errors , threats Flashcards
arithmetic issues
rounding,truncating,overflow,fixed no. of bits
data transmission errors
data doesn’t reach destination intact - data corruption by
atmospheric conditions (cable heat too much,moisture- unable to carry data)
distance limits (attenuation)
interference +causing devices (motors, fluorescent lighting, cables running by electric cables)
programming errors
bugs- can lead to catastrophic failure of system
data verification
systematic process for evaluating performance + compliance of data set when compared to standards in project documentation to ascertain its completeness, correctness + consistency
RFID
radio frequency identification
makes use of radio signals to transfer data from tag attached to an object
tag contain identification data sensed by receiving device
uses electromagnetic fields to automatically identify and track tags attached to objects.
sql injection + fix
gives access to hackers - reveals all data in table
use GUI components to restrict data, remove INSERT, UPDATE, + DELETE rights to any website
validate user input to check for possible sql injections
fix hardware failure
RAID 1 (mirroring) + RAID 5 (striping) to provide one or more hard drives in case of hard drive failure
if there is complete failure, the backup could be used to recover a prev version of the data
psu
power supply unit
converts alternating current to direct current
trojan horse
seemingly harmless program that when activated causes harm to computer system
spyware
capture info like web browsing, e-mails, usernames + passwords, credit card info
can transmit data to another persons computer over internet
pharming
attack intended to redirect websites traffic to another bogus site by changing host file on victims computer or by exploitation of vulnerability in DNS server software
ransomware
prevents user from accessing their computer until ransom is paid
DoS attacks
denial of services attacks
attempts to make server/network resource unavailable to users
DDosS attacks
distributed denial of service attack that uses more than one computer distributed worldwide to put heavy burden on service
infected w malicious program that makes server go wrong
harder to withstand than DoS attacks
open ports
can be exploited through code vulnerabilities or malware
botnets
aka zombie army
several internet computers set up to forward transmissions (including spam + viruses) to other computers on internet w/o knowledge of owners
computer is infected + controlled by author remotely on net - serve in botnet
zombie created by internet port that has been left open - small trojan program installed for future activation
wifi vulnerabilities
to encrypt wifi- pre Shared key or certificate must be proved by client
open networks don’t use encryption – all data traffic visible to malicious actor, who wants to see any online communication of people nearby. When insecure apps/sites accessed on an unencrypted connection, data becomes a risk of data leak: unauthorised/unintentional transfer of sensitive information from mobile device to Internet service
Captive portal, pages – open guest networks will display captive Portal page, asking for personal information to access Wi-Fi connection. Look like standard web page so people hand over info placing their info at risk
RAID
redundant array of inexpensive disks
protection against hard drive failure
- improves performance + provides protection of data
uses 2 or more hard disks so if 1 fails, other will contain copy
RAID 1
protection of data creates
duplicate of other disk-mirroring- won’t improve performance but offers data protection
data stored on 2 hard disks simultaneously- but only accessed from 1 (second is backup)
RAID 0
performance based- no data protection-if one disk crashes , data lost
RAID 5
RAID 5 is an improved version of RAID 0 and offers both data protection and improved performance .It requires a minimum of 3 disks and utilises parity and striping
In RAID 5, the data is written in stripes across 3 hard drives and utilises an extra 8 bytes of data as parity that will kick in if one disk fails.
Disk striping with RAID provides data redundancy and reliability. Parity data is commonly calculated by using the binary exclusive function stored on a physical drive in the RAID set. If a storage drive in the striped RAID set fails, the data is recoverable from the remaining drives and the parity stripe.
UPS
power supply for proper shut down of the sytem
emergency power supply when power source fails
importance of strong passwords
Strong passwords are necessary as they reduce the risk of the user’s account being compromised. weaker passwords can be easily guessed and are vulnerable to attacks
given the current setup of 2 servers , how would implementing RAID 1 ensure data redundancy
impact on storage capacity?
