4.2 Identifying and preventing vulnerabilities Flashcards
Penetrating testing
Penetration testing is a method of preventing vulnerabilities whereby a company employ people to try and hack their network and databases.
This allows the ‘hackers’ to point out the parts of the system that are vulnerable
The companies then use this information to fix the issues that are found.
Anti malware software
Anti-malware software is a term used to describe a combination of different software to prevent computers from being susceptible to viruses and other malicious software.
The different software anti-malware includes are:
Anti-virus
Anti-spam
Anti-spyware
How does anti malware software work?
Anti-malware scans through email attachments, websites and downloaded files to search for issues.
Anti-malware software has a list of known malware signatures to block immediately if they try to access your device in any way.
Anti-malware will also perform checks for updates to ensure the database of known issues is up to date.
Firewalls
A firewall is a barrier between a network and the internet.
Prevents unauthorised access to your computer by people accessing it from the internet.
Configured to block traffic from specific IP addresses or block access to certain ports or applications/services but allow certain ports/services access.
User access levels
User access levels ensure users of a network have designated roles on a network.
Some examples of different levels of access to a school network include.
Administrators: Unrestricted - Can access all areas of the network.
Teaching Staff: Partially restricted - Can access all student data but cannot access other staff members’ data.
Students: Restricted - Can only access their own data and files.
Passwords
Passwords are a digital lock to prevent unauthorised access to an account.
They are often stored as an encrypted/ciphered text entry in a database, ensuring that even with unauthorised access to a database, a hacker would not be able to gain access to the individual passwords of users.
Passwords are only effective if they remain secret.
The password is strong against brute force attacks.
Stronger authentication systems can be created by implementing features such as two-factor authentication.
Encryption
Encryption is a method of converting plain text into ciphered text to be stored.
Encryption uses complex mathematical algorithms to scramble the text.
Asymmetric encryption, also known as private key, public key encryption is often used for web pages and other communication.
Physical security
Physical security is a method of physically preventing access to any part of a network.
There are a range of physical security measures that can be implemented on a network.
Locked doors: Preventing access to server rooms and cabinets of switches.
Biometrics: Fingerprint scanners, facial recognition and retinal scans.
Surveillance Cameras: Monitoring the activity around the site where crucial networking hardware is located.
Increasing website security
Establishing a good network policy for the company
Penetration testing
Ensuring that tools are in place to allow the use of network forensics
Requiring strong passwords from all users
Setting up user access levels on the network
Installing anti-malware software on all networked computers
Encrypting all sensitive data
Educating employees on how to spot a phishing email.
Forensics
The installed network forensic tools will have captured data packets entering the network during the attack. By analysing the captured data, the company can see how the network was attacked, identify weaknesses and resolve them to prevent similar attacks in the future.
