How does Data interception and theft work ?
When sensitive information travelling on a network is intercepted using monitoring hardware
How does Brute - force work ?
When automated software is used to try millions of potential passwords until one is correct
How does denial of service (Dos) work ?
When a hacker prevents users from accessing a network or website by flooding it with useless traffic
How does SQL injection work ?
When SQL code is typed into input boxes on a website. If the site has weak input validation, the hacker can gain access to the websites database - information about customers
What is malware ?
Software designed to damage or disrupt a device or network
What are the 5 types of malware ?
Spyware
Ransomware
Viruses
Worms
Trojans
How does spyware work ?
It monitors user actions and sends this information back to the hacker
How does ransomware work ?
It encrypts files and the user has to pay for the decryption key
How do viruses work ?
They are attached to files and either run or replicate when the file is opened by the user
How do worms work ?
They are like viruses but self replicate which makes them spread quickly
How do trojans work ?
They are malware disguised as legitimate software
What is social engineering ?
Gaining access to networks or sensitive information by using people as a systems weak point
What are the 2 types of social engineering ?
Telephone
Phishing
How does telephone (social engineering work) ?
When a person is called by someone pretending to be a company and is persuaded to disclose confidential information
How does phishing (social engineering work) ?
When criminals send emails pretending to be a company. The emails contain links to fake websites that ask users to update personal information which the criminals can steal
What are passwords used for ?
They prevent unauthorised users from accessing a network
What attack do password usually nullify ?
Brute force attacks
What in encryption ?
When data is translated into cypher text that needs a specific decryption key to understand and translate back to plain text
What 2 things does encryption mainly protect against and how ?
Data interception - Secures data sent over network making it harder to intercept
SQL injection - Secures data stored on network
What do user access levels control ?
Who has access to sensitive data
Who can edit the sensitive data
Who can change user access levels
What 2 things does user access levels mainly protect against and how ?
Social engineering / malware - limits the number of people who have access to sensitive data
What does anti malware software do ?
Prevents malware from damaging a network and devices on it
What do anti virus programs do ?
They isolate and destroy computer viruses
What do firewalls do ?
They examine all data entering and leaving a network by blocking unauthorised access and unwanted data.
