1.6 System Security
Terms in this set (23)
Otherwise known as 'malicious software' (bad software). Software which can be malicious if damaging to a computer or network e.g. viruses, worms and trojan horses.
Malicious software designed to cause harm to a network or computer system. Attaches itself to programs or files on a computer or server. It can affect all components of operating system.
Replicates itself in order to spread to other computers. Often using a computer network
In order to achieve this, it exploits vulnerabilities across the computer network. Unlike a virus, it does not need to attach to a program.
Malicious computer program. Designed to access a computer by misleading users of its intent.
Relies on human interaction or social skills. Commonly involves tricking users into breaking normal security procedures. Method does not revolve around technical cracking techniques such as worms or viruses.
Is when an unauthorised person tries to acquire sensitive information such as usernames, passwords, card details etc. by disguising themselves. Most commonly sent through email.
telephone (IVR) phishing
Where a telephone system is mirrored and direct phone calls pretends to be official services e.g. it would request similar prompts to a bank if the exploit was to gain banking information.
brute force attacks
A trial and error method used for gaining access to password based entry systems. Attacker tries possible passwords and keeps trying until it finds a correct one.
denial of service attacks
When a website is overloaded with unwanted traffic. It uses a number of computers over a network of infected machines. Each computer send requests to a website which would bring it offline. Used as a 'botnet'.
data interception and theft
Data travels across networks in packets. Packets can be intercepted
If packets are encrypted, they cannot be read without a key. Unencrypted packets can be re-assembled using signatures.
Where an attacker uses SQL (coding language used for databases). Many websites use SQL-based databases e.g. include Google, YouTube, PayPal, eBay, Cisco. The attackers executes malicious SQL statements. If the attacker gains access they could impersonate specific users or alter or delete the data.
Primarily involves the examination of data sent across a network (or networks). May involve the use of various forensic techniques including 'packet sniffing'.
Involves the interception of packets across a network. Tools can help users understand what is being sent around the network at the time. Most tools reveal all data sent over the network, although a lot of it may be encrypted!
If a user were to gain access to a system or intercept user data without permission, they would be breaking the Computer Misuse Act & the Investigatory Powers Act. Law enforcement agencies are allowed to intercept information under the Investigatory Powers Act.
Tests performed under a controlled environment by a qualified person. Checks for current vulnerabilities and explores potential ones in order to expose weaknesses in the system so they cannot be maliciously exploited.
Defines how a system can be secured through specific rules or requirements. Explains how particular users should access and treat a system e.g. Acceptable Use Policy (AUP)
Software with the aim of preventing malware from entering the system.
Software that acts a 'barrier' between a potential attacker and the computer system. Can be held on a server, or a standalone computer. Many have this feature as part of a user access levels package. Not 100% effective - an attacker could exploit a vulnerability. It monitors application and network usage and it has the ability to block access from certain computer users and disable processes which may be perceived as a threat.
user access levels
Also known as system access rights. Comes under system access control. It allows a system administrator to set up a hierarchy of users. Lower level users would have access to limited information and settings. Higher level users can access the most sensitive data on the system.
Typically a string of characters used to gain access to a service or system.
Can be used in addition to 'standard' password entry e.g. retina scan, fingerprint, voice, facial recognition.
12 characters or more. The more characters means the stronger the password. Also mix upper/lower case, numbers &symbols.
Where data is 'scrambled'. That means it's translated into a code. Only authorised users with a 'key' can decrypt or unscramble the coded file.