Please enable JavaScript.
Coggle requires JavaScript to display documents.
Network security - threat prevention - Coggle Diagram
Network security - threat prevention
SQL form validation
Description - The process of checking that data entered is sensible. E.g.:
Length check - e.g. password length
Range check e.g. months of the year = 1 - 12
Type check e.g. can only enter integers
Format check e.g. not allowed to enter spaces
Lookup check - data must be in a predefined list
Network operating system attacks - SQL injection - Validation rules can be applied to online forms - this makes it difficult for someone to enter malicious SQL code
Encryption
Description - This is the conversion of data into a form that cannot be understood unless a user knows how to convert it back. Encrypting = scrambling data. Decrypting = converting data into its original form. Plain text = unencrypted message. Ciphertext = encrypted message. Keys are used during this process - a key is a large random number - up to 256 bits. Public key - available to everyone - used to encrypt messages. Private key - only available to the user - used to decrypt messages
VPN's use this method
Network operating system attacks - DATA INTERCEPTION AND THEFT - does not stop data packets being copied - but does stop them being read and understood
Anti Malware software
Description - Software designed to detect and remove malicious program. Examples include anti virus( just viruses) and anti malware (viruses and other malware such as worms, trojans and spyware). It scans files on a computer; if a problem is detected the malicious program is removed or quarantined (stored in an isolated part of the hard drive so it cannot affect other files or programs). Can be a separate utility or part of the Operating System. Must be kept up to data as new malicious programs are being developed all the time
Malware - prevents all malware
Social engineering - If someone clicks on a fake link on a phishing email, then any malware will not be installed on the network
Network operating system attacks - Can help detect malicious software (bots) that are used to create DOS and DDOS attacks
User access rights
Description - Sets which files and folders users are allowed to read, write to and execute (run). Useful for organisations with lots of departments/different types of user e.g. school - students, teachers, management, finance etc
Malware - Helps
reduce the spread of malware
users can only access certain areas so any malware can’t spread over the whole network
Network operating system attacks - SQL injection - If only certain people have permission to edit a database, then fake SQL code will not run
Firewall
Description - Protects a network connected to a WAN such as the internet. Can be hardware or software. Provide rules for how data packets can leave and enter the network. Can block access points (ports) and IP addresses e.g. games sites on a school network.
Malware -
Does not directly prevent malware
but can restrict access to sites/users that could potentially contain malware.
Social Engineering - Does not directly prevent SE but can restrict access to sites/users that could potentially use phishing.
Network operating system attacks - DOS and DDOS attacks - can block suspicious IP addresses
Passwords
Rules for these include:
Strong - at least 8 characters, includes upper and lower case letters, numbers and symbols
Changed regularly
Never written down or shared
Old ones never reused
Users locked out if they unsuccessfully attempt to log in a set number of times
Network operating system attacks - BRUTE FORCE ATTACKS - more complex passwords are harder for algorithms to crack
Physical security
Description - Locks on doors, keypads or biometric access points. CCTV and burglar alarms. RFID (radio frequency identification) chips in all hardware. Hardware chained or locked to desks.
Malware/social engineering - Stops unauthorised access to building/equipment which means that intruders will not be able to install malware or trick people into sharing data
reCaptcha
Description - Checks that it is a human - not a robot entering the username and password. tick “I’m not a robot”. May have to answer an additional question e.g. how many squares in a grid contain cars?
Network operating system attacks - BRUTE FORCE ATTACKS - stops software bots trying out lots of different passwords
Backups/backup policy
Description - Saving a copy of data in another location (different server/on the cloud)
A policy will explain:
what data is backed up
where it is backed up to (should be on a separate server and/or the cloud)
how often backups are carried out
Type of backup (full or incremental)
Backups do not prevent the Malware, social engineering and Network operating system attacks BUT:
If the original data is lost or corrupted, there is a way of getting it back (or at least some of it).
Penetration testing
Description - Professional hackers (white hat hackers) are hired to test the security of the network. They try to gain unauthorised access in order to identify weaknesses in the network. They also assess the security awareness of users
Helps to prevent ALL threats
Limit login attempts
Description - When the same IP address fails to log in a set number of times (often 3):
The IP address is blocked
An email is sent to the registered user to inform them of suspicious activity
The registered user has to follow instructions to unblock their account and change their password