network seecurity

Question 1

pen testing

Answer 1

Penetration testing is testing to make sure that the system is secure from hackers or other malicious attacks. It is used to discover weaknesses or vulnerabilities in a system that could be exploited.

Question 2

black box pen testing

Answer 2

Black-box penetration testing is designed to mimic an external attack on the system. The testing will assume that the attacker is unauthorised and has no knowledge of the system. The tester will use brute force methods and try to exploit well-known software vulnerabilities to get access to the system.

Question 3

white box pen testing

Answer 3

White-box penetration testing is designed to mimic an attack from an insider who already has access to the system, and maybe has information about the way the system is configured and operates. This can help safeguard against the actions of someone who is inside the organisation and up to no good.

Question 4

When anti-malware detects malware in a computer system, it generally has three options: ??

Answer 4

clean
quarantine
delete

Question 5

cleaning files

Answer 5

If a file or program has been infected but you still need the file, it is sometimes possible to clean the file and remove the malware.

Question 6

quarantining files

Answer 6

If you are unsure whether a file may contain malware but you also don’t want to risk deleting an important file, you can quarantine the file, which will prevent it from infecting any other files or programs.

Question 7

deleting files

Answer 7

delete file, so delete malware

Question 8

anti malware

Answer 8

As new malware is released all the time, anti-malware is only effective if it is kept up to date. Many anti-malware programs will automatically update when the computer is connected to the internet without the user even knowing that this has happened.

Question 9

what can anti malware have

Answer 9

Anti-malware software can have a real-time checker that scans files before they are used to keep the computer safe, and can also have scheduled scans, which perform checks upon computer files on a regular basis.

Question 10

firwall where does it sit

Answer 10

A firewall sits between two networks, usually a trusted network and an untrusted network

Question 11

where r firewalls built in

Answer 11

Firewalls are also built in to network access devices such as that provided by your internet service provider.

Question 12

firewalls in larger networks

Answer 12

In larger organisations, there may be a dedicated firewall to cope with the higher volume of traffic entering and leaving the network.

Question 13

examples physical security

Answer 13

security guards
doors with keycard needed to pass
cctv
lock servers and key communication equipment - carefully control access
have policies - e.g dont leave laptop unattended

Question 14

access rights

Answer 14

Setting appropriate permissions will help to prevent unauthorised access to sensitive or important data.

Question 15

what else can access rights do

Answer 15

It is also possible to restrict the level of access that a user has; for example, the right to view, edit, or delete a file. Most organisations store their data in databases; database management systems allow restrictions to be specified down to the individual record or even field level.

Question 16

general rule - access rights

Answer 16

The general rule is that a user should be given the lowest level of access needed to do their job. In this way, there is less opportunity for the accidental loss of data and fewer accounts to investigate if a system is compromised.

Question 17

if user change or leave job

Answer 17

If a user changes jobs, their access rights should be reviewed and updated if necessary. When a user leaves an organisation, their access rights must be removed.

Question 18

careful checking of access rights

Answer 18

need to carefully check as if user has higher access right than necessary they may not report it

Question 19

most basic form authenitcation

Answer 19

UserIDs and passwords

Question 20

how to create strong password

Answer 20

mix of lower case, upper case, numbers and special characters
make the password long
dont use words and personal data like names
dont use same password for more than 1 account
change passwords regularly
dont write passwords down or share them
use a password manager to create for you strong passwords

Question 21

extra forms of authentication

Answer 21

two-factor authentication or use biometric security measures. Additional controls can be put in place to make the network more secure; firewalls and MAC address filtering will help control access to the network.

Question 22

why it important wireless data encrypted

Answer 22

more succesptible to man in middle attack

Question 23

man in middle attack

Answer 23

A man-in-the middle attack describes a specific situation where a hacker hacks the connection between two people or systems and intercepts the data they are passing to each other.

Question 24

dos attack

Answer 24

In a denial-of-service attack, a server will be bombarded with requests at a level that it cannot cope with.

anyone trying to access the website will find they wont be able to

Question 25

ddos

Answer 25

In a distributed denial-of-service (DDoS) attack, the attack comes from a network of distributed computer systems, typically a botnet.

Question 26

what is sql there for

Answer 26

SQL stands for Structured Query Language and is a language that is used to form queries to extract or manipulate information in a database.

Question 27

whatcan sql injections do

Answer 27

bypass login systems
Extract data such as lists of credit card details or email addresses
Delete data
Update data
Insert data
Execute commands that can download and install malware

Question 28

how to avoid sql injec

Answer 28

SQL injection can be avoided by good coding practices, including validating inputs to ensure that they do not contain any unexpected characters. A “parameterised statement” makes sure that the query string and the parameter values are passed to the database separately, which allows them to be treated safely.

Question 29

brute force

Answer 29

This type of attack uses a computer program to generate all combinations of characters until it finds the combination that matches the password.

Question 30

dictionary attack

Answer 30

A dictionary attack is a brute force attack that uses a list of passwords (the dictionary) to check if the password that is being cracked matches a password in the list.

Question 31

impact of network secuirty failure

Answer 31

If personal data is accessed or stolen, the organisation will be investigated and fined.
If commercial information is stolen, it may be given or sold to competitors and the organisation may lose a competitive advantage.
The greatest impact is reputational impact. Customers and stakeholders may move to other services and use them after hearing of the security failure.

Question 32

phishing

Answer 32

Phishing is an attack in which the victim receives a message disguised to look like it has come from a reputable source .
The message will include a link that, when clicked, will either trick the user into revealing personal data or initiate the installation of malware on the victim’s device.

Question 33

spear fishing

Answer 33

more personalised
targetted to 1 person

Question 34

indicators of phsing message

Answer 34

Any unexpected message with a request for information
obvious errors
sus hyperlinks
messages not addressing you by name

Question 35

pharming

Answer 35

The term pharming refers to a user being sent to a fake website that the user believes is the real one. Once there, the user might be tricked into submitting personal information such as entering their username and password into a fake login window.

A common way in which this is done without the need for a high level of technical expertise is when a cybercriminal registers a URL that is very similar to a real one.

Question 36

DNS poisoning

Answer 36

DNS poisoning involves hacking a DNS. When the victim enters a correct web address of the site they wish to visit into their browser, they visit a website controlled by the attacker, rather than the legitimate website.

Question 37

what indicates pharming attack

Answer 37

Spelling errors or incorrect logos
Broken or missing links
A notification from your browser warning you that the webpage is insecure
The lock symbol that your browser uses to confirm that a webpage is secure is missing

Question 38

blagging

Answer 38

Blagging is an attack in which the perpetrator invents a scenario in order to convince the victim to give them data or money.

This attack often requires the attacker to maintain a conversation with the victim until they are persuaded to give up whatever the attacker asked for.

Question 39

what indicates blagging

Answer 39

Suspicious code in email (“Dear <name?>”)
Unusual use of language (“an excitable business opportunity”)
Spelling mistakes (“relese”)
An attempt to start a conversation (“I look forward to hearing from you”)

Question 40

shouldering

Answer 40

Shouldering (also known as shoulder surfing) is an attack designed to steal a victim’s password or other personal information.

It involves the attacker watching the victim, for example, over their shoulder, while they provide personal information

Question 41

why people shoulder surf?

Answer 41

to get:

Someone’s PIN at a cash machine
The code to access a secure room
Someone’s password whilst they type it on the keyboard