Network Security Flashcards

1
Q

Acceptable Use Policy

A

a document that stipulates what users of a network may or may not do with that network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Adware

A

not dangerous in its own right, but may contain links to other malware, such as viruses and key loggers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Alphanumeric Characters

A

letters and numbers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Anti-Malware

A

software that detects and removes harmful software, such as viruses, from a computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Anti-Virus

A

a program that can be loaded into memory when the computer is running that monitors activity on a computer system for the signs of virus infection that scans for a virus’s signature

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Archive

A

long-term storage of files no longer in use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Backdoor

A

built into a computer program that allows someone to bypass any security to get to it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Back Up

A

where the original file is still on the computer, but there is another copy somewhere else

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Full Backup

A

where everything is backed up

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Differentiation Backup

A

where files are backed up between different time intervals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Incremental Backup

A

where only files that have been edited are backed up

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Blagging

A

the act of convincing someone that you are someone else to make them directly give away information such as passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Brute Force Attack

A

where hackers have multiple guesses in quick succession at your password until they eventually guess it correctly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Buffer Overflow Attack

A

a malware attack where the attacker attempts to fill up your memory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Compression

A

process that reduces a file’s size for efficient storage or transmission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Cookie

A

a text file stored on your computer that contains details about a website that you have visited

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Cyberattack

A

attacks on computers or networks that use various types of malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Cyphertext

A

text that has been encrypted and cannot be decrypted without the decryption key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Dictionary Attack

A

an attack where a hacker uses a file containing every word in the dictionary to guess your password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Digital Footprint

A

the record that is kept of everything you have done online

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Disaster Recovery Policy

A

a document that describes how a company would aim to recover from catastrophic damage to hardware, software or data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Distributed DoS Attack

A

a DoS attack involving several networks, either because several networks are attacking at once, or several networks are being attacked at once

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

DoS Attack

A

Denial of Service Attack

attempt to make your website and servers unavailable to legitimate users by swamping a system with fake requests, usually in an attempt to exhaust server resources, not to break system security, involving a single internet connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Encryption

A

by encrypting data, it can only be read by someone who has the same decryption software on the other end

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Firewall
a security system that controls incoming and outgoing network traffic, that analyses packets of data to determine whether they should be allowed through or not, its function is to monitor where data has come from and where it is going and to determine if this communication is allowed by checking a list of pre-determined rules, not to stop viruses
26
Footprinting
where an attacker builds up a profile about someone to make it easier to guess their passwords
27
Fraud
a crime in which you purposefully deceive someone for monetary gain
28
Guess Attack
where a hacker makes an educated guess at your password
29
Hashing
performing an algorithm on a password which allows entered passwords to be checked, without allowing the actual password to be viewed
30
Human Error
the biggest threat to any type of cyber security
31
Injection Attacks
when an attacker tries to get the program to execute their malicious code by including it as a regular output, which can be avoided by using input validation
32
IP Address Spoofing
involves an attacker changing the IP address of a legitimate host so that a visitor who types in the URL of a legitimate site is taken to a fraudulent or spoofed web page, meaning the attacker can then use this page to steal sensitive data or install malware
33
JPEG
Joint Photographic Experts Group a format for compression images using lossy compression
34
Key Logger
a type of software that can be used to track keystrokes and capture passwords, account numbers, fraudulent use or people’s online activity
35
Malware
malicious software a broad term used to describe software used to disrupt computer operation
36
Name Generator Attack
attacks in which the victim is asked on an app or social media to put in personal details about themselves, often to produce a name, allowing attackers to find out key pieces of information about you to help them answer security questions that protect people’s accounts
37
MPEG
Moving Picture Experts Group a standard for compression videos using lossy compression
38
Network Forensics
monitoring and analysis of network traffic to detect intrusion
39
Network Security
security methods such as passwords, user access levels, encryption, etc
40
Nonalphanumeric Characters
characters such as punctuation marks
41
Parity Bit
used to indicate whether the number of bits transmitted that are equal to one are even or odd, an error is detected when the parity bit is not set to the expected value
42
Parity Checking
the most straightforward method of detecting errors, usually a parity bit
43
Passphrase
a technique using WhatThreeWords for coming up with passwords
44
Password
used to prove a person’s identity to a computer system, thus allowing them access to relevant data. These should be easy for the user to remember, but hard for other people to guess, can be guessed using formula: Attempts = Number of characters^Password length
45
Penetration Testing
where a company is attacked and the results are reported back to the company
46
Blind Testing
testing to simulate the actions and procedures of a real attacker by severely limiting the information given to the team performing the test
47
External Testing
testing carried out to find out if an outside attacker can get in and how far they can get in once they have gained access
48
Internal Testing
testing carried out to find out how much damage a dissatisfied employee could cause
49
Targeted Testing
testing carried out by the organisation’s IT and the penetration team working together
50
Pharming
where users are unknowingly redirected to a fake website with the intention of identity or information theft
51
Phishing
fraud where a user is tricked, often by e-mail, into revealing personal or confidential information, eg bank details which can be used fraudulently
52
Physical Security
security methods such as locking doors, CCTV etc
53
Pretexting
an attack in which the perpetrator invents a scenario in order to convince the victim to give them data or money, often requiring the attacker to maintain conversation with the victim until they are persuaded to give them whatever the attacker asked for
54
Private Key
used for encryption/decryption and should not be shared with unauthorised parties, usage of them is laid out in the company’s AUP
55
Ransomware
malware attack that holds the computer to ransom, locking the computer and demanding money to unlock the computer or regain access to files
56
Shouldering
an attack designed to steal a victim’s password or other sensitive data, involving the attacker watching the user input information, for example, over their shoulder, and is often done at PIN machines, but can be carried out long-distance by binoculars or CCTV
57
Signature
all viruses have a unique signature that anti-virus software scans for
58
Smishing
a form of phishing that is done through SMS
59
Social Engineering
psychological manipulation of people into revealing personal or confidential information, eg bank details which can be used fraudulently
60
Spear Pharming
a type of pharming with a specific intended target
61
Spear Phishing
a type of phishing with a specific intended target
62
Spyware
installed by opening attachments or downloading infected software, used to collect stored data without the user’s knowledge
63
SQL
Structure Query Language a set of commands that allows you to get information
64
SQL Injection
a technique where malicious user can inject SQL commands into SQL statement, via web page input, which can alter SQL statements and compromise the security of information held in a database
65
System Access
users should only be able to access areas for which they have permission
66
Trojan Horse
a program that appears to perform a useful function, but also provides a ‘backdoor’ that allows data to be stolen
67
User Access Levels
allowing different users to have access to different data, such as giving some people Read Only access, or allowing some people to access more data than others
68
User Account
these should not be shared, permitted usage of these is laid out in a company's AUP
69
Virus
programs that can replicated themselves sand be spread from one system to another by attaching themselves to host files, used to modify or corrupt information on a targeted computer system
70
Worms
self-replicating programs that identify vulnerabilities in operating systems and enable remote control of the infected computer
71
Xor
exclusive or, used in encryption and decryption
72
World Wide Web
the name given to the large number of webpages stored on the internet
73
Distributed DoS Attack
a DoS attack involving several networks, either because several networks are attacking at once, or several networks are being attacked at once
74
Dictionary Attack
an attack where a hacker uses a file containing every word in the dictionary to guess your password