Casey Morris
Mind Map by , created more than 1 year ago

Mind Map on 1.6 System Security, created by Casey Morris on 21/03/2018.

74
0
0
Casey Morris
Created by Casey Morris over 7 years ago
Rate this resource by clicking on the stars below:
1 2 3 4 5 (0)
Ratings (0)
0
0
0
0
0

0 comments

There are no comments, be the first and leave one below:

Close
1.6 SystemSecurityForms ofAttackMalwareBruteForcePhisingDenialOfServiceSQLinjectionDatainterceptionand theftPhising is usually disguised as a usedpopular website or spammed messages soyou provide your email address and otherpersonal details. It pretends to be trustworthy.What is systemsecurity andcyber attacks?A cyber attack is an attempt togain unauthorised access to orcontrol of a computer and thenetwork which it is connected toSecurity is a setof measurestaken to protect acomputer fromharm to the dataand software.Reasons for NetworksecurityConfidentaldataDataTheftDataLossDataChangesLegalobligationsWorms are a networkthreat as they are hard toget rid of as they copythemselves over networksto external storage andother computersSpyware collects yourinformation and sends it tosomebody.A virus harms your computer in some way. Itusually deletes or begins altering files andstops programs from running.It is a type of attack when multiplecompromised systems which are ofteninfected with trojan and uses it to target asingle system.Trial and error is a brute forceattempt to access a computersystem.A keylogger can be either hardware or software. It is designed torecord every key that is pressed on a keyboard, therefore givingaccess to all the data that is entered into a computer such asusernames, passwords or websites visited.A trojan is a program whichis designed to deliberatelytrick a user in to downloadingand installing malicioussoftware.Data interception and theft is a hacker has stole data from acomputer. They can do this by tapping a connection, interceptingwireless traffic, or plugging into a network and monitoring traffic.Identifying andpreventingvulnerabilitiesPasswordsEncryptionFirewallsNetworkpoliciesNetwork forensicsPenetration testingUser access levelsAround 82,00 viruses are made each dayCan affect all components of anoperating systemSocial EngineeringRelies on human interactionCommonly involves trickingusers into breaking normalsecurity proceduresMalwareIt is malicious software thatcauses identify theft,financial loss andpermanent file deletion.VirusDDOSOverloads a websitewith unwanted trafficThe effects of a successfulattackExecute queries, exposingdataDeletedataAltering data, resultingin data integrity issuesBypassauthenticationprocedures andimpersonatespecific userAnti malwaresoftwareSoftware with the aim of preventingmalware from entering the system.FirewallsSoftware that performs a'barrier' between apotential attack and thecomputer systemMonitor application andnetwork usageCan be held on a server, or astandalone computerNetwork PoliciesDefines how a system can besecured through specific rules orrequirements.Explains how particular a user should accessand treat a systemUser Access Levelsalso known as system access rightsallows a systemadministrator to set up ahierarchy of users.Lower level users would haveaccess to limited information andsettings.Higher level users can accessthe most sensitive data on thesystemEncryptionwhere data is translated into codeso that only authorised users, orusers with the key can decrypt it.Biometric securityCan be used inaddition to 'standard'password entryExamples - retina scan,fingerprint, voice and facialrecognition.SQLinjectionattacks could accesssystems containingcustomer data, intellectualproperty and othersensitive informationMalicious code to be user in an SQLquery when it is run in order for theinjection attack to take place.Network ForensicsA branch of digitalforensicsCovers the forensicinvestigation of networks andtheir devices attached to themprimarily involves theexamination of datasent across a networkMay involve the user ofvarious forensic techniquesincluding 'packet sniffing'Packet sniffing involves the interceptionof packets across the networkPacket sniffing toolscan help usersunderstand what isbeing sent around thenetwork at the time.Penetration TestingTests performed under acontrolled environment by aqualified personChecks for current vulnerabilities and explorespotential ones in order to expose weaknesses inthe system so they cannot be maliciouslyexploited.Double click this nodeto edit the textClick and drag this buttonto create a new node