Topic 6: Network Security

Question 1

What is active hacking

Answer 1

Where the hacker attempts to modify or delete data, or to prevent a network from operating correctly.

Question 2

What is passive hacking

Answer 2

Where the hacker monitors a network in order to gain information.

Question 3

What is external hacking

Answer 3

Where someone outside of an organisation attempts to hack its network.

Question 4

What is internal hacking

Answer 4

Where someone within an organisation attempts to hack its network.

Question 5

What do viruses do

Answer 5

Programs embedded (hidden) within other files. They replicate themselves and become part of other programs. Viruses often cause damage by deleting or modifying data.

Question 6

What is malware

Answer 6

Malware is malicious software that is designed to hack a system

Question 7

What do worms do

Answer 7

Programs similar to viruses except that they are not hidden within other files. Worms often spread through emails.

Question 8

What do trojans do

Answer 8

Programs which pretend to be legitimate but in reality are malware. They are often disguised as email attachments. Trojans cannot spread by themselves - instead they deceive a user into installing the program.

Question 9

What does spyware do

Answer 9

Programs that monitor user activities (such as websites visited, usernames and passwords used) and send the information back to a hacker.

Question 10

What does ransomeware do

Answer 10

Programs that attempt to blackmail a user into making a payment to a hacker.

Question 11

What does phishing do

Answer 11

Emails that try to trick users into giving away personal details. The phishing email pretends to be a genuine message and tries to deceive the user into following a link to a website that looks like the real company, for example, a bank. However, it is a fake website designed to catch data such as bank account numbers and security codes.

Question 12

How does brute force work

Answer 12

Where a program is used to find a password by trying all possible combinations of characters until the correct one is obtained.

Question 14

How does Denial of Service work

Answer 14

Where a computer (or many computers) is used to prevent a server from performing its tasks. This makes it very difficult for it to respond to legitimate requests.

Question 15

How does SQL injection work

Answer 15

Where SQL code is entered as a data input. Many databases use SQL code to interrogate the data and maintain the structure. SQL code can be inputted as data, which can cause errors or unintended operations.

Question 16

What is poor network policy

Answer 16

Where a network does not have security rules in place for users to follow.

Question 17

How do people cause harm to their device

Answer 17

People frequently ignore rules, or accidentally or deliberately break them. They also may send and receive personal emails which may contain viruses.

Question 18

How does penetration testing make a system more secure

Answer 18

The purpose of penetration testing is to determine how
resilient a network is against an attack. It involves authorised users (sometimes an external party or organisation) who probe the network for potential weaknesses and attempt to exploit them.

Question 19

How does network forensics make system more secure

Answer 19

Network forensics involves monitoring the traffic on a network. At regular intervals transmitted data packets are copied. The copy and information about the packet are then stored for later analysis.

Question 20

How do user access levels make a system more secure

Answer 20

Access levels determine the facilities a user has access to, such as:
-software
-email
-internet access
-documents and data
-the ability to install and/or remove software
-the ability to maintain other users’ accounts

Question 21

How do you use passwords in order to make a system more secure

Answer 21

Use a secure password that is not easy to guess, and that requires at least eight characters, including at least one uppercase letter, one number and one special character. This reduces the chances of someone easily working out what the password is.

Question 22

How do you use encryption in order to make a system more secure

Answer 22

Encryption is the process of disguising data so that it cannot be understood. Even if a hacker gains access to encrypted data, they will not be able to understand it.

Question 23

How do you use anti-malware in order to make a system more secure

Answer 23

Anti malware detects the malware installed and prevents it from bring installed by removing it from the system

Question 24

How do you use firewalls in order to make a system more secure

Answer 24

A firewall is a tool that monitors traffic going into and out of a computer or network, and either allows the traffic to pass through or blocks it. A firewall stops unauthorised traffic entering and leaving a network.

Question 25

What is a black box hacker

Answer 25

A black box hacker tries to infiltrate a system with no insights into the code, architecture, or system design in order to identify any weaknesses of the system

Question 26

What is a white box hacker

Answer 26

A white box hacker acts as a knowledgeable insider, attempting to attack an application based on intimate knowledge of its code and environment in order to find any weaknesses within the system.