WEILAI Online Academic assistant
WEILAI Online Academic assistant
Back to 课程

Computer Science GCES OCR

0% Complete
0/0 Steps
  1. Cpu Architecture Performance And Embedded Systems Ocr
    5 主题
  2. Primary And Secondary Storage Ocr
    6 主题
  3. Data Storage And Compression Ocr
    12 主题
  4. Networks And Topologies Ocr
    6 主题
  5. Wired And Wireless Networks Protocols And Layers Ocr
    6 主题
  6. Identifying And Preventing Threats To Computer Systems And Networks Ocr
    2 主题
  7. Operating Systems And Utility Software Ocr
    2 主题
  8. Ethical Legal Cultural And Environmental Impact Ocr
    2 主题
  9. Computational Thinking Searching And Sorting Algorithms Ocr
    3 主题
  10. Designing Creating And Refining Algorithms Ocr
    5 主题
  11. Programming Fundamentals And Data Types Ocr
    5 主题
  12. Additional Programming Techniques Ocr
    7 主题
  13. Defensive Design And Testing Ocr
    6 主题
  14. Boolean Logic Diagrams Ocr
    2 主题
  15. Programming Languages And Integrated Development Environments Ides Ocr
    3 主题
  16. The Exam Papers Ocr
    2 主题
  17. Structuring Your Responses Ocr
    3 主题
课 Progress
0% Complete

Exam code:J277

Forms of attack on a network

  • Computers face a variety of forms of attack and they can cause a large number of issues for a network

  • The main threats posed to a network to know about are

    • Malware

    • Social engineering

    • Brute-force attacks

    • Denial of service attacks

    • Data interception & theft

    • SQL injection

Malware

What is malware?

  • Malware (malicious software) is the term used for any software that has been created with malicious intent to cause harm to a computer system

  • Examples of issues caused by malware include

    • Files being deleted, corrupted or encrypted

    • Internet connection becoming slow or unusable

    • Computer crashing or shutting down 

  • There are various types of malware and each has slightly different issues which they cause

Malware

What it Does

Virus

  • A program which can replicate itself on a user’s computer. It contains code that will cause unwanted and unexpected events to occur

  • Examples of issues a user may experience are

    • Corrupt files

    • Delete data

    • Prevent applications from running correctly

Worms

  • Worms are very similar to viruses, with the main difference being that they will spread to other drives and computers on the network

  • Worms can infect other computers from

    • Infected websites

    • Instant message services

    • Email

    • Network connection

Trojan

  • Sometimes also called a Trojan Horse

  • Trojans disguise themselves as legitimate software but contain malicious code in the background 

Spyware

  • Software which will allow a person to spy on the users’ activities on their devices

  • This form of software will be embedded into other software such as games or programs that have been downloaded from illegitimate sources

  • Spyware can record your screen, log your keystrokes to gain access to passwords and more

Ransomware

  • A form of malware that locks your computer or device and encrypts your documents and other important files

  • Often a demand is made for money to receive the password that will allow the user to decrypt the files

  • There is no guarantee paying the ransom will result in the user getting their data back

Social Engineering

What is social engineering?

  • Social engineering is exploiting weaknesses in a computer system by targeting the people that use or have access to them

  • There are many forms of social engineering, some examples include

    • Fraudulent phone calls: pretending to be someone else to gain access to their account or their details

    • Phishing: Sending fraudulent emails to a large number of email addresses, claiming to be from a reputable company or trusted source to try and gain access to your details, often by coaxing the user to click on a login button

    • Pretexting: A scammer will send a fake text message, pretending to be from the government or human resources of a company, this scam is used to trick an individual into giving out confidential data

  • People are seen as the weak point in a system because human errors can lead to significant issues, some of which include

    • Not locking doors to computer/server rooms

    • Not logging their device when they’re not using it

    • Sharing passwords

    • Not encrypting data

    • Not keeping operating systems or anti-malware software up to date

Brute-Force Attacks

What is a brute-force attack?

  • A brute force attack works by an attacker repeatedly trying multiple combinations of a user’s password to try and gain unauthorised access to their accounts or devices

  • An example of this attack would be an attacker finding out the length of a PIN code, for example, 4-digits

  • They would then try each possible combination until the pin was cracked, for example

    • 0000

    • 0001

    • 0002

  • A second form of this attack, commonly used for passwords is a dictionary attack

  • This method tries popular words or phrases for passwords to guess the password as quickly as possible

  • Popular words and phrases such as ‘password‘, ‘1234‘ and ‘qwerty‘ will be checked extremely quickly.