Security threats and protection methods Flashcards
What is Malware
Malware or malicious software is a computer program that is installed on a computer system without the owner’s consent; the main aim of malware is to damage the computer system or to perform uninvited actions that compromise system security.
What is viruses?
Viruses are small programs designed to spread between computers and to cause damage or interfere with computer operation.
What are worms?
Worms are malware self-replicating programs that are designed to reside in active memory and use up system resources.
What are Trojans?
Trojans are malicious computer programs which appear to be useful to persuade a user to download and install them.
What is spyware?
Spyware is a Trojan program that is installed in a computer system to gather information and pass it on to other interested parties.
What is an anti-virus software?
The use of an up-to-date virus scanner or anti-virus software helps to minimise the risk from viruses; this software searches the computer system for viruses and deletes them once detected.
What is an anti-spyware program?
Spyware can be loaded into a computer system as a software virus, so it is important to run an anti-spyware program which will prevent and detect spyware from being installed and remove any spyware that has previously been installed.
What is an Instrusion detection system?
Intrusion detection systems (IDS) are designed to monitor the network or computer system for malicious activities. Once an incident is detected, a report is produced which is sent to the network management for further action to prevent any risk to the system.
What is encryption of data files?
Encryption of data files using the techniques described above prevents hackers from understanding data transmitted even if they can intercept it.
What is a firewall?
Set up and configure a firewall using packet filtering, proxy server and stateful packet inspection to check the integrity of incoming messages and requests for service from the system.
How is a digital signature/certification used as security protection?
Check the digital signatures / digital certification of downloaded data to ensure that it is from a known or trusted source and that it is up to date.
- Ensure that operating system and network programs are updated on a regular basis.
- Ensure that all data is backed up on a regular basis so that the system can be recovered if a virus intrusion were to damage data and files on the system.
Programmers and users can take the following steps to alleviate the impact of security threats:
Only use commercial software that was purchased from a well-known and reputable vendor.
* Test and develop new software on a stand-alone computer, being careful to check for unpredicted behaviour before uploading the software to other networked computers.
* Only open attachments or click on pop-ups from known and trusted senders.
* Use password protection on files and programs.
* Encrypt all data files.
* Choose a programming language that is designed to avoid basic vulnerabilities to security threats.