Please enable JavaScript.
Coggle requires JavaScript to display documents.
Computer Science SLR5 Revision - Coggle Diagram
Computer Science
SLR5
Revision
Network Security
Reasons for Network Security
Ensures that only authorised users can access the network and its resources
Ensures that users can access data relevant to them
Prevents misuse such as deleting data
Prevents damage to hardware
Importance of Network Security
Business Success
Data on the network is vital for running an organisation and if that data is compromised, the business will fail
Privacy
Data stored may be sensitive and must be stored securely to comply with law
Financial
The data may be financially valuable such as details of new products
Network Vulnerabilities
Hackers
People who exploit vulnerabilities to gain unauthorised access to the network
Insiders
People who work for the company and have authorised access to the network
Not all insider threats are malicious, some only caused due to human error or irresponsible behaviour
Malware
Designed to cause damage and/or disruption to the network
Penetration Testing
Testing a network system in order to find vulnerabilities that hackers could exploit
Black Box
No information about the network is given and the tester must try to breach security by using the methods and techniques of a black hat hacker
White Box
Given access to relevant network and system information. They use this to identify loopholes that insiders and outsiders could exploit
Ethical Hacking
Ethical Hacker
An expert that systematically attempts to penetrate a computer system in order to find security vulnerabilities that a hacker can exploit
Often referred to as white hat hackers
Protecting Networks
Access Control
Limits who can log into a system and what they can do
Many organisations use multi-factor authentication for extra security
In addition to having a valid ID and password, users must have a swipe card or a unique biometric measurement
Permissions
Some users may not be able to see certain files
Users can have 'read-only' access so they can see files or have 'read and write' access so they can modify files
At higher levels, users can be given the right to delete files and set user's rights to files
Principe of Least Privilege
Giving users the level of access to files and software that they need to do their job
Physical Security
Protects hardware containing sensitive data
Access Doors
Kept locked and fitted with security recognition measures (e.g. keypads)
Biometric Measurements
Can be used on mobile devices to authenticate users
Swipe Cards
Containing users' details can be used for entry to a building
CCTV
Monitors building's exterior and interior
RFID
RFID chips can be fitted to equipment so that an alarm sounds when the equipment is removed
Firewall
Protects a network connected to a WAN (e.g. the Internet)
Can be provided by software or hardware
Configured to prevent communications from entering a network and also programs and users from accessing the internet from within the network
Individual computers have a software firewall installed with default rules
A business has a hardware firewall due to how flexible it is to apply rules to it and allows a faster throughput of data
PC-like appliances that can be configured to block unwanted data
Malware
An umbrella term referring to the varieties of hostile/intrusive software
Virus
Inserts itself into another program and stays hidden and waits for it's 'host' to be run.
Once activated, it makes copies of itself and attaches these to other programs.
Infected programs are passed on via email, messaging and social media
Used to infect a computer and can cause it to run slowly, crash or damage/delete data on its hard drive
Worm
Infects systems by moving from one device to another and can infect an entire network quickly
They don't embed themselves into other programs and distribute themselves independently of users
Trojan
Masquerades itself as a legitimate software that users are tricked into downloading
It runs whenever the computer is switched on - which provides the hacker with access to files stored on the hard drive and a backdoor into devices on the same network
Ransomware
Delivered by trojans, encrypts files on the computer and makes the victim pay a ransom (ranging from a few hundred to a thousands of dollars), in order to get the key to decrypt them
Trojans install backdoors onto the computer silently and then allows hackers to launch a ransomware attack, harvest sensitive data or hijack a webcam
Keylogger
Secretly records the keystrokes a user makes, enabling the hacker to extract valuable information such as passwords
spies on what the user is doing
Unsecured IoT devices
Hackers make unsecured IoT devices (e.g. security cameras), part of a botnet (army of zombie devices used to carry out mass attacks)
These are used to carry out DDoS attacks that can flood networks with high volumes of traffic, causing it to crash
Technical Vulnerabilities
Unpatched Software
Hackers exchange information about known security vulnerabilities in software and they target them in cyberattacks
When a security flaw has been discovered in software, the producer must work quickly to produce a patch that will solve the issue
