Network Security Flashcards
Spyware and keyloggers
Software hides on computer recording keystrokes to send back to 3rd party- analysis
Virus
Attaches itself to programs or files on a computer or server and can affect all components of an operating system.
Worms
It replicates itself in order to spread to other computers
Trojan
Malicious computer program that is designed to access a computer by misleading users of its intent.
Purpose of Social Engineering
Is used to gain unauthorised access to a computer system
Phishing
This method is a direct phone calls or emails that pretend to be an official service. People asked for bank details, pin
Brute Force Attack
Attempt to crack a password or username using trial and error and using as many combinations as possible
Purpose of brute force attack
To steal data or cause further harm.
Denial of Service Attack (DoS)
It sends as many requests to the server as it can aka flood
The server can’t respond fast enough so slows down or goes offline
Distributed Denial of Service Attack (DDoS)
Many computers are used to send the requests
Man- in- the- middle attack (MIT)
Allows the attacker to intercept communications between the user and server
Purpose of data interception and theft
Gain personal information to fraudulently gain access to accounts of innocent people. Once access has been gained, the account is either used to attack others, or money is transferred to a third party without the owners knowledge or consent.
Penetration testing
Practice of deliberately trying to find security holes in your own system.
What is the goal of Penetration Testing
- Identify targets of potential attacks
- Identify possible entry points
- Attempt to break in
- Report back the findings
Anti- malware software
To detect malware that has been installed.
To prevent malware from being installed.
To remove malware from the system.
How does anti- malware work?
- When a virus or new malware is detected it is sent to the anti- virus company
- They verify it is malware then create a signature of the virus
- They then add it to their virus database and tell computers to run an update
Firewalls
Performs a ‘block’ between a potential attacker and the computer system
User Access Levels
Allow a system administrator to set up a hierarchy of users who have different permissions when they access different parts of the system.
Encryption
Where data is translated into code so that only authorised users, or users with the key can decrypt and read. Users must have the key in order to decrypt the coded file.
Physical Security
Where hardware, software and networks are protected by physical methods - e.g CCTV, locks
Software Patches
Fix known security problems in software but also notify cyber- criminals that there was a problem so anybody NOT uploading the latest patch is vulnerable
Network Forensics
Specialist area that involves monitoring and examining data to discover the source of security attacks and other illegal activities
