Chapter 22: Network Security Flashcards
What is a NAS and how can you minimize security risks when using it?
A device used for storing and accessing data over a network. To minimize security risks, use complex passwords, remove default passwords, and apply all software updates.
What are the advantages and disadvantages of USB flash drives?
Advantages: Easy to transport, affordable, and convenient. Disadvantages: Can be easily lost, leading to potential data breaches meaning data can be stolen
How can encrypted USB flash drives enhance security?
Encrypted USB flash drives require a password or code to access data, making them unreadable without authorization.
What is a cyber attack?
Any kind of malicious attack on a network - connected device
What are the two main categories of cyber attacks?
Cyber attacks exploit either human behavior (social engineering) or technical weaknesses.
What is social engineering?
Social engineering is manipulating people into revealing confidential information or providing access to secure systems.
What are three common types of social engineering?
Phishing, shoulder surfing, and pharming.
What is phishing?
Phishing is an attempt to obtain sensitive information from a user by pretending to be a trustworthy source, often through email or fake websites.
How does phishing typically work?
A user receives an email asking them to update security details. Clicking a link leads to a fake website that looks legitimate, where they enter credentials that are stolen by attackers.
What is shoulder surfing?
Observing someone enter sensitive information, such as a PIN or password, to gain unauthorized access.
What is pharming?
Redirecting users from a legitimate website to a fake one in order to obtain personal information.
How can you prevent pharming?
Check website URLs, ensure HTTPS is used, verify security certificates, install updates, and use antivirus software.
What is unpatched software and why is it a security risk?
Software that hasn’t had the latest security updates applied to it, making it vulnerable to attack
Network Security
Activities designed to protect a network & its data from threaths such as viruses, hacker attacks, denial of service attacks, data interception & theft, & equipment failure
How can USB devices be a security threat?
USB devices can contain malware that infects systems or allows unauthorized data transfers.
USB definition
Socket found on most modern computer systems
Hacking
The act of gaining unauthorised access to a computer system & the data it contains
Throughput
Allow more data to pass through them
Malware
Any kind of software that is designed to disrupt the use of a computer system
What is an eavesdropping attack?
Eavesdropping is theft of data sent between devices without the user’s knowledge.
How can security be incorporated in software design?
By considering authentication, user access levels, encryption, threat protection, and secure coding practices.
What is penetration testing?
Penetration testing is a legal and authorized attempt to hack into a system to identify security vulnerabilities.
What are commercial analysis tools used for?
They scan systems for known vulnerabilities but must be kept updated to remain effective.
What is an audit trail?
A record of activities that have taken place on a computer system, including what has happened & who made the change
