Malicious attacks ,Threats and vulnerabilities

Question 1

What is a botnet

Answer 1

A botnet is a bunch of Internet-connected computers under the control of a remote hacker.

Question 2

where can attacks happen?

Answer 2

Malicious attacks can occur in any of the seven domains of an IT infrastructure. Typically, malicious attacks are targeted on the User, Workstation, LAN, and LAN-to-WAN domains.

Question 3

what are you trying to protect

Answer 3

customer data
Name ,address ,phone,NI ,number,dob ,card holder ,data

IT and network infastructure
Hardware ,software and services

intellectual property
Sensitive or secretive data such as patents, source code, formulas, engineering plans or designs.

Question 4

what are your trying to protect?

Answer 4

Finances and financial dataBank accounts, credit card data, and financial transaction data.

Service availability and productivityThe ability of computing services and software to support productivity for humans and machinery

ReputationCorporate compliance and brand image

Question 4

should companies report a data breach

Answer 4

It is part of your incident response plan is to report your data breach to the required regulatory authorities

-you may be legally required to

Question 5

should companies report a data breach(downsides)

Answer 5

downside of disclosing a data breach:
-The company suffers public embarrassment criticism
-security practises will be scrutinised
-fine

Question 6

should companies report a data breach (benefits)

Answer 6

company shows commitment to honesty and transparency
Reassurance: You can clearly communicate the remediation and prevention of further harm.
Save companies money

Question 7

hackers

Answer 7

hacker often describes someone who breaks into a computer system without authorization.
In most cases that means the hacker tries to take control of a remote computer through a network or by software cracking.

Question 8

types of hackers

Answer 8

Black-hat hackers
white-hat hackers
grey hat hackers

Question 9

black hat hackers

Answer 9

Tries to break IT security and gain access to systems with no authorization in order to prove technical prowess.

Question 10

White -hat hackers

Answer 10

White-hat hacker: Also called an ethical hacker, is an information systems security professional who has authorization to identify vulnerabilities and perform penetration testing

Question 11

grey-hat hackers

Answer 11

: A hacker who will identify but not exploit discovered vulnerabilities, yet may still expect a reward for not disclosing the vulnerability openly.

Question 11

what is a security breach

Answer 11

Any event that results in a violation of any of the C-I-A security tenets

-Some security breaches disrupt system services on purpose
-Some are accidental and may result from hardware or software failures

Question 12

Activities that reach a security breach

Answer 12

denial service of attack
distributed denial service of attack
unacceptable web browsing behaviour
wiretapping
accidental data modifications

Question 12

Denial service of attack

Answer 12

A coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks

Question 13

DOS examples

Answer 13

Protection against DoS using
Intrusion prevention system (IPS)
Intrusion detection system (IDS)

Examples of DoS Attacks:
SYN flood
Smurfing

Question 14

logic attacks

Answer 14

use software flaws to crash or seriously hinder the performance of remote services

Question 15

Flooding attacks

Answer 15

Providing false information about the status of network services.

Question 16

Distributed denial service of attack

Answer 16

overloads computers and prevents legitimate users from gaining access