Intruders and Firewalls Flashcards
What are the three main types of intruders? Which is easiest to detect?
Masquerader - an individual who is not authorized to use a system, but is able to penetrate it using a legitimate user’s account.
Misfeasor - a legitimate user who accesses data which they are not authorized for.
Clandestine user - an individual who seizes supervisory control of the system.
Masqueraders are easiest to detect.
What are the three types of behaviour patterns of intruders? How can these be countered?
Hackers, who do it for the thrill or status - can be countered with intrusion detection system.
Criminals, who target specific information. Can be countered by encrypting databases.
Insiders, which are hard to detect, as they are employees with access to knowledge.
What principle are intrusion detection systems based on?
That intruder behaviour differs from user behaviour.
What is a honeypot?
A decoy system designed to entice attackers away from critical systems. They have no production value. They are also good for allowing us to monitor intruder behaviour.