Paper 1 - Network security threats

what is the main defense against an active attack

firewall

what is the best defence against passive attacks

data encryption

what is a brute force attack

a type of active attack used to gain information by cracking passwords through trial and error

what is a denial of service attack

where a hacker tries to stop users from accessing a part of a network or website by flooding it with illegitimate requests

what is malware

malicious software installed on someone’s device without their knowledge or consent

what might malware do

delete or modify files

scareware

locking files

spyware

opening backdoors

what are trojans

malware disguised as legitimate software

what are worms

they are like viruses but they self replicate without any user help meaning they can spread quickly

what are viruses

malware that can replicate itself and spread from system to system by attaching itself to infected files

how are viruses spread and activated

users spread them by copying infected files and activate them by opening infected files

unlike viruses and worms, trojans …

dont replicate themselves

what is social engineering

a way of gaining sensitive information or illegal access to networks by influencing people

what is phishing

when criminals send emails or texts to people claiming to be from a well-known business and exploit personal information from the user

what does SQL stand for

structured query language

What are SQL injections

pieces of SQL are typed into a websites input box which then reveal sensitive information

what is the best way for companies to prevent social engineering attacks

by educating employees on the risk and what to look out for

what should organisations do to prevent their networks from having any vulnerabilities

Regularly test the network to find and fix security weakness and investigate problems

use passwords to prevent unauthorised people from accessing the network

Enforce user access levels to limit the number of people with access to sensitive information

Install anti-malware and firewall software to prevent and destroy malicious software attacks

encrypt sensitive data

what is penetration testing

when organisations employ specialists to simulate potential attacks on their networks

what do firewalls do

examine all data entering and leaving the network and block any potential threats

what is anti-malware software

software that is designed to find and stop malware from damaging a network and the devices on it