Casey Morris
Mind Map by , created more than 1 year ago

Mind Map on 1.6 System Security, created by Casey Morris on 21/03/2018.

76
0
0
Casey Morris
Created by Casey Morris over 7 years ago
Rate this resource by clicking on the stars below:
1 2 3 4 5 (0)
Ratings (0)
0
0
0
0
0

0 comments

There are no comments, be the first and leave one below:

Close

1.6 System Security

1.6 SystemSecurityForms ofAttackMalwareBruteForcePhisingDenialOfServiceSQLinjectionDatainterceptionand theftPhising is usually disguised as a usedpopular website or spammed messages soyou provide your email address and otherpersonal details. It pretends to be trustworthy.What is systemsecurity andcyber attacks?A cyber attack is an attempt togain unauthorised access to orcontrol of a computer and thenetwork which it is connected toSecurity is a setof measurestaken to protect acomputer fromharm to the dataand software.Reasons for NetworksecurityConfidentaldataDataTheftDataLossDataChangesLegalobligationsWorms are a networkthreat as they are hard toget rid of as they copythemselves over networksto external storage andother computersSpyware collects yourinformation and sends it tosomebody.A virus harms your computer in someway. It usually deletes or begins alteringfiles and stops programs from running.It is a type of attack when multiplecompromised systems which are ofteninfected with trojan and uses it totarget a single system.Trial and error is a bruteforce attempt to access acomputer system.A keylogger can be either hardware or software. It isdesigned to record every key that is pressed on akeyboard, therefore giving access to all the data that isentered into a computer such as usernames, passwordsor websites visited.A trojan is a programwhich is designed todeliberately trick a user into downloading andinstalling malicioussoftware.Data interception and theft is a hacker has stole data froma computer. They can do this by tapping a connection,intercepting wireless traffic, or plugging into a network andmonitoring traffic.IdentifyingandpreventingvulnerabilitiesPasswordsEncryptionFirewallsNetworkpoliciesNetworkforensicsPenetrationtestingUser accesslevelsAround 82,00 viruses are made eachdayCan affect all componentsof an operating systemSocialEngineeringRelies on humaninteractionCommonly involvestricking users intobreaking normalsecurity proceduresMalwareIt is malicious softwarethat causes identifytheft, financial loss andpermanent file deletion.VirusDDOSOverloads awebsite withunwanted trafficThe effects of a successfulattackExecute queries,exposing dataDeletedataAltering data,resulting in dataintegrity issuesBypassauthenticationproceduresandimpersonatespecificuserAnti malwaresoftwareSoftware with the aim ofpreventing malware fromentering the system.FirewallsSoftware that performsa 'barrier' between apotential attack andthe computer systemMonitor applicationand network usageCan be held on a server,or a standalonecomputerNetworkPoliciesDefines how a system canbe secured through specificrules or requirements.Explains how particular a user shouldaccess and treat a systemUser AccessLevelsalso known as system accessrightsallows a systemadministrator to set upa hierarchy of users.Lower level users would haveaccess to limited informationand settings.Higher level users canaccess the most sensitivedata on the systemEncryptionwhere data is translated intocode so that only authorisedusers, or users with the keycan decrypt it.BiometricsecurityCan be used inaddition to'standard'password entryExamples - retina scan,fingerprint, voice and facialrecognition.SQLinjectionattacks could accesssystems containingcustomer data, intellectualproperty and othersensitive informationMalicious code to be user in an SQLquery when it is run in order for theinjection attack to take place.Network ForensicsA branch of digitalforensicsCovers the forensicinvestigation of networks andtheir devices attached to themprimarily involves theexamination of datasent across a networkMay involve the user ofvarious forensic techniquesincluding 'packet sniffing'Packet sniffing involves the interceptionof packets across the networkPacket sniffing toolscan help usersunderstand what isbeing sent around thenetwork at the time.Penetration TestingTests performed under acontrolled environment by aqualified personChecks for current vulnerabilities and explorespotential ones in order to expose weaknesses inthe system so they cannot be maliciouslyexploited.Double click this nodeto edit the textClick and drag this buttonto create a new node