11931120
Network Vulnerabilities
- Malware
- Malware, short for malicious software, is an
umbrella term used to refer to a variety of
forms of harmful or intrusive software.
including computer viruses, worms, Trojan
horses, ransomware, spyware, adware,
scareware, and other malicious programs.
- Malware, short for malicious software, is an
umbrella term used to refer to a variety of
forms of harmful or intrusive software.
including computer viruses, worms, Trojan
horses, ransomware, spyware, adware,
scareware, and other malicious programs.
- Ransomware
- is
designed to infect a
user's system and
encrypt the data.
- is
designed to infect a
user's system and
encrypt the data.
- Phishing
- Phishing scams are attempts by
scammers to trick you into giving out
personal information such as your bank
account numbers, passwords and credit
card numbers.
- Phishing scams are attempts by
scammers to trick you into giving out
personal information such as your bank
account numbers, passwords and credit
card numbers.
- Trojan horse
- In computing, a Trojan
horse, or Trojan, is any
malicious computer
program which
misleads users of its
true intent. The term is
derived from the
Ancient Greek story of
the deceptive wooden
horse that led to the fall
of the city of Troy
- In computing, a Trojan
horse, or Trojan, is any
malicious computer
program which
misleads users of its
true intent. The term is
derived from the
Ancient Greek story of
the deceptive wooden
horse that led to the fall
of the city of Troy
- Brute Force Attack
- Brute force (also known as brute
force cracking) is a trial and error
method used by application
programs to decode encrypted
data such as passwords or Data
Encryption Standard (DES) keys,
through exhaustive effort (using
brute force) rather than employing
intellectual strategies.
- Brute force (also known as brute
force cracking) is a trial and error
method used by application
programs to decode encrypted
data such as passwords or Data
Encryption Standard (DES) keys,
through exhaustive effort (using
brute force) rather than employing
intellectual strategies.
- Denial of Service
- In computing, a denial-of-service
attack is a cyber-attack where the
perpetrator seeks to make a machine
or network resource unavailable to
its intended users by temporarily or
indefinitely disrupting services of a
host connected to the Internet.
- In computing, a denial-of-service
attack is a cyber-attack where the
perpetrator seeks to make a machine
or network resource unavailable to
its intended users by temporarily or
indefinitely disrupting services of a
host connected to the Internet.
- Man in the Middle
- a man-in-the-middle attack (MITM) is an attack where the
attacker secretly relays and possibly alters the
communication between two parties who believe they are
directly communicating with each other. One example of
man-in-the-middle attacks is active eavesdropping, in which
the attacker makes independent connections with the
victims and relays messages between them to make them
believe they are talking directly to each other over a private
connection, when in fact the entire conversation is
controlled by the attacker. The attacker must be able to
intercept all relevant messages passing between the two
victims and inject new ones. This is straightforward in many
circumstances.
- Eavesdropping
- microphones—some even crack open
their computers and phones to disable
or remove those audio components so
they can't be hijacked by hackers. Now
one group of Israeli researchers has
taken that game of spy-versus-spy
paranoia a step further, with malware
that converts your headphones into
makeshift microphones that can slyly
record your conversations.
- microphones—some even crack open
their computers and phones to disable
or remove those audio components so
they can't be hijacked by hackers. Now
one group of Israeli researchers has
taken that game of spy-versus-spy
paranoia a step further, with malware
that converts your headphones into
makeshift microphones that can slyly
record your conversations.
- Message tampering
- Is where a person will tamper and
change the context of eaither an
email or text message.They will
also find out things about you or
send corrupted messages.
- Is where a person will tamper and
change the context of eaither an
email or text message.They will
also find out things about you or
send corrupted messages.
- a man-in-the-middle attack (MITM) is an attack where the
attacker secretly relays and possibly alters the
communication between two parties who believe they are
directly communicating with each other. One example of
man-in-the-middle attacks is active eavesdropping, in which
the attacker makes independent connections with the
victims and relays messages between them to make them
believe they are talking directly to each other over a private
connection, when in fact the entire conversation is
controlled by the attacker. The attacker must be able to
intercept all relevant messages passing between the two
victims and inject new ones. This is straightforward in many
circumstances.
- Social Engineering
- Social engineering, in the context of
information security, refers to psychological
manipulation of people into performing
actions or divulging confidential
information.
- Social engineering, in the context of
information security, refers to psychological
manipulation of people into performing
actions or divulging confidential
information.
- Data Interception
- When packets travel across a network, they are
susceptible to being read, altered, or “hijacked.”
Hijacking occurs when a hostile party intercepts a
network traffic session and poses as one of the
session endpoints. An attacker monitors data
streams to or from a target, in order to gather
sensitive information.
- When packets travel across a network, they are
susceptible to being read, altered, or “hijacked.”
Hijacking occurs when a hostile party intercepts a
network traffic session and poses as one of the
session endpoints. An attacker monitors data
streams to or from a target, in order to gather
sensitive information.
- Packet Sniffing
- A sniffer is an application that can capture network packets. Sniffers are also
known as network protocol analizers. While protocol analyzers are really network
troubleshooting tools, they are also used by hackers for hacking network. ... Once
the packet is captured using a sniffer, the contents of packets can be analyzed.
- A sniffer is an application that can capture network packets. Sniffers are also
known as network protocol analizers. While protocol analyzers are really network
troubleshooting tools, they are also used by hackers for hacking network. ... Once
the packet is captured using a sniffer, the contents of packets can be analyzed.
