5.2: network security

Question 1

Two-factor authentitication

Answer 1

A typical two-factor authentication process will first ask you to enter a password. If this is correct,
the system will send a code by text message to your mobile phone.

Question 2

biometric authentitication

Answer 2

A biometric is a physical characteristic such as a fingerprint or facial image

Question 3

access rights and access levels

Answer 3

• When a user is given access to a computer system, their access to specific files within the system can be restricted
• possible to restrict the level of access that a user has for example view or edit a file

Question 4

MAC adress filtering

Answer 4

a unique number that is assigned to a network interface card when the card is manufactured

filter can be set up in 2 ways:
* safelist
* blocklist

Question 5

safelist

Answer 5

used to specify the MAC addresses of devices that are allowed to connect to the network

Question 6

blocklist

Answer 6

can be used to specify the MAC addresses of devices that are not allowed to connect to the network

Question 7

firewalls

Answer 7

• sits between two networks, usually a trusted network (such as your home network) and an untrusted network (such as the internet)
• The firewall will attempt to prevent malicious traffic entering the network.

Question 8

physical security

Answer 8

• CCTV
• guards
• locked rooms

Question 9

advantages of cloud and contemporary storage

Answer 9

• The cloud storage provider is responsible for the hardware your data is stored on.
• The amount of storage can easily be changed
• protected from loss due to fire, theft of computers/servers, electrical failure, and so on.
• Many cloud storage systems back-up your data

Question 10

disadvantages of cloud and contemporary storage

Answer 10

• You are relying on a third-party storage provider to keep your organisation running
• Data stored carries the risk of other people gaining access to it
• Users have to assume that the people providing the service are trustworthy
• Access to cloud storage is dependent on high-speed Internet connection

Question 11

Social engineering

Answer 11

• is the term used for a range of techniques employed by cybercriminals to deceive users into giving away their personal information
• it involves humans trying to trick or manipulate other humans

Question 12

forms of cyberattacks

Answer 12

• phishing
• shouldering
• blagging
• pharming

Question 13

phinishing

Answer 13

an attack in which the victim receives a message
disguised to look like it has come from a reputable source (for example, a bank). The message will
include a link that, when clicked, will either trick the user into revealing personal data or initiate
the installation of malware on the victim’s device

Question 14

pharming

Answer 14

• a user being sent to a fake website that the user believes is the real one.
• the user might be tricked into submitting personal information such as entering their username and password into a fake login window with URL that is very similar to a real one

Question 15

shoulder surfing (shouldering)

Answer 15

• It involves the attacker watching the victim, for example, over their shoulder, while they provide
  personal information.

It is often used to find out:
* Someone’s PIN at a cash machine
* The code to access a secure room
* Someone’s password whilst they type it on the keyboard

Question 16

unpatched software

Answer 16

• The maker of the software will normally provide updates (referred to as patches) to fix security
• The patches to fix the security issues often have to be manually installed by a technician.
• Sometimes these patches get forgotten about so, the software remains vulnerable

Question 17

USB devices

Answer 17

any USB device can potentially be a security threat because it might contain malware that could be transferred to your system or copy data to the attacker via the Internet

Question 18

eavesdropping

Answer 18

• eavesdropping means intercepting data being sent to/from another computer system.
• eavesdropping on a network is simply reading data without actually copying or stealing it.
• Security weaknesses such as unpatched software or a USB device might allow malware to be installed on the network that allows an eavesdropping attack

Question 19

penetration testing

Answer 19

• testing to make sure that the system is secure from hackers or other malicious attacks. It is used to discover weaknesses in a system that could be exploited

2 main types:
* black-box penetration
* white-box penetration

Question 20

black-box penetration testing

Answer 20

• designed to mimic an external attack on the system.
• The tester will use brute force methods and try to exploit well-known software vulnerabilities to get access to the system

Question 21

white-box penetration testing

Answer 21

• designed to mimic an attack from an insider who already has access to the system, and maybe has information about the way the system is configured and operates.
• This can help safeguard against the actions of someone who is inside the organisation and up to no good

Question 22

ethical hacker

Answer 22

• someone who hacks a system but does not intend to cause any harm.
• usually people who are interested in finding out how secure systems are and see it as a challenge to identify any weaknesses in security.
• illegal

Question 23

network forensics

Answer 23

• process of monitoring and analysing network traffic.
• done to identify suspicious activity or to provide evidence to help with criminal prosecutions.

there are 2 approaches:
* One approach is to capture the data as it passes an inspection point and write it to disk so it can be analysed later. However, this method can generate huge amounts of data
* The data could be filtered so that only certain data is captured, but this will impact the performance of the network as each Packet would need to be inspected before being allowed to proceed

Question 24

network audit software

Answer 24

• allows a central record to be maintained, which records who logged on, when, and from which device or location and what files were accessed

Question 25

methods to reduce the chance of cyber attacks succeeding

Answer 25

• audit trail
• secure operating system
• effective network security

Question 26

audit trail

Answer 26

• a record of activities that have taken place on a
  computer system
• automatically generated and likely to be in chronological order.
• Ordinary users of a system shouldn’t be able to read it
• usually contains date and time of change, what change happened, who or what made the change.
• allow technicians to figure out what happened during a cyber attack; if the attack was successful

Question 27

secure operating systems

Answer 27

operating systems designed with security in mind

Question 28

effective network security

Answer 28

Well-educated technical staff, with up to-date training, are needed to keep software patched correctly, implement policies that reduce the chance of an attack being successful, train users in best practice in terms of security and monitor the systems to ensure there is no unauthorised access