Section 4.4

risks of a computer connected to a network

Unauthorized access, vandalism, and malware attacks.

malware

Malicious software intentionally designed to damage computers, server, client, networks, or steal data.

software bug

Unintentional harm caused by errors in software.

virus

A program that inserts itself into host programs; executes when host runs, causing damage.

can perform degradations of portions of the operating system, erase large amounts of data, or corrup data and other programs.

worm

Autonomous program that spreads copies of itself across to other machines in a network and could result in detriment of individual machines or the operations of the network.

spyware

Software that secretly collects info (like passwords/credit cards) and reports to attacker.

phishing

Fraudulent attempt to obtain private info by posing as a legitimate entity.

obtains private information by simply asking for it.

denial-of-service (DoS) attack

a computer system can be attacked from other computers in a network

Overloads a computer with messages, suffocating network resources.

packet sniffing / MITM (man in the middle) attack

Attacker intercepts data traveling to or from the victim’s device including authentication credentials.

brute force attack

Attacker tries all possible password combinations until correct one is found.

variations are rainbow table attack and dictionary attack

dictionary attack

attacker uses an application and a large dictionary text file with just words.

when the program runs it tries identifying the password by trying hundreds or thousands of words per minute from that dictionary file.

rainbow table attack

In most applications, passwords are not stored in plain text like “PassW0rd” and are often stored as scrambled text, or hash values, similar to “298cde70c32a57b84d0a546fedbb2596.”

tries to identify the hash value of the password, then convert it back to plain text.

CIA Triad

Confidentiality (protecting data from unauthorized access), Integrity (ensuring data is accurate and untampered), Availability (making systems and information accessible to authorized users when needed).

balance in CIA triad

Focusing on one (e.g., confidentiality) may reduce another (e.g., availability).

strategic risk analysis

Balancing security tools/resources against risk and business priorities.

network security practices

Backups, permissions, digital signatures, penetration testing, vulnerability assessments.

white-hat hackers

ethical testers

information assurance

Ensures data availability, authenticated access, and integrity.

information security

Protects information from unauthorized access or distribution.

firewall

Blocks/filters traffic based on rules; separates trusted vs untrusted networks.

block outgoing messages with certain destination addresses

block incoming messages from untrustworthy sources.

proxy server

Intermediary software shielding clients from servers.

network auditing software

Monitors traffic (origin and volume) for anomalies and suspicious patterns.

proactively or reactively mitigates unwanted occurrences.

antivirus software

Detects and removes known viruses from the network.

encryption

Encodes data to keep it confidential even if intercepted.

Types of malware

viruses, worms, spyware, and phishing, etc.

Black-hat hackers

malicious attackers.

Business Email Compromise (BEC)

a social engineering scam where attackers impersonate trusted individuals or entities via email to trick employees into transferring funds, sharing sensitive data, or installing malware.