Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

comp sci ♡!! > 4.2 network security > Flashcards

4.2 network security Flashcards

1
Q

What is network security?

A

The protection of a network from external and internal threats such as viruses, hacker attacks, data interception, theft etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a security threat?

A

An incident - malicious or unintended - that causes disruption, damage or data loss.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a virus?

A

A piece of malicious code that attaches itself to a legitimate program and is activated when the ‘host’ program is on, it can cause severe damage to data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a hacker?

A

A seeker and exploiter of security vulnerabilities in code in order to gain unauthorised access to a computer system or network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is ransomware?

A

An attack on a network in which data stored on a server is encrypted, making it unreadable. To be decrypted, the victim must pay a ransom.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is data integrity?

A

The reliability and trustworthiness of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does DOS stand for?

A

Denial of Service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a DOS attack?

A

An attack on a network that attempts to prevent legitimate users from accessing its services. It’s done by taking the network offline. Effective backup and recovery procedures are needed to prevent them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is backup and recovery?

A

The process of making backup copies of data and storing them in a separate location to the live working environment (e.g the cloud) so they can be recovered in the event of data loss or damage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is ethical hacking?

A

Essentially good hacking. The process of looking for weaknesses in software and systems so that they can be addressed. Ethical hackers usually work on behalf of an organisation, carrying out simulated hacking attacks on its network to uncover any vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is penetration testing?

A

a.k.a. ‘pen testing’ is the uncovering of vulnerabilities that could be exploited by a criminal by an ethical hacker (white-hat hackers).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is social engineering?

A

An attack that exploits how people behave and respond to certain situations in order to trick them into revealing personal information, usually used by an ethical hacker to test how easily tricked legitimate users of the network can be.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the goal of network security?

A

To protect a network and data from internal and external security threats, such as incidents which cause disruption, damage or data loss.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

List and briefly describe the three important principles underpinning data security?

A
  • Confidentiality: If sensitive data gets stolen from an organisation, it could stop or slow. Only authorised personnel should access it.
  • Correctness: Data is useless if wrong. It can be jeopardised intentionally or accidentally; so data access must be controlled.
  • Availability: Networks can go offline. Criminals can dish out DOS attacks, taking them offline. Backup and recovery is needed to prevent damage.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is data integrity?

A

The reliability of data. It can be jeopardised (un)intentionally. It must be checked, secured and protected to maintain data security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is social engineering?

A

Testing done by ethical hackers to test out employees’ security awareness. It exploits how people behave and respond to certain situations in order to trick them into revealing personal information.

17
Q

What is access control?

A

Control of who can log into a network and determines which legitimate/authorised users can see and do on the network.

18
Q

What is authentication?

A

The process of checking the identity of an individual attempting to gain access to a network?

19
Q

What is multi-factor authentication?

A

An extra level of security. A user must provide:
- A piece of knowledge
- A physical artefact
- A physical attribute

20
Q

What is the principle of least privilege?

A

Employees are only given the permissions and administrative rights needed to do their job.

21
Q

What are file permissions?

A

Control of the ability to read, write, execute and delete files.

22
Q

What is physical security?

A

Controlling access to critical parts of a network using physical methods rather than software.

23
Q

What is malware?

A

Malicious software designed to gain unauthorised access to a computer system in order to cause damage, disrupt its functioning or collect information without the users’ knowledge.

24
Q

What is encryption?

A

The process of turning information into a form that only the intended recipient can decode. It keeps data secure by using a key to encode the data, only someone with the key can decrypt.

25
Q

What is a firewall?

A

A network security system that inspects incoming and outgoing data traffic and uses a set of rules to decode the data and figure out what data to allow through from on side to the other.

26
Q

Give three examples of authentication.

A
  • username and password
  • algorithms and code
  • multifactor authentication
27
Q

List 3 criteria (with examples) a user must provide to gain access to a network using multi-factor authentication.

A
  • A piece of knowledge (ID, password or pin)
  • A physical artefact (identity pass)
  • A physical attribute (fingerprint or voice)
28
Q

List and explain four types of file permissions.

A
  • Read: users can open the file and read its contents, but can’t modify or delete it.
  • Write: Users can read and modify the file, but can’t delete it.
  • Execute: Users can execute a program file.
  • Delete: Users can delete a file.
29
Q

Give 3 examples of firewall rules.

A
  • Rule which stops certain protocols from being used to prevent the organisation’s data from being potentially copied to an external server
  • Rule which blocks data coming/going from/to certain network addresses
  • Rule which stops attempts of hacking the internal networks’ servers by disallowing data that matches the pattern an attacker would use
30
Q

Give four suspicious activities that firewalls could block.

A
  • Downloading viruses while browsing online
  • Emailing sensitive data to themselves or to someone else outside of the organisation
  • Visiting harmful or time-wasting websites
  • Downloading files from file sharing sites.

comp sci ♡!! (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions