LO3 Flashcards
How can you mitigate risks?
Testing systems and networks for vulnerabilities
What are assets?
Hardware, software, communication equipment, information and data
What is a ‘back door’
Method by which a programmer or network manager bypasses the normal security procedures
What is cost/benefit
The cost of implementing security against the benefits that it would bring
How can you protect vulnerabilities
Put measures in place to protect assets
What are examples of hardware assets
Servers, printers, scanners and computers
What are examples of software assets
Word processors, spreadsheets, CRM, financial packages
What is risk management
Taking steps to monitor the system or network to identify its weaknesses or vulnerabilities and put in place sufficient and appropriate measures to reduce or eliminate the risk
What is a patch deployment
Software issues are identified and reported. Hot fixes are designed to remove the vulnerability
What is manual remediation
Instead of using automated tools, technician or network manager will take steps to remove or reduce the vulnerability
What are automated tools
Tools that identify and repair vulnerabilities without the intervention of the technician or network manager
What is vulnerability
testing
Identification of a list of vulnerabilities that can be prioritised in order of severity
What is penetration testing
A software tool that tests a compute system/network to identify vulnerabilities that could be exploited by a hacker
What is fuzzing
Fuzzing is used to identify coding errors and security loopholes in software, operating systems and networks.
What does fuzzing involve
Inputting huge amounts of random data in an attempt to make the system crash
What is security functionality
Used to identify flaws in security mechanisms that are supposed to protect data and information
What is sandboxing
Test environment that isolates untested code changes to ensure any issues are not transmitted onto the main areas of the system
What is an intrusion detection system (IDS)
Software that monitors computer systems and networks for unexpected malicious activities
What is a network intrusion detection system (NIDS)
Monitors all inbound and outbound network activity to identify any suspicious patterns that indicate a cyber attack
What is risk analysis
Determining the likelihood of a risk occurring and its impact on the company
What is a monitoring system
A system that alerts/reports if it detects specific type of activity.
What is a control system
A system that would be used if there was a need for certain access and/or denial of traffic to your network.
What is a host intrusion detection system
detects unusual, unauthorised or illegal activities on a specific device.
What is a distributed intrusion detection system
Consists of multiple IDs (intrusion detection systems) over a large network that communicate with each other or a central server
What is a honeypot
A computer system set up as a decoy to detect, deflect and even counteract unauthorised use of the system
What is an intrusion prevention system
Proactive detection and prevention against unwanted intruders
What are biometrics
The identification of a user based on a physical characteristic, such as a fingerprint, iris, face or voice recognition
What are RFIDs
uses electromagnetic fields to attach tags to physical objects. ID cards. It allows authorised people to access certain areas
What is a firewall
Controls and monitors incoming and outgoing traffic in a network
What is anti malware
Locates and destroys or quarantines malware
What is asymmetric encryption
Uses two keys to encrypt plaintext. Anything encrypted using a public key can be decrypted using a private key
What is symmetric encryption
Only uses one key shared among the people who need to access the data
