests (no inside information and see what a real hacker would do)
- Targeted tests (are by an IT department to find the faults in a system)
What is anti-malware software?
Used to locate and delete malware, like viruses,
How does the anti-malware software do it?
- Scans each file on the computer and compares it against a database of a known malware.
What are other roles of an anti-malware software?
- Checking all emails that come in and go out
- Checking files as they are downloaded
- Scanning viruses on hard drive
Whats a firewall?
- Manages incoming and outgoing network traffic
What does a firewall do?
- Data packet is processed to check wether it should be given access by the network.
- Unexpected data packets will be filtered out and not accepted
Other roles of a firewall?
- Blocking access to insecure websites
- Blocking programes from accessing the internet
- Blocking unauthorised downloads
Whats a secure password?
- Secure password to minimise risk of users accessing
Whats read only access?
- User can only view file and not change data
What is encryption?
- Process of scrambaling data into an unreadable format so attackers cannot understand if intercepted.
How is encryption used?
- Plaintext is converted to scrambled ciphertext using an encryption key.
What is physical security?
- A lock can be used to prevent access to a server room or locations that store confidential data.
What are forms of physical security?
- Biometric
- keycards
- CCTV
- Alarms
- Staff
