GCSE Computing - Systems Security
- Created by: MrSwalbert
- Created on: 05-02-18 12:34
View mindmap
- System Security
- Malware
- It is short fro malicious software.
- Types of Malware
- Virus - A program hidden within another program, designed to cause damage to file systems.
- Worm - A malicious program that acts independently and can replicate itself.
- Trojan - Installed by another user thinking it is a legitimate piece of software when it will actually cause damage.
- Spyware - Secretly passes information on to criminals without the user knowing. It is packaged with free software.
- Adware - Displays targeted advertising and directs search requests without permission.
- Ransomware - Limits or denies a user access to their system until a ransom is paid to unlock it.
- Pharming - The redirecting of a user's website to a fraudulent site without their permission.
- Types of Attacks
- Phising - This is when a criminal sends you a message from somebody else trying to access your information and passwords.
- Signs of Phishing - Urgency, careless use of language, impersonal, fake links, Attachments.
- Spear Phishing - this is targeted phishing.
- Brute Force Attacks - This is a trail and error method of cracking a password. This is where a known email or username is used to crack a password.
- DoS - This is designed to make a network come to a halt by bombarding it with useless requests.This causes the service to go offline.
- Data Interception and Theft - Packets that travel can be intercepted and rebuilt by people.
- SQL Injection - Some criminals write SQL code which bypasses log in pages.
- Phising - This is when a criminal sends you a message from somebody else trying to access your information and passwords.
- Network Policies
- A poorly managed network will allow many attacks.
- Physical security: keep doors locked, CCTV, bio metric scanners.
- User security: network access levels, good passwords.
- Encryption
- This is carried out using a cipher.
- A public key is something that anybody has access to. It is used to decode an encrypted message.
- A private key is a unique key that is never shared.
- Polocies
- Acceptable Use Policy - This is a set of rules or guidelines that tell the user what they must and must not do before logging into the system.
- Firewalls
- These prevent any unauthorised access to a machine from the internet.
- Network Forensics
- This is the recording, monitoring and analysis of a network.
- Lets the administrator see any unusual activity.
- Penetration Testing
- This is where a network is destructively tested for any weaknesses or vulnerabilities.
- Some companies hire people to hack their systems to find weaknesses.
- Malware
Comments
No comments have yet been made