4 - Network Security

List the main 6 forms of attack on networks (6) DDSSMB

- Malware

- Social engineering

- Brute-force attacks

- Denial of Service attacks -

- Data interception and theft

- SQL injection

State three types of malware (3)

- Viruses - Trojans - Worms - Ransomware - Spyware - Scareware

Describe how malware harms a computer. (4)

- Files deleted, corrupted or encrypted - Comps. crash, spontaneously reboot & slow down. - Internet conns. slower - Keylogging - inputs e.g. passwords logged + sent to hackers

What is a computer virus? (1)

A virus is a program that is installed on your computer designed to replicate itself.

How could a virus spread?

Across devices on a network or through shared files

What is a trojan? (1)

A program that seems to have a useful & specific purpose but it essentially infects the device without the user noticing at the beginning.

How is a trojan usually transferred? (1)

Via email

What are worms? What damages do they cause? (2)

Standalone program that infects a device without having to corrupt other programs. They might cause no damage to the attacked computers, but they slow down networks and computers

What makes worms dangerous? (2)

Worms are able to spread across networks without having to share the host/infected files like viruses.

What is social engineering? (1)

- the ability to obtain confidential information by asking people for it.

List 3 social engineering methods that attackers commonly use (3)

1- Phishing 2- Blagging 3- Human error (human as a 'weak' point)

What is phishing? (4)

- Fraudulent practice of sending emails - disguised as trustworthy source - to trick users into revealing personal info - e.g. passwords & credit card details

Describe how phishing harms a user & a company. (4)

User: - Hacker accesses victim's bank acc. to withdraw & spend money - Via cashing illegitimate cheques or buying services Company: - Hacker gains access to high-value corporate data - Financial services can blacklist company, damaging rep

Identify 5 ways how people can be 'the weak point' in the system. (5)

- Not updating anti-malware - Not logging off comp. - Not encrypting data - Leaving printouts with sensitive info around - Sharing passwords

What is blagging? (2)

Dishonestly persuading someone to divulge personal or sensitive information by deception.

What are brute-force attacks? (2)

- Automated or manual attempts to gain unauthorised access to secure areas by trying all possible password or key combinations.

What is a DoS attack? (1)

Servers and devices are flooded with too many requests or packets, causing them to crash or become unusable.

How could a DoS attack be harmful? (2)

- Decreases reputation of a website due to a lack of reliable performance - Loss of revenue, as the service is inaccessible

List three forms of data interception and theft (3) SUM

- Shouldering - Using an unlocked device of another user (Exploiting vulnerabilities) - Man-in-the-middle attack

What is meant by shouldering? (2)

Literally looking over one's shoulder to look at their password/pin

Describe a man-in-the-middle attack? (2)

- Secretly intercepting a conversation (transmission) to obtain information - Might involve modifying the communications as well in some cases

What is the concept of an SQL injection? (1)

Inserting malicious code into an input (database) field on a website/program

What are 7 common prevention methods? (7) PPPFEAU

1- Penetration testing 2- Anti-malware software 3- Firewall 4- User access levels 5- Passwords 6- Encryption 7- Physical security

Why is penetration testing useful? (1)

Because it helps to identify potential weaknesses in a system

How is penetration testing performed? (4)

- Gather info about possible targets - Locate potential entry points - Attempt to hack in (ethical hacking) - Report results/conclusions

What is the difference between an internal and an external test? (2)

- Internal: checking how much damage an actual employee could cause - External: Targeting email server, webservers and firewalls

What is the funciton of anti-malware software?

To detect, prevent, and remove malicious software from devices.

What are firewalls used for?

Firewalls are used to monitor and control incoming and outgoing network traffic based on predetermined security rules. They serve as a barrier between trusted internal networks and untrusted external networks, protecting systems from unauthorized access and threats.

How can user access levels be considered a prevention method? (2)

Setting appropriate access levels for users depending on their position ensures they do not access data that they don't require.

How could passwords be a method of prevention? (2)

Passwords should not be shared, or stored in an easily accessible location. - Shouldn't be a commonly used password or easy to guess.

Explain the advantage of encrypting data (1)

Only allows users with the key to access the encrypted files

A method of prevention is physical security, explain what this means. (2)

Physical security could be a method of prevention as it limits physical means to obtaining information/ hardware or infecting systems (e.g. locks on doors, server cabinets, security guards)

What is malware. (1)

malicious software - an executable program or piece of code that is designed to cause damage or gain unauthorised access.

What is ransomware? (2)

Ransomware is software which holds a computer hostage by locking or encrypting access to it. Once a ransom is paid to the attacker, access is restored.

Give one advantage and disadvantage of penetration testing? (2)

disadvantage - Can be expensive, and unethical

- gives external people access (potentially untrustworthy),

advantage - but professionals more effective than network managers,

- and much less likely to cause damage when done by a professional.

How can phishing be prevented? (1)

Network policy/firewall/user awareness

How can brute-force attacks be prevented? (1)

Strong passwords with limited attempts/penetration testing

How can shoulder surfing be prevented? (1)

Concealing password/PIN entry, user awareness, access levels.

How can Interception or data theft be prevented? (1)

encryption/biometrics/physical locks

How can Exploiting vulnerabilities be prevented? (1)

Consistent security updates and OS updates to the computer, and penetration testing

A library has several computers available to the general public. Explain why the libraries need the following security measures: (4) i. User access levels ii. Firewalls

i. Different users only have permissions to files/areas/services of the network which they actually need (eg the public should only be able to search eg only employees should issue books eg only managers can look at pay records.) To prevent malicious or accidental corruption of parts of the network. ii. Stops all access to/from the WAN unless it has been authorised Eg requests from other libraries. Prevents hackers from compromising the system.

What is a firewall?

A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

What is the funciton of user access levels? (3)

User access levels define permissions for different users within a network, ensuring they can only access necessary resources, thereby enhancing security and minimizing risks of unauthorized access.

What is a firewall?

A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

What is a computer worm? (1)

A standalone malicious program that can replicate itself to spread across networks without needing to corrupt other files.

What is the function of encryption software? (3)

Encryption software is used to convert data into a format that cannot be read by unauthorized users. It protects sensitive information by encoding it so that only those with the decryption key can access it.