Chap 22- Network security

Question 1

What activities does network security covers? Explain.

Answer 1

•Confidentiality: Keeping data private.
•Correctness(Integrity)
•Avalability

Question 2

Ways to protect data confidentiality

Answer 2

•Ensuring only authorized users can access parts of Network resources
•Stopping misuse: Authorized people accessing file they aren’t supposed to be.
•Encrypting data: Can’t read w/o the encryption key.

Question 3

What if the data is lacked of correctness (Integrity)?

Answer 3

-An error in patient’s health record or in manufacturing control system could cause serious consequences

Question 4

Ways that will disable the availability of the network

Answer 4

•Broken network hardware components
•Corrupted program code
•Virus/DOS that
×Slow down the network performance/stop it working
×Delete data
×Alter data or program code
×Allow data to be stolen or eavesdropped on

Question 5

What’s DOS & DDOS?

Answer 5

-Denial of service, Distributed Denial of Service
-Attack on a network preventing legitimate users from accessing to its service

Question 6

Reasons why security is important.

Answer 6

•Required to run organization
-If data lost/fail to fulfil order(DOS) >Lose trust>Bankrupt
-School’s cant run effectively if they can’t access to their data(Timetables,presentation,..)

•Private/Confidential
-If data leak(not secure)>sue>lose trust>Close down

•Financially Valuable
-If business plan to raise revenue is obtained by competitor>Undercut the business/Lose chance to raise

Question 7

What’s two-factors authentication?

Answer 7

Security check where users have to type secure token from device or SMS from mobile

Question 8

What are ways to secure data?(as organization)

Answer 8

•Acess control: Controls what permission a user has to particular file
•Firewall: Monitor and contol data that is sent moving from one network to another.
•Physical security: Only authorized people (network technicians & Sysadmin) can physically access.

Question 9

Why should organisation buy hardware based firewall than using software based?

Answer 9

•More flexiblilty in terms of rules
•Allow faster throughput of data.

Question 10

What does firewall do?

Answer 10

•Inspects incoming, outgoing data
•Use firewall policy to decide whether to allow data to move from one network to another
•Rules designed to protect from wide range of potential threats

Question 11

Why is electronic lock system better than traditional?

Answer 11

•Record Entry/Exit times
•Deactivate individual card if employee lose it or leave company

Question 12

Ways to secure data physically?

Answer 12

•Install burglar alarm
•Security tagging
•Physical locking down equipment (safe)
•Physical guards
•Surveillance Technology

Question 13

Why is physical security so important?

Answer 13

•Anyone with physical access can easily bypass access control or authentication system.
•Could copy, modify, delete any data on network.
•Install malware to gain remote access

Question 14

What can firewall policy do?

Answer 14

•Stop certain protocols from being used.(FTP->prevent copying organization data to external sever)

•Block data coming/going to certain Network Address(URL/IP)
[ Eg.Website,server,
computer,another country and organization]

•Stop attempts at hacking by disallowing data matches pattern attacker would use

Question 15

What can organization do in firewall to meet certain circumstances?

Answer 15

They can customize the firewall policy to meet their circumstances.

Question 16

What’s NAS? Typical home/organization use consists?

Answer 16

•Network attached storage connected to a network.
•Provide file storage for devices in network.

Home:Single Hard Drive,Associated network hardware
Organization: Several Hard drive

Question 17

Additional features of NAS?

Answer 17

•Accessible via internet
•Specialist app for smartphones to access files stored on NAS

Question 18

Mistakes users make with NAS?

Answer 18

•Not changing device’s default password (Use complex)
•Not updating software running on NAS(fix security weaknesses)

Question 19

Pros & Cons of USB flash drive?

Answer 19

Pros
•Easy to transport
•Cheap for amount of storage available
•Very convenient to use

Cons
•Easily lost large amount of sensitive information on drive

*Use encrypted Flash drive

Question 20

USB?

Answer 20

Universal Serial Bus

Question 21

Intentions of cyber attack?

Answer 21

•Make system unavailable
•Delete or modify information
•Gain access to data in system
•Physical damage a device(By overriding safety limits)

Question 22

Social engineering?

Answer 22

Attacks rely on exploiting human’s behavior to reveal sensitive information

Question 23

Forms of social engineering?

Answer 23

•Phishing: Attempt to get sensitive information through sms,VC, email, fake web(domain spoofing)
•Pharming: Spread malware that changes IP of domain name to fake web. [Malware can infect DNS->Everyone is redirected to bogus sites]
•Shoulder Surfing:Directly observing a user by looking over shoulder, using hidden cam to gain confidential information.(username,PIN)

Question 24

How to prevent Pharming?

Answer 24

•Chrck the http address of intended website
•HTTPS? when enter sensitive information
•Install latest security updates
•Install latest antivirus software

Question 25

Why is it longer to access website you have never visited before?

Answer 25

IP of visited website is stored in DNS cache so doesn’t need to request DNS server each time.

Question 26

Forms of technical weaknesses

Answer 26

•Unpatched software:
-Unpatched>Known weakness>exploit it and attack unpatched software.
-Patched>fix security issues(Manually installed by technicians)

•USB devices:
-ontain malware>transfer to cur system and copy data to attacked via internet.

•Eavesdropping:
-Intercepting transferred data from/to computer system.

Question 27

Why is “technical weaknesses”?

Answer 27

Unpatched software & USB devices> Allow malware>Eavesdrop

Question 28

What things should software designer should consider?

Answer 28

•What authentication?
•Diff level access for diff user
•Warning issued before risky operation (copy, deleting)
•Stored data encrypted?
•Threats software will face, will software run on computer connected to internet?

Question 29

What’s modular testing and why is it used?

Answer 29

-Testing each block of code separately to ensure code works as intended.
-To prevent hackers from exploiting small problem in code to access to data or system

Question 30

Ways to protect cyber attacks?(organization)

Answer 30

•Audit Trails
•Secure OS
•Provide effective network security

Question 31

Why are IPA standards needed?

Answer 31

So that all devices from diff manufacturers will use the same type of address and can communicate each other

Question 32

Benefits of Audit Trials?

Answer 32

•There’s record of who changed what when
•Identifies when error/security issue is introduced
•Enables program to be rolled back previous state
•Improve accountability/produce robust code