Network security threats Flashcards

1
Q

Why do we need network security?

A

Connecting computing devices together via a network, allows them to share data and subsequently connect them to the internet, they become vulnerable to attack or misuse

All networks need protection from unwanted intrusion and hacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the aim of network security?

A
  • Only allow authorised users to access what they need
  • Prevent unauthorised access
  • Minimise the potential damage caused by unauthorised access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a hacker?

A

Someone who attempts to gain access to a computer system with the intent of damaging data or somehow harming that system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What type of hackers are there?

A

Black-hat hackers

White-hat hackers

Grey hat hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a Black-hat hacker?

A

Traditional hackers who attempt to gain access via nefarious means, typically to steal company secrets or cause damage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a White-hat hacker?

A

Security experts (often ex-hackers) employed by a company
- known as ethical hackers and use their skills to try to find vulnerabilities and fix them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a Grey hat hacker?

A

Sit in-between the other 2
They are not employed by a company, but still attempt to locate flaws in company-wide computer systems as a hobby
- this is technically illegal, but they then inform the company the flaw, so it can be fixed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is meant by the term malware?

A

Malicious software that is designed to hack a system

Code written with intent to frustrate or harm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What kind of effects can malware cause?

A

Depending on the type:
- deleting, corrupting or encrypting files
- causing computers to crash, reboot or slow down
- reducing network speeds
- logging keyboard inputs and sending them to hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Name a type of malware

hint V

A

Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a virus?

A

Pieces of code capable of copying themselves and spreading throughout a system

  • typically designed to have a detrimental effect like corrupting a file system or destroying data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Name a type of malware

hint S

A

Spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is spyware?

A

Form of malware that covertly obtains information about a user’s computer activities by transmitting data from their device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How can spyware be used?

A

Can be used to harvest sensitive and personal data from a device:
- internet surfing habits
- email addressed
- visited web pages
- Downloads/download habits
- passwords
- credit card numbers
- keystrokes
- cookies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a DoS?

A

Denial of Service attack:
when an attacker floods a server with useless traffic, causing the server to become overloaded
- many past DoS attacks exploited limitations of the TCP/IP stack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Who do DoS attackers typically target?

A

Web servers or high-profile organisations such as banks and the government

  • this attack typically doesn’t result in theft or loss of data or other assets, they can cost a great deal of time and money to handle
17
Q

What is a DDoS attack?

A

Distributed denial-of-service

18
Q

When does a DDoS attack occur?

A

When multiple systems orchestrate a synchronised DoS attack against a single target

  • instead of being attacked from one location, the target is attacked from many locations at once
19
Q

What is SQL injection?

A

Code injection technique used to attack data-driven applications
- designed to exploit vulnerabilities in poorly coded database applications
- code is entered into input text boxes and is executed by the server

20
Q

What is social engineering?

A

Umbrella term covering several different manipulation techniques that exploit human error, with a view to obtaining private information, access to a restricted system or money

Social Engineering scammers lure users into exposing data, spreading malware or providing access to a system, including:
- Baiting
- Scareware
- Phishing
- Pharming etc

21
Q

Name and explain a type of social engineering

Hint: P

A

Phishing:
Online fraud technique used by cybercriminals to trick users into giving out personal information

  • Perpetrators disguise themselves as trustworthy source in electronic communication e.g. email or fake website
22
Q
A