System Security Flashcards
Revise the core elements of Computer Security
Networking of computers brings many advantages. Why might networking of computers also have some disadvantages?
Networking is when two or more computers are connected together. It means that if someone is able to access one computer on the network, they could also be able to access all the data on all the computers on the entire network.
What is System Security about?
System Security looks at the measures that can be put in place to reduce the risk of criminals gaining entry to a network to steal data from or compromise data on computers in a network.
What is malware?
Any software that can harm a computer or a user.
Name four types of malware
Viruses
Spyware
Adware
Pharming
What is a virus?
Viruses is a small program who main purpose is to cause physical harm to a computer.
What is Spyware?
Spyware is a small program that is designed to harm the user by trying to record data about them. The aim is to spy on the user and send back things like username, common passwords, sites visited by the user.
Name three different types of viruses.
Standard Virus
Worms
Trojan
Describe what Standard viruses do.
These are programs which hide in files. Copying themselves (replicate) in order to spread into other programs and files. Their aim is usually to delete and damage data
How does a Worm virus operate?
These programs replicate themselves using more and more of the computer resources, slowing the computer down until it basically cant function anymore.
What is a Trojan virus?
These programs come in as programs that you think are useful, but in the background they add another small program that may be deleting programs or opening ports for other destructive programs to use to get into your computer and network.
Name one common spyware program and explain what it does
A key logger. It is the software that will record all the keys that are pressed on a keyboard. It does this to record information about such as your password, so that it can steal more information about you.
What is Adware?
Adware is a spyware. This malware aims to download and display unwanted adverts. It also may collect information about what you regular do online for marketing purposes. They may also redirect you to unwanted pages by changing your homepage.
What is pharming?
Pharming is when you type in a web address, a url of a genuine site but instead of being taken to the correct site you are taken to a fake version of the site because the numbers point to the website (IP address) have been changed to the wrong ones in the DNS records.
Describe what Scareware does?
Scareware is a pop up malware that scares you with a message to carry out a purchase or action. It might show a pop up that says your computer is infected with a virus. Then provide a button that says purchase now to clean it.
What is ransomware?
Ransomware is a program that uses encryption to lock the data on your computer so that you cannot use it. They will then send a message asking you to pay a certain amount of money to unlock it. An example of this is what happened to the NHS a few years back.
What are Rootkits
A set of software programs or hacking tools that allow unauthorized users (criminals) to take complete control of your computer.
What is phishing? Describe it.
An email or phone call or website that tries to get certain sensitive information about you. This is a method of identity theft. You may get a message pretending to be from your bank asking you to re-enter your username and password. Once these have been entered, the hacker now uses it to access your bank account or impersonate (pretend ) to be you at your online bank.
What do you call the act of manipulating people to give away personal information or making mistakes when it comes to doing the right things when working on a network.
Social engineering
How can you reduce the effect of social engineering tactics on your users.
People are the main problem when trying to protect a network as they fall foul to social engineering tricks. This can be reduced by educating the users on different social engineering tricks and what they should and should not do.
What do your call the process used when a criminal uses trial and error to try thousands and thousands of passwords to hack an account’s password?
Brute Force Attack
What does DoS stand for?
Denial of Service Attack
Put the website server resources under so much pressure by bombarding it with intensive traffic that it cannot cope and the website crashes. What kind of attack is this?
Denial of Service Attack.
Name two reasons why criminals carry out Denial of Service attacks.
Criminals do it to ask for money to stop the attack
Do it for political or social reasons as a form of punishment for the website.
What does encryption do to data?
It puts data into a format that humans cannot easily read (unreadable, scrambled), thereby protecting the data
What can criminals use to monitor network traffic and intercept data which they feel contains sensitive data and read it?
Packet sniffers
What protects data from being read by Packet sniffers?
Encryption
What is SQL?
Structured Query Language that is used to look up, write, add, modify etc. data on a database using a set of statements.
What is SQL Injections
When you modify the SQL statements to change what it should do to what the criminal wants it to do. This may be to change the database password, return more records, add, delete or or become destructive.
What does a network policy do?
It sets out the rules telling users what they should do and how they should do it.. The rules may include that they will need to use a password to log on and off of their computer, the type of password they should set etc
What do you think happens if people do not follow the network policy?
If people do not follow the network policy then the network can become more vulnerable. Hackers can then easily gain access to steal data and destroy the computers on the network.. The system security becomes weak.
What is penetration testing
This is when a company invites experts to pretend to attack different malware attacks to understand where the system or network is weak, so that companies can try and make them better and stronger.
Explain what Network Forensics does
Network Forensics does not stop the attack but monitors network traffic so that if an attack occurs, it can be tracked. The information is reviewed to learn how to stop attacks in future.
Name two policies that should be written for networks to improve security
Acceptable Use Policy (AUP)
Backup Policy
Disaster Recovery Policy
What might /an Acceptable Use include
Use complex passwords
Have different levels of access for users
Locking the computer after certain time when users are inactive or away
No use of USB
No downloading and installing of software from the internet without authorisation
What might a Backup Policy include?
The person who should do the backup The timetable or schedule for the backup The media the backup will be made on Where the back up will be stored The data to be backed up and the changes since the last backup the period of verification
What might a Disaster Recovery Policy include?
Who the responsible people are in the event of a disaster
Where the backups are
How the system can be recovered
Which software can find and delete or quarantine malware or viruses?
Anti-virus or anti-malware software.
How do you keep an anti-virus working well?
By ensuring you update it regularly
What do you use to find and quarantine spyware?
Use an anti-spyware
What is a firewall?
A firewall is a piece of hardware or software that will monitor data through ports on your computer and only allow information through on the allowed ports and in allowed formats. It blocks data coming through unexpected ports or in formats that are not allowed.
Explain how having user access levels keeps a computer more secure?
You can give different users in a company more or less access to computers and networks.Some may be able to access all parts because they are highly trusted and high up in the company and others only the parts they need. This means certain sensitive data can only be seen by people who need it. It also prevents the wrong people from deleting data.
Why do we need passwords?
Passwords stop people who should not be on a computer or network from getting into the computer or network. It prevents unauthorised access.
What makes a strong password
A strong password should be 8 or more characters include letters and numbers include special characters include letters that are uppercase as well as those that are lowercase be changed regularly
What is an encryption key?
It is an algorithm. A series of steps that help you change the data within a file, from being readable (plain text) to un-readable (cipher text)