Network security Flashcards
What is the purpose of a Denial Of Service (DOS) attack?
It is an attack meant to shut down a machine or network, making it inaccessible to its intended users.
How does a DOS attack work?
User’s access to services is denied by using up all TCP connections (flooding the network) or sending it information that triggers a crash
How does a Distributed Denial Of Service (DDOS) attack work?
- attacker infiltrates multiple hosts, using them as bots in a coordinated botnet
- attacker uses bots to flood the bandwidth and resources of the targeted system
What are worms and viruses?
Worms: standalone programs that replicates itself to other host systems
Viruses: program binaries that attach themselves to other programs in order to replicate itself to other host systems
What is a firewall?
A program which filters incoming and outgoing data packets, based on a set of user-defined rules
How does a firewall protect a network from an attack?
A firewall checks data packets by applying filtering rules to determine if data packets are allowed to enter / go out of the network
What are the three processes in the AAA Security Framework and their purposes?
Authentication: To ensure that the user is who they say they are.
Authorisation: To check that a user is authorised to access a resource.
Accounting: To keep logs of actions a user has carried out on the network.
What is malware?
Malware stands for “malicious software”, intrusive software that is designed to steal data and damage or destroy computers and computer systems.
Software is considered malware based on intent of creator, not features
Name one method to achieve each of the processes in the AAA Security Framework.
Auhentication: Implement a login system with multi-factor authentication/Requires users to change password regularly
Authorisation: User Account Control, Identity Management, that prevents users from accessing data without login/checks for user permissions before giving access to data/implement different roles (user, admin) with different permissions for data access
Accounting: Implement a logging system that keeps track of user actions/keeps backups of user data/archives old logs for investigation/legal purposes
What is encryption?
The process of encoding data so that a secret key is required to read the data.
The key is usually provided as a sequence of bytes.
Before the data is decoded using the secret key, it appears as random, meaningless data.
What is a digital / electronic signature?
It is part of a message that is used to verify:
- the identity of the sender.
- the message was not tampered with in transit
created by encrypting message with sender’s private key
What is a digital certificate?
An encrypted message provided by a certification authority that:
- authenticates the identity of the individual
- verified that the public key in the message belongs to the individual
created by authorising with certificate authority
Describe symmetric key cryptography and its advantages and disadvantages.
Both the sender and the receiver have the same key.
Advantages: Security of the message does not depend on the algorithm remaining secret; key exchange is simpler as only one key is required
Disadvantages: Encryption and decryption functionality are coupled. Anyone with the key can send encrypted messages, and also decode them.
What is a botnet?
collection of internet-connected devices infected by malware that allow hackers to control them.
Name common types of malware
computer viruses, worms, trojan horses, bots, spyware, adware, ransomware