5.2 Network Security Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

What is Network Security?

A

It is the processes, practices, and technologies designed to protect networks from attacks, damages, or unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Where do attacks originate from?

A

It can happen internally and externally.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the kinds of security do you need to watch out for?

A
  1. Physical Security
    1. CCTVs, Case Locks, Disabling USB Ports
  2. Cloud Security
    1. Ensure the cloud servers you use are safe
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What should be done when checking security?

A
  1. Validation
    1. Ensuring that data is correct and secure before processing
  2. Authentication
    1. Ensuring that an entity is genuine, like users, product authentications.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are some security threats?

A
  1. Unpatched Software
  2. Misconfigured Access Controls
  3. Social Engineering
  4. Phishing
  5. Shoulder Surfing
  6. USB devices
  7. Portable Digital Devices
  8. Eavesdropping
  9. Malicious Code, malware basically
  10. Commercial Analysis tools
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Unpatched Software?

A

It is basically just un-updated software, which may have some protection holes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Misconfigured Access Control?

A

It is when an entity has permission to access something that they’re not supposed to.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Phishing/Pharming?

A

It is the usage of sending emails from a ‘verified’ entity that contains malicious links that can lead to websites that download malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is shoulder surfing?

A

Someone staring at you when you type in important information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is Malicious Code?

A

It is malware like:

  1. viruses
  2. spyware
  3. things like that
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How can you identify vulnerabilities?

A
  1. Penetration Testing
  2. Ethical Hacking
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is penetration testing?

A

It is basically stimulating an attack to find any weaknesses. For example, entering a random username and password just to see if it can access the site. It is normally done by an external entity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the kinds of penetration testing?

A
  1. White-box pen test
    1. Inside attack, where attacker has some knowledge of the system
  2. Black-box pen test
    1. Outside attack, hacking
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is ethical hacking?

A

Hacking is finding and exploiting vulnerabilities, it is only ethical when done in a testing context. There are kinds identified by white/black/gray hat hackers. For it to be ethical, it must:

  1. Have permission
  2. Be worked on securely
  3. notify admins when weaknesses are found
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are Firewalls?

A

They monitor network traffic and filter data packets based on agreed rules. Routers and dedicated hardware contain firewalls, they can:

  1. Block Packets
  2. Connections from certain regions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the structure of a data packet?

A

Header

Data

Trailer

17
Q

How do firewalls work?

A
  1. Packet filtering is done by looking at the addresses on the packet header. (first generation)
  2. Stateful Inspection is done by looking at the data context. (second generation)
18
Q

What are some security measures (2)?

A
  1. Design Stage Planning
  2. Audit Trails
  3. Securing Operating Systems
  4. Good Programming Practices
19
Q

What is Design Stage Planning?

A

It is threat modeling, basically just analysing vulnerabilities from a theoretical attacker’s view.

20
Q

What are Audit Trails?

A

These are system records kept, which can trace security issues.

21
Q

What is Securing Operating Systems?

A
  1. Limit User Accounts
  2. Directory Permissions
  3. Strong Passwords
  4. Limit automatic softwares
  5. Install patches and update new versions