WordPress.com



1.6 System security cheat sheetMalware - Otherwise known as ‘malicious software’. Software which can be malicious if damaging to a computer or network.Viruses-Malicious software designed to cause harm to a network or computer system. Attaches itself to programs or files on a computer or server. Can affect all components of an operating system. Around 82,000 viruses are made each day.Worms-Replicates itself in order to spread to other computers. Often using a computer network. In order to achieve this, the worm exploits vulnerabilities across the computer network. Unlike a virus, it does not need to attach to a program.Trojan Horse-Malicious computer program. Designed to access a computer by misleading users of its intent. Example: Email appearing to have been sent from a bank asking to download security software which would improve security where in fact the software intention is to give unauthorised access to the system. Social Engineering-Relies on human interaction (social skills). Commonly involves tricking users into breaking normal security procedures. Method does not revolve around technical cracking techniques such as worms or puter Phishing-Form of social engineering. Designed to acquire sensitive information such as usernames, passwords, card details etc. Most common phishing attacks are sent through email.Telephone Phishing-Telephone system mirroring – direct phone calls that pretend to be an official service. For example, a telephone phishing system would request similar prompts to a bank if the exploit was to gain banking information. User could be asked to enter bank number; expiry, CCV, PIN and system may reject or ask for re-entry to ensure original digits are correct.Data Interception and Theft-Data travels across networks in packets. Packets can be intercepted. If packets are encrypted, they cannot be read without a key. Unencrypted packets can be re-assembled using signatures. Data can also be intercepted physically, for example portable hard drives and other external hardware can be stolenNetworks policy-Outlines rules for network access. Most common is Acceptable Use Policy (AUP). You may have been asked to agree to an AUP when joining your schoolA poor network policy could lead to-Users could be unaware of the risks of: Using software, Opening emails and turning off firewalls etc. Most networks restrict users to what they can/cannot do. Can you install software on your school PC? Do you have filters on your email and internet browser?Brute Force Attack-Trial and error method. Can be used for gaining access to password-based entry systems. Consists of an attacker trying possible passwords and passphrases until a correct one is found.DDOS-Overloading a website with unwanted traffic. Uses a number of computers over a network of infected machines which send requests to a website which would bring it offline. Used as a ‘botnet.SQL Injection Definition-Where an attacker can execute malicious SQL statements using software which controls a database management system. Can affect websites that use SQL-based databases Companies that use SQL include Google, YouTube, PayPal, eBay, Cisco. Exploits that have been identified must be patched quickly to reduce impact on businesses therefore important for organisations to update infrastructure regularly. By exploiting the vulnerabilities of SQL through injection, attackers could access systems containing customer data, intellectual property and other sensitive information.What is needed to carry out an SQL injection?-A relational database using SQL at the time of the attack. Malicious code to be used in an SQL query when it is run in order for the injection attack to take place.The effects of a successful attack-Should an attacker gain access to the database, they could: Bypass authentication procedures and impersonate specific users. Execute queries, exposing data. Altering data, resulting in data integrity issues. Delete dataNetwork Forensics-A branch of digital forensics. Covers the forensic investigation of networks and their devices attached to them. Primarily involves the examination of data sent across a network (or networks). May involve the use of various forensic techniques including ‘packet sniffing’. Packet sniffing involves the interception of packets across a network. Packet sniffing tools can help users understand what is being sent around the network at the time. Most tools reveal all data sent over the network, although a lot of it may be encrypted! Performing packet sniffing without express written permission of all parties is in breach of UK law.Penetration Testing-Tests performed under a controlled environment by a qualified person. Checks for current vulnerabilities and explores potential ones in order to expose weaknesses in the system so they cannot be maliciously exploited. May use tools to help them in their duties. Performed by a ‘penetration tester’.Anti-malware Software-Software with the aim of preventing malware from entering the system. Malware - Otherwise known as ‘malicious software 'Software which can be malicious if damaging to a computer or network. Examples include viruses, worms and Trojan horses.Firewalls-Software that performs a ‘barrier’ between a potential attacker and the computer system. Can be held on a server, or a standalone computer. Many have this feature as part of an anti-virus package. Not 100% effective – an attacker could exploit a vulnerability. Monitor application and network usage. Has the ability to block access from certain computer users and disable processes which may be perceived as a work Policies-Defines how a system can be secured through specific rules or requirements. Explains how particular users should access and treat a system. Specifies rules for use, for example: Who should access particular parts of a system (no distributing of passwords) What systems can be used for (eg. Work only / no personal use) How to handle specific systems like email (no passing chain mail)Encryption-Where data is translated into code so that only authorised users, or users with the key can decrypt it. Users must need the key in order to decrypt the coded file.Caesar cypher- Cipher invented by Julius Caesar. Designed to keep his messages secret. Works by encrypting messages through movement of each letter a certain number of places to the left in the alphabet. Key tells us how many places to the left the letters have been moved.user access levels - Also known as system access rights. Comes under system access control. Allows a system administrator to set up a hierarchy of users. Lower level users would have access to limited information and settings and higher level users can access the most sensitive data on the system.Passwords - Typically a string of characters used to gain access to a service or system. Can you think of any alternatives to character password entry?Biometric security - Examples include: Retina scan, Fingerprint, Voice and Facial recognitionFeatures of a strong password - 12 characters or more. The greater the characters, the stronger the password. Mixture of capitals, lower case letters, numbers and symbol ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download