NETWORK SECURITY Flashcards
Describe Viruses, worms, and Trojan horses
These contain malicious software or code running on a user device.
Describe Spyware and adware
These are types of software which are installed on a user’s device. The software then secretly collects information about the user.
Describe Zero-day attacks
Also called zero-hour attacks, these occur on the first day that a vulnerability becomes known.
Describe Threat actor attacks
A malicious person attacks user devices or network resources.
Describe Denial of service attacks
These attacks slow or crash applications and processes on a network device.
Describe Data interception and theft
This attack captures private information from an organization’s network.
Describe Identity theft
This attack steals the login credentials of a user in order to access private data.
Describe possilble internal security threats
This can be attributed to lost or stolen devices, accidental misuse by employees, and in the business environment, even malicious employees. With the evolving BYOD strategies, corporate data is much more vulnerable.
Describe Antivirus and antispyware
These applications help to protect end devices from becoming infected with malicious software.
Describe Firewall filtering
Firewall filtering blocks unauthorized access into and out of the network. This may include a host-based firewall system that prevents unauthorized access to the end device, or a basic filtering service on the home router to prevent unauthorized access from the outside world into the network.
Describe Dedicated firewall systems -
These provide more advanced firewall capabilities that can filter large amounts of traffic with more granularity.
Describe Access control lists (ACL)
These further filter access and traffic forwarding based on IP addresses and applications.
Describe Intrusion prevention systems (IPS)
These identify fast-spreading threats, such as zero-day or zero-hour attacks.
Describe Virtual private networks (VPN)
These provide secure access into an organization for remote workers.
What considerations must be made before selecting Network security requirements?
- The environment
- The various applications, and computing requirements.
- Quality of service that users expect of each technology.
- Must be adaptable to the growing and changing trends of the network.