Network Security Flashcards

1
Q

What is malware?

A

Software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Name 6 types of malware

A
  • Ransomware
  • Spyware
  • Adware
  • Trojan
  • Virus
  • Worms
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is ransomware?

A

Malware where the hacker will prevent you from accessing your data until a ransom is paid

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is spyware?

A

A program that monitors user activities and sends the information back to a hacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a trojan?

A

Malware that downloads onto a device disguised as a legitimate program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a computer virus?

A

Self replicating malware that often causes damage by deleting or modifying data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a worm?

A

Self replicating malware often not causing damage until it reaches it’s intended target

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What technical vulnerabilities could a computer have that a hacker could exploit if not dealt with?

A
  • Unpatched software
  • Out of date anti malware
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is unpatched software?

A

Software that hasn’t been updated to the latest standard.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is social engineering?

A

Deception to try to gain personal information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Name 2 examples of social engineering

A
  • Phishing
  • Shoulder surfing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is phishing?

A

Emails that try to trick users into giving away personal details

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is shoulder surfing?

A

The ability to get information or passwords by observing as someone types them in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Describe 2 examples of shoulder surfing?

A
  • Looking over someone’s shoulder
  • Using a CCTV camera
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What indicators are that an email is a phishing email?

A
  • They don’t say your name
  • Strange email address
  • A forged link
  • Requesting personal information
  • A sense of urgency
  • Poor spelling and grammar
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a brute force attack?

A

Trying all possible passwords until the correct one is found

17
Q

What is a Denial of Service (DoS) attack?

A

Flooding a server or network with pointless requests so that it either fails or slows down

18
Q

What is Distributed Denial of Service (DDoS) attack?

A

A DoS attack using multiple devices (zombies) to send requests

19
Q

What is data interception and theft?

A

Stealing data or intercepting it with a man-in-the-middle attack

20
Q

What is a SQL injection?

A

Typing code into a website to break into the database to retrieve information

21
Q

What is penetration testing?

A

Hacking your system to test for vulnerabilities, which will then be fixed

22
Q

What is a network policy?

A

A policy that provides rules and guidelines on what network users can and cannot do

23
Q

What are user access levels?

A

Different levels of permissions given to users to access facilities on a computer

24
Q

What is encryption?

A

Converting readable data to an encoded version that can only be decoded with a key

25
Q

What is anti-malware software?

A

A type of computer program which detects, prevents and removes malware on a system

26
Q

What is a firewall?

A

A tool that monitors traffic going in and out of a network and either allows it to pass or blocks it

27
Q

What is network forensics?

A

Monitoring traffic on a network to help identify invasive traffic from hackers or to determine where data is being sent.

28
Q

What methods can be used to keep a network safe?

A
  • Penetration testing
  • User access levels
  • Secure passwords
  • Encryption
  • Anti-malware software
  • Firewalls
  • Physical security
29
Q

How might a hacker try to guess the correct password in brute force attacks?

A

Using a list of most common passwords

30
Q

How can you help protect against a brute force attack?

A
  • Using strong passwords
  • Change your password regularly
  • Strong network policies
  • Progressive delays
  • Lock out code
  • Challenge response
31
Q

What are progressive delays?

A

Only allow subsequent attempts after a given amount of time for putting your password in

32
Q

What is a lock-out code?

A

Only allowing a small number attempts of putting your password in, then the user will be locked out of the system

33
Q

Give an example of a challenge response?

A

‘I’m not a robot’

34
Q

What is spear phishing?

A

Phishing with an intended target

35
Q

What is the purpose of anti-malware?

A

To detect, prevent and remove malware

36
Q

What is a disadvantage of anti-malware?

A
  • It can only detect known malware
  • The longer time a user has gone without updating their anti-malware, the less effective it will be
37
Q

What is more effective? Hardware-based firewalls or software-based?

A

Hardware-based, but it is more expensive

38
Q

What is physical security?

A

Using physical means to prevent network threats

39
Q

Name some examples of physical security

A
  • CCTV
  • Alarms
  • Door locks
  • Fences
  • Security guards