Network Security

Question 1

What is Malware

Answer 1

Any type of harmful program that seeks to damage or gain unauthorised access to the computer system

Question 2

Describe 3 characteristics of a virus

Answer 2

A virus can replicate itself, only activated when opened by a human and can change data/corrupt a system so then it no longer works

Question 3

Describe 3 characteristics of a worm

Answer 3

A worm can replicate itself by finding weaknesses, does not need to be opened and can spread very quickly

Question 4

What is trojan

Answer 4

A harmful program that looks legitimate to trick users into installing it so then attackers have access to the system

Question 5

Describe how spyware and keyloggers work

Answer 5

Both programs records a users activity (spyware is software, keylogger is input) to record passwords, usernames and credit card info.

Question 6

Describe how Ransomware works and why it is difficult to trace attackers who use it

Answer 6

It locks files on a system using encryption so then the user can no longer access them. They usually use bitcoin which makes it harder to trace them.

Question 7

What is SQL injection and how do attackers use it

Answer 7

SQL (structured query language) is a programming language for manipulating data in data bases and it can be used view and edit the contents of a database

Question 8

What is a DOS attack and what is it’s impact

Answer 8

A DOS (Denial of service) attack is when a computer repeatedly sends requests to a server to overload it and slow down the system temporarily.

Question 9

How is DDOS attack different to DOS

Answer 9

Distributed denial of access is different because it uses a botnet of infected systems to overload a system. Botnot is a large group of devices controlled and used maliciously.

Question 10

Describe a brute-force attack

Answer 10

Attempting every possible combination in order from start to finish to gain access to a system

Question 11

Describe social engineering

Answer 11

Posing as a trusted source to gain personal information on someone

Question 12

Describe interception

Answer 12

Data packets on a network are intercepted and copied to a different location that the intended one

Question 13

Describe the purpose of penetration tests

Answer 13

To review a system’s security to find any risks or weaknesses and fix them

Question 14

Describe internal tests

Answer 14

How much damage can possibly be done by somebody within the company with a registered account

Question 15

Describe external testing

Answer 15

For white hat hackers to try and infiltrate the system from outside the company

Question 16

Describe blind tests

Answer 16

Done with no inside information, to stimulate what a real hacker would have to do to infiltrate the system

Question 17

Describe targeted tests

Answer 17

Conducted by a companys IT department and the penetration team cooperating together to find faults in the system

Question 18

Describe the purpose of antimalware software and it’s different roles

Answer 18

Locates and deletes malware on a system as it scans the files and compares the database to a known malware. Checks incoming and outgoing emails, checks downloaded files and scans harddrive

Question 19

Describe the purpose of a firewall and it’s roles

Answer 19

Manages ingoing and outgoing traffic where each data packet is processed whether it should be given access. It blocks access to insecure websites, blocks programs from accessing the internet and prevents users accessing certain files

Question 20

State 3 rules for a strong password

Answer 20

Variety of letters, numbers and special characters

Question 21

State 3 types of access levels

Answer 21

Read-only, read and write or no access

Question 22

Describe the purpose of encryption

Answer 22

The process of scrambling data into an unreadable format so attackers can not understand or intercept.