- SQL
Injection
- SQL (pronounced “sequel”) stands for structured query
language; it’s a programming language used to
communicate with databases. Many of the servers that
store critical data for websites and services use SQL to
manage the data in their databases. A SQL injection
attack specifically targets this kind of server, using
malicious code to get the server to divulge information
it normally wouldn’t. This is especially problematic if the
server stores private customer information from the
website, such as credit card numbers, usernames and
passwords (credentials), or other personally identifiable
information, which are tempting and lucrative targets
for an attacker.
- An SQL injection attack works by exploiting any one
of the known SQL vulnerabilities that allow the SQL
server to run malicious code. For example, if a SQL
server is vulnerable to an injection attack, it may be
possible for an attacker to go to a website's search
box and type in code that would force the site's SQL
server to dump all of its stored usernames and
passwords for the site.
- An SQL injection attack works by exploiting any one
of the known SQL vulnerabilities that allow the SQL
server to run malicious code. For example, if a SQL
server is vulnerable to an injection attack, it may be
possible for an attacker to go to a website's search
box and type in code that would force the site's SQL
server to dump all of its stored usernames and
passwords for the site.
- SQL (pronounced “sequel”) stands for structured query
language; it’s a programming language used to
communicate with databases. Many of the servers that
store critical data for websites and services use SQL to
manage the data in their databases. A SQL injection
attack specifically targets this kind of server, using
malicious code to get the server to divulge information
it normally wouldn’t. This is especially problematic if the
server stores private customer information from the
website, such as credit card numbers, usernames and
passwords (credentials), or other personally identifiable
information, which are tempting and lucrative targets
for an attacker.
- How can it be provented?
- You can prevent a trojan horse by only
dowloading 100% safe softwere from a
trusted/protected source.which
includes all files downloaded from
peer-to-peer programs or websites. But
this is rarely possible in today's
interconnected world, so a few more
specific security measures are called
for.
- Make sure all your
softwere is up to
date. Especialy your
antivirus and fire
wall
- Update your operating
system, browsers, and
plugins.
- Use firewall, antivirus, anti-malware, and anti-exploit technology
- Use firewall, antivirus, anti-malware, and anti-exploit technology
- Update your operating
system, browsers, and
plugins.
- use a
brand-name
antivirus
software
- Update your
operating system,
browsers, and plugins.
- Remove software you don’t use
- Read emails with an eagle eye.
- Do not call fake tech support numbers.
- Use strong passwords and/or
password managers also Log out
of websites after you’re done.
- Make sure you’re on a secure connection.
- Anti-Malware Software
- Anti malware software protects against
infections caused by many types of malware,
including viruses, worms, Trojan horses,
rootkits, spyware, keyloggers, ransomware
and adware
- Anti malware software protects against
infections caused by many types of malware,
including viruses, worms, Trojan horses,
rootkits, spyware, keyloggers, ransomware
and adware
- Firewall
- It is a network security system that
monitors and controles incoming and
outgoing network traffic.
- It is a network security system that
monitors and controles incoming and
outgoing network traffic.
- User Access Levels
- Part of an access control procedure for computer
systems, which allows a system administrator to
set up a hierarchy of users. So, the low level
users can access only a limited set of
information, whereas the highest level users can
access the most sensitive data on the system
- Part of an access control procedure for computer
systems, which allows a system administrator to
set up a hierarchy of users. So, the low level
users can access only a limited set of
information, whereas the highest level users can
access the most sensitive data on the system
- Password Strength Checker
- A passwork checker checks how strong a
password is.The password strengh meter checks
for sequenses of characters being such as 12345
or 67890.It also makes sure you use a
combination of symbols,numbers and letters the
stronger the password the better.
- A passwork checker checks how strong a
password is.The password strengh meter checks
for sequenses of characters being such as 12345
or 67890.It also makes sure you use a
combination of symbols,numbers and letters the
stronger the password the better.
- Data Encryption
- The Data Encryption Standard is a
symmetric-key algorithm for the
encryption of electronic data
- The Data Encryption Standard is a
symmetric-key algorithm for the
encryption of electronic data
- penetration test
- A penetration test, colloquially known as a pen
test, is an authorized simulated attack on a
computer system, performed to evaluate the
security of the system.
- A penetration test, colloquially known as a pen
test, is an authorized simulated attack on a
computer system, performed to evaluate the
security of the system.
- Network Forensics
- Database forensics is a branch of
digital forensic science relating to the
forensic study of databases and their
related metadata. The discipline is
similar to computer forensics,
following the normal forensic process
and applying investigative techniques
to database contents and metadata.
- Database forensics is a branch of
digital forensic science relating to the
forensic study of databases and their
related metadata. The discipline is
similar to computer forensics,
following the normal forensic process
and applying investigative techniques
to database contents and metadata.
- Network Security Policies
- A network security policy, or NSP, is a generic
document that outlines rules for computer network
access, determines how policies are enforced and
lays out some of the basic architecture of the
company security/ network security environment.
The document itself is usually several pages long
and written by a committee.
- A network security policy, or NSP, is a generic
document that outlines rules for computer network
access, determines how policies are enforced and
lays out some of the basic architecture of the
company security/ network security environment.
The document itself is usually several pages long
and written by a committee.
- You can prevent a trojan horse by only
dowloading 100% safe softwere from a
trusted/protected source.which
includes all files downloaded from
peer-to-peer programs or websites. But
this is rarely possible in today's
interconnected world, so a few more
specific security measures are called
for.
Want to create your own Mind Maps for free with GoConqr? Learn more.