A zero-day vulnerability is a newly discovered and hasn't been patched
Hackers will try to exploit it by launching a zero-day attack
Out-of-date Anti-malware
Anti-malware scans files and compares the contents with a database of known malware signatures
If the signature library is not kept up to date, malware that has new signatures will be missed and not recognised by anti-malware
Open Ports
Services that rely on the internet use dedicated computer ports to transmit and receive data
Hackers find out which software and services are running on a computer by port scanning, helping them to identify possible attack targets
Default Admin Passwords
Hardware devices (routers, modems, file servers), are shipped with factory-set admin passwords
Hackers can look up default passwords on the web and use password-hacking software to crack weak passwords
Social Engineering
The practice of manipulating people so they give up confidential information
Phishing
Victims receive an email from a seemingly reputable source
It asks them to click on a link to a seemingly genuine website
Once on the website, the victim is asked to enter their ID, password or credit card number and this information is harvested by the hacker
Most phishing messages are sent as bulk mailings that target thousands of potential victims
Blagging
(Pretexting)
The hacker pretends to be from a trusted organisation that is known to the victim
The hacker says there's an emergency that must be dealt with and by stressing the urgency of the situation, it provokes the victim into giving up confidential information
Baiting
Victims are offered a free giveaway and this giveaway is bundled with harmful malware that infects the computer
The hacker could leave USB sticks lying around for victims to find. Once it's plugged into the computer, the computer becomes infected
Quid Pro Quo
Victims provide their login details and other security information in exchange for a service
The attacker offers to help with the setup and installation and this gives them the perfect opportunity to install malware
Shoulder Surfing
The hacker looks over a victim's shoulder, uses binoculars to watch from a distance or uses a camera to note their login name, password, PIN, etc
Protecting Digital Systems
Firewall
Acts as a barrier between the internal network and the internet, monitoring incoming and outgoing traffic
Use pre-defined set of rules to determine what to allow through from one side to the other
Also spot suspicious inactivity within networks such as trying to access harmful websites
Anti-malware Software
Traditional anti-malware software works by comparing the signature of files to a database of known malware signatures and seeing if they line up
If it does indeed line up, it's quarantined until the user decides whether to let it in or delete it
More sophisticated software uses heuristic analysis to look for suspicious behaviours that could indicate a new form of malware
Static analysis compares the source code of suspicious files with that of known malware
Dynamic analysis isolates the suspicious file within a sandbox and sees what would happen if it were to run. Each command is executed to identify any suspicious commands
Encryption
Encrypting data does not prevent it from being stolen but it does protect its confidentiality
The process of converting data into a scrambled format that isn't understandable
Only an authorised person that has the key can decrypt it
Symmetric encryption uses the same key to both encrypt and decrypt the data
Asymmetric encryption uses a public key to encrypt it and a private key to decrypt it
Backup and Recovery Procedures
Will not protect data but will enable it to be recovered
Backing Up
Involves making a copy of the data and storing it on a different location, offsite or in the cloud
Full Backup
A full copy is made of all the data, regardless of whether it has been changed since the last back up
Incremental Backup
Copies new files and those changed since the last backup
Recovery
Restoring data and/or system states from the backup copy
Recovery plans include arrangements for relocating staff and equipment to an alternative site
RAID
The contents of each hard disk on a server are replicated on a second disk.
Should one disk fail, the other springs into action, allowing the failed disk to be swapped out without the server having to be shut down
Should one disk fail, the other springs into action, allowing the failed disk to be swapped out without the server having to be shut down
Acceptable Use Policies
Reduces the risk of people being socially engineered
A collection of rules and procedures that users are required to follow
It also defines what's appropriate or what's not
It also states the actions that will be taken if someone breaks it
Appropriate Behaviour
Log off or lock the screen before leaving a computer unattended
Use a secure password and do not disclose to others
Exercise caution when opening mail attachments
Inappropriate Behaviour
Install software downloaded from the web
Plug a memory stick into a USB port
Give out confidential information over phone or email
Remove data from the premisis without authority
Access social media sites in work time
Users must sign a copy of the AUP to acknowledge that the have read and agree to abide by it