YEAR 1 CO1 WEEK 23 NETWORK SECURITY Flashcards
What is purpose of network security.
Main purpose protect assets within the network.
Network damage caused either by legitimate users by accident or unauthorised users doing it deliberately.
Different types of security threats.
Hacking: the act of intruding into system by unauthorised means.
Malware: any software Intentionally designed to cause damage to system.
Viruses: piece of code makes copies of itself attaching itself to another program.
Spyware: designed to collect info about what you’re doing on your computer.
Phishing: a fake website looks like legitimate website to get account details.
Pharming: malicious code installed to misdirect users to fraudulent websites without their knowledge.
Describe Brute Force Attack.
Program goes through all possible combination of letters to gain access to the system.
Dictionary attack similar going through every possible English dictionary words.
Describe Denial of Service Attack.
Prevents users connecting to a server by having a computer flood the server with millions of fake requests.
Too many requests for the server to handle using up all the servers memory.
Describe Distributed Denial of Service Attack.
Same as Denial of Service Attack but involves hundreds or thousands of different computers.
Difficult to stop as loads of IP addresses to be blocked.
Describe Data Interception.
Involves having a extra server in the network which intercepts and copies the packets before being sent off.
Effective solution having each packet encrypted.
Describe SQL Injection.
A form of database attack where the user tries to insert a extra SQL command in hopes of it being executed by the server.
Common solution is not allowing special characters to be entered when entering user and password.
Ways of Protecting Data.
Authentication.
User Access Rights.
Educating Users.
Anti Virus Softwares.
Firewalls.
Backups.
Describe Authentiaction.
Username and password to be entered before being granted access to the network.
Two factor authentication the same as above but also having code sent via text message.
Describe User Access Rights.
Usually administrator or manager sets permission for certain groups of what they can view, access and whether they can just view, read or execute the file.
Describe Educating Users.
To keep network secure users must be taught how to properly use one.
Often they are gotten to agree to a code of conduct before using the network.
Describe Encryption.
Process of scrambling data so that if intercepted it is unreadable for those without the key.
Describe Firewall.
Hardware or software which monitors filters or blocks packets going in and out of the network.