Computing GCSE 1.4 Network Security

What is a passive attack?

Where someone monitors data travelling on a network and intercepts any sensitive information they find

What do passive attacks use?

network-monitoring hardware and software such as packet sniffers

Why are passive attacks hard to detect?

The hacker is quietly listening

What is the best defence against passive attacks?

Data encryption

What is an active attack?

When someone attacks a network with malware or other planned attacks, they are most easily detected

What is the main defence against an active attack?

a firewall

What is an insider attack?

when someone within an organisation exploits their network access to steal information

What is a brute force attack?

A type of active attack used to gain information by cracking passwords through trial and error

What do brute force attacks use?

Automated software to produce hundreds of likely password combinations

What is a dictionary attack?

a program that uses every word in a dictionary to try and find the password

What can reduce the risk of a brute force attack?

locking accounts after a certain number of failed attempts and using strong passwords

What does DOS stand for?

Denial of Service

What is a denial of service attack?

where a hacker tries to stop users from accessing a part of a network or website

What do DOS attacks involve?

flooding the network with useless traffic making the network extremely slow or completely inaccessible

What does DDos stand for?

Distributed Denial of Service

What happens in a DDos attack?

infects computers to use them in the denial of service attack so this means it is using multiple computers to complete the attack

What is malware?

malicious software is installed on someones device without their knowledge or consent

What do typical actions of malware include?

- deleting or modifying files
- scareware
- locking files
- spyware
- rootkits alter permissions
- opening backdoors

What is botnet?

the group of computers that are infected, the hacker will control

What is a virus?

they attach themselves to a program therefore you have downloaded it in some way and replicates to other computers

How do users spread and activate viruses?

by copying infected files and activate them by opening infected files

What are worms?

they are more sophisticated than a virus, they self replicate without any users help so they can spread very quickly

What do worms do?

exploit weaknesses in network security

What are trojan horses?

malware disguised as legitimate software, they dont replicate themselves

What is ransomware?

it will encrypt data and not allow you to access it unless you pay a ransom

What is social engineering?

A way of gaining sensitive information or illegal access to networks by influencing people

Why may people be taken advantage of in social engineering?

- untrained with technology
- weak passwords

What is phishing?

When criminals send emails or texts to people claiming to be from a well known business

How can someone spot phishing?

- email address is wrong
- make it seem urgent
- spelling and grammar mistakes
- very informal
- asking for personal details

What do phishing emails often contain?

fake links to a company's website, they then request the user to update their personal information when the user inputs this data they hand it all over to criminals

What is telephone phishing?

someone rings up and employee of a company and pretends to be a network administrator or somebody else within the organisation, they are then persuaded to give out personal information

What is SQL?

one of the main coding devices used to access information in databases

What are SQL injections?

Pieces of SQL typed into a website's input box which then reveal sensitive information

What is penetration testing?

when organisations employ specialists to stimulate potential attacks on their network

Why is penetration testing used?

To identify possible weaknesses in a network's security by trying to exploit them, the results are reported back

What does physical security protect?

the physical parts of a network from either intentional or unintentional damage

What can physical security involve?

- locks and passcodes
- surveillance equipment
- alarm systems

What makes a strong password?

-using a combination of symbols, capital letters, numbers lowercase letters etc
- long passwords
- not using obvious passwords
- changing them regularly

How can you protect password based systems?

- 2 factor authentication
- limit the amount of tries someone can have
- make an amount of time someone cant log on for

What do user access levels control?

Which parts of the networks different groups of users can access

What do user access levels help limit?

the number of people with access to important data so help prevent insider attacks on the network

What is anti-malware software?

Software that is designed to detect and remove malware, it scans code and checks it against a database of known malware

How does anti-malware software work?

-finds any kind of malware
- quarantines it
- asks if you want it to be deleted

What do firewalls do?

block unauthorised access by examining all data entering and leaving the network and blocking potential threats

How do firewalls protect a system?

-block ports
- block key words
- block certain websites

What is encryption?

when data is translated into a code which only someone with the correct key can access meaning unauthorised users cannot read it

What is encrypted text called?

cipher text

What are biometrics?

using your physical characteristics to log on rather than a password