RAID 1 offers better data protection, but reduces the total storage capacity as everything is duplicated.
how is RAID 5 beneficial as company expands from 2-5 servers
Use RAID 5 since there’s more than 3 servers. RAID 5 offers both improved data protection and improved performance. RAID 5 is unlike RAID 1 in the sense that it only uses the space of one server for redundancy which makes it more efficient.
compare read + write performance of RAID 1 and RAID 5
The read performance of RAID 1 is high. As the data is mirrored, the operations can be distributed between the 2 drives. RAID 1 has twice the read rate and an equal write rate of single disks. The read performance of RAID 5 is high as the data is striped across all drives and allows for multiple read operations to occur in parallel, leading to faster speeds.i
It has a slow write time as the parity information must be written to the disks alongside the actual data.
how can ups systems protect servers during power outage
A UPS protects servers during a power outage as it immediately kicks in when the original power source has failed, providing protection from data loss and hardware damage.
what can be implemented to protect client data
User level security such as access control, backups and data encryption.
login timeout and lockout policies
changing UPS default credentials
storage solution combining RAID 1 + RAID 5 that maximises data redundancy and performance
combines the mirroring of RAID 1 (speed + performance) with the striping of RAID 5 (inexpensive redundancy + fault tolerance) . data is first mirrored (like RAID 1) and then striped across multiple mirrored pairs (like RAID 5).
develop comprehensive security plan that includes UPSs strong passwords and other measures to protect against unauthorised access and data loss
restrict the physical access to server rooms to only authorised personal through biometrics and protection of these rooms or controlled measures to ensure constant core temperature.
Establish communication between computers and UPS for your service and storage device. There should be maintenance of UPS system taken in order to ensure system remains up-to-date
Implementation of strong password policies required, implemented a strong and secure password that must be regularly changed, and all the passwords cannot be reused
strategy for regular backups and 13 corruption to ensure data, integrity and confidentiality
Use httpstransmission protocol.
Data back up with automatic back up scheduled for tonight when system is not in use.
Network security: files, encryption.
use of strong passwords?
onsite vs remote backup
onsite: quick access to data, low cost, easy installation (hardware) BUT vulnerable to data theft, damage
remote backup
multiples copies of data, security- data encrypted by backup program, unlimited storage capacity BUT costs, speed dependent on internet connection
redundant power supply
2 power supply units
one power source fails, other immediately kicks
not used concurrently- backup 1 is redundant
biometrics superior to passwords
- uses unique data
- convenient to use
- supports multi factor authentication
authentification
validating usernames + passwords inputted by user then allows access to
user level security
different restrictions based on specific user
share-level security
protects shared network resources on computer w individually assigned passwords
encryption
process that uses algorithm to transform data from database into cipher text incomprehensible w/o decrypting
different restrictions based on specific user
digital signature
vouches for origin and integrity of data
key length
no. of bits
longer - better security
TKIP
temporal key integrity protocol.
Encryption protocol included for wireless LANs.
Instead of using one pre - shared key for packages sent on WAN, each data packet encrypted, using 48 bit serial number incremented for each packet
TKIP
temporal key integrity protocol.
Encryption protocol included for wireless LANs.
Instead of using one preship queue for packages sent on W 18, using 48 bit serial number increment for each packet
port filtering
firewall monitors ports of network protocol packets that pass through it
allows firewall to block packets based on their content, or block users from using certain points that may provide holes for hackers to get into network
audit trails
record of who, what and timestamp of change made to computer system
fix malware
firewall to prevent malware from entering network + block suspicious sites
install anti-malware to detect malware and take appropriate action
keep anti-malware up to date
educate users on network abt social engineering
educate staff abt SPAM, phishing and other sources of malware
prevent unauthorised access
enforce strong authentication strategies
encrypt sensitive data on network
don’t give admin rights to any user other than network administrators
fix open ports
use firewall + close any unused ports
do regular port scans to identify any unchecked vulnerabilities on a port
use latest version of software
install anti malware software
fix denial of service (DOS) and distributed denial of service (DDOS)
monitor traffic to identify counterfeit packets
upgrade security patches on the os
fix botnets
use latest version of software
protection measures against aDdOS attacks
educate staff about SPAM, phishing + other sources of malware
fix wifi vulnerabilities
change default wifi network names + passwords
update firmware of wifi enabled devices
consider switching to ethernet
use firewall
use vpn when remotely accessing remote networks
use network monitoring to oversee connected devices + web traffic
fix eavesdropping
use HTTPS + digital ssl certificates
network segmentation can help prevent eavesdropping by breaking down a larger network into various subnetworks, if any subnetworks are compromised, the others are left untouched because they exist independently of each other
broad solutions to problems
back up data regularly
install + regularly update antivirus
software
store data on reliable medium
update patches
imstall ssl certificates to stay ahead of threats
upgrade firewalls with access control lists (ACL) , proxy + routers
multi factor authentication
human errors
inputting incorrect, inaccurate,invalid,wrong data for required input
GIGO- Garbage in, garbage out
solutions for errors
data verification- systematic process for evaluating performance + compliance of data set when compared to set of standards to ascertain its completeness, correctness and consistency
data validation- extensive number of checks applied to data
