Please enable JavaScript.
Coggle requires JavaScript to display documents.
Eva Kenningham: 1.4 network security - Coggle Diagram
Eva Kenningham: 1.4 network security
attacks and threats
malware- software designed to cause harm
virus- infects the computer and can spread
worm- malware that gets in through security holes
adware- advertisements spammed onto the computer whenever you are online
trojan- looks beneficial but actually malicious
spyware- can look and record what you are typing
social engineering- using people as weak point to gain access to sensitive/private information
phishing- pretending to be a legitimate company and requesting forsensitive information in an email
shouldering- looking over someone's shoulder or computer to see sensitive information
blagging- using voice to persuade and gain access to accounts
pharming- redirecting a user to what looks like a legitimate website, which is actually a fraudulent one
brute force attacks- repeatedly trying multiple password combinations to try and gain access to accounts
DoS attacks -sending useless requests to overrun a server
DDoS- taking over multiple clients/bots in order to overrun the server
data interception and theft- intercepting the data being sent from a client- mostly done through wireless connections as the signal is outputted and not protected
SQL injection- inputting executable code into a query box in a website. This could allow the hacker to access sensitive records from a database
drop down list
turn input into a string
remove punctuation and sanitise the input
prevent by:
indentify vulnerabilities
penetration testing- hiring someone to test how easy it is to get through security holes, and then inform the company, allowing them to improve their security
anti-malware software- software such as anti-virus software, designed to prevent malware entering/interfering with the computer
firewalls- hardware: use like a router between routers to deliberately restrict entering of malware and data. software- program used to stop certain traffic entering the network
user access levels- limiting who has access to sensitive data files, so as to protect personal or confidential information
passwords- making sure they are long and strong and contain symbols and upper case and lower case
encryption- encrypting data so that when it is sent over a network, it can only be read by using a key to decipher it, which only the intended recipient has
physical security- using physical restrictions such as padlocks, locking the server room, using CCTV cameras, having an access code