Network Security Flashcards
What is Malware
Any type of harmful program that seeks to damage or gain unauthorised access to the computer system
Describe 3 characteristics of a virus
A virus can replicate itself, only activated when opened by a human and can change data/corrupt a system so then it no longer works
Describe 3 characteristics of a worm
A worm can replicate itself by finding weaknesses, does not need to be opened and can spread very quickly
What is trojan
A harmful program that looks legitimate to trick users into installing it so then attackers have access to the system
Describe how spyware and keyloggers work
Both programs records a users activity (spyware is software, keylogger is input) to record passwords, usernames and credit card info.
Describe how Ransomware works and why it is difficult to trace attackers who use it
It locks files on a system using encryption so then the user can no longer access them. They usually use bitcoin which makes it harder to trace them.
What is SQL injection and how do attackers use it
SQL (structured query language) is a programming language for manipulating data in data bases and it can be used view and edit the contents of a database
What is a DOS attack and what is it’s impact
A DOS (Denial of service) attack is when a computer repeatedly sends requests to a server to overload it and slow down the system temporarily.
How is DDOS attack different to DOS
Distributed denial of access is different because it uses a botnet of infected systems to overload a system. Botnot is a large group of devices controlled and used maliciously.
Describe a brute-force attack
Attempting every possible combination in order from start to finish to gain access to a system
Describe social engineering
Posing as a trusted source to gain personal information on someone
Describe interception
Data packets on a network are intercepted and copied to a different location that the intended one
Describe the purpose of penetration tests
To review a system’s security to find any risks or weaknesses and fix them
Describe internal tests
How much damage can possibly be done by somebody within the company with a registered account
Describe external testing
For white hat hackers to try and infiltrate the system from outside the company
Describe blind tests
Done with no inside information, to stimulate what a real hacker would have to do to infiltrate the system
Describe targeted tests
Conducted by a companys IT department and the penetration team cooperating together to find faults in the system
Describe the purpose of antimalware software and it’s different roles
Locates and deletes malware on a system as it scans the files and compares the database to a known malware. Checks incoming and outgoing emails, checks downloaded files and scans harddrive
Describe the purpose of a firewall and it’s roles
Manages ingoing and outgoing traffic where each data packet is processed whether it should be given access. It blocks access to insecure websites, blocks programs from accessing the internet and prevents users accessing certain files
State 3 rules for a strong password
Variety of letters, numbers and special characters
State 3 types of access levels
Read-only, read and write or no access
Describe the purpose of encryption
The process of scrambling data into an unreadable format so attackers can not understand or intercept.
