Network Threats, Attacks and Preventions Flashcards
What two words does malware consist of
Malicious
Software
Malicious software
What is malware
Harmful computer programs
What are four types of malware
Computer Virus
Ransomware
Trojan Horse
Worm
What is a Computer Virus
These infect computers by replicating the code in other programs, along with infecting other computers.
They also deal harm to the computer by deleting, modifying and accessing files
What is a Worm
A virus that replicates itself to cause damage to other computers.
These type of malware don’t deal damage to harmed computers and instead slows them down, and slows down the network
What is a Trojan Horse
These type of viruses have programs, games or cracked files that users may commonly want. In reality, it is a negative program code causing damage, take controls or provides unlimited access to the computer
What is ransomware
A malware type which holds a computer hostage by locking or encrypting access to it. Due to encrypted data, no one can access it, not even a cyber security professional is able to unlock the data unless there’s available backups. To be granted access, we may be forced to pay the ransom a high price
What is exploiting
Taking advantage of a vulnerability
What are the two types of exploiting technical vulnerabilities
Unpatched software
Out of data anti malware
What is unpatched software
If software updates and security updates aren’t installed, software will be vulnerable to malicious activity
What is out of data anti malware
When software such as antivirus isn’t regularly updated, it is unable to detect the latest viruses
What is confidential
A set of rules
What is social engineering
Ability to obtain confidential information by asking for it.
This is a type of confidence trick that con artists specialise in
What is shoulder surfing
Ability to get information or passwords by observing as someone types them in
What is phishing
A type of messaging scam done by many con artists.
This type of fraud scheme is when emails, texts or phone calls are sent back to users, pretending to be from a bank or website. Phishing scammers will go to extreme lengths to get what they want.
What are six things you need to identify before going through an action sent in an email
Greetings: Phishing emails won’t specify your name, just an email address, so not a friendly greeting
The sender’s address: Variation on a genuine request
Forged links: Links may look genuine, but it won’t look like the website given
Personal information requests: Normally, emails never do this. If they ask for this, a con artist has written this
Sense of urgency: Con artists often reply with comments saying that if you don’t do a specific action, a bad thing is going to happen
Poor spelling and grammar: Con artists worry so much about what they get from you, they forget about what they give to you
What is a D DoS attack
A type of attack where hackers will use or infect a computer, so it sends as many requests as it can to the server, if it has a poor connection and is offline
What is an MITM attack
Man in the middle attack
In this attack, MITM allows the attacker to intercept communications between the user and the server. Attacks can eavesdrop to find passwords and personal information, so they can add new information to web pages or other communication used
If a hacker connects to an unencrypted WiFi connection, it makes it easier to from an MITM attack
What is a Brute Force Attack
This is a common type of attack done where hackers will enter every single possible password combination, and will not stop until they get in.
What is an SQL attack
Structured Query Language Injection
This is a database query language. SQL injection takes advantages of web inject forms for data access to then destroy the data.
SQL commands can be input into web forms instead of expecting “real data”. This is interpreted by vulnerable web applications and ends up causing damage or releasing personal information
What is data interception and theft
Steals data or intercepts it with an MITM attack
What are ways we can use to prevent vulnerabilities and network threats
Penetration testing
Physical security
Firewalls
User Access Levels
Anti malware software
Antivirus software
Passwords
Encryption
What is encryption
A unique way of decoding data so it cannot be read or unencrypted unless unlocked by a key
How do we encrypt individual files
Files are encrypted individually on a computer and can only be viewed by users who have the password
How do we encrypt drives
We encrypt ordinary computer drives so that a mandatory password is required for accessing the information.
If we use removable media, special hardware can be purchased, which encrypts the data on the hard disk
How do we encrypt transmitted data
If a website uses HTTPS, it encrypts the connection to the server.
Your web browser will send its key and form data, encrypting it with the server key.
The sever encrypts the web page you request using your web browser’s key.
What is a password
A special key that locks the data and can only be accessed if we unlock the key.
What is antivirus software/ antimalware software
These type of software detect malware, viruses, trojan horses, worms, spyware and ransomware.
How does an antivirus/ antimalware software do its job
When a virus or malware is detected, it is sent to the antivirus company.
They then verify it is a malware and creates a signature of the virus.
It is then added to the virus database and tell computers to run an update. Viruses can also morph to avoid detection.
This makes it harder to create a signature
What is penetration testing
The practice of deliberately trying to identify security holes in your own systems. What hackers want is attempting to break in, identify targets of potential attacks, identify possible entry points and report back findings
What is a firewall
Separates a trusted network from a non trusted network
What is the process of a firewall
Data is sent around the network in small packets of information.
Packets are checked to know where they are coming from, who it is coming from and who it is going to be sent to.
Packets that don’t match filtering rules are dropped. This is a packet filter
Firewalls are applicable on dedicated hardware or as a software.
In short, the function of a firewall is to detect packets from malicious computers
What are the benefits of firewalls
Prevents attackers from gaining access to the computer
Blocks certain malicious computers by filtering packets from a certain IP address
Prevents access to certain ports on the network. This is port blocking
Malicious or inappropriate websites are blocked
What are drawbacks of firewalls
Dedicated hardware firewalls are expensive
Software firewalls slow down a computer
What are User Access Levels
Access rights which are set on disks, files and folders
What are password policies
A process that many organisations and computer systems use. This makes sure your chosen password has features like
Minimum character length
At least 1 lowercase letter
At least 1 uppercase letter
At least 1 symbol
At least 1 number
Change password per month
What is physical security
When software, hardware and networks are protected by real life methods
What are examples of physical security methods
Electric fences
Barbed wires
Thick walls
Turnstiles and gates
ID cards and signs
Locked doors
Locked cabinets
Security lighting
Numerous security guards
CCTV cameras
Intruder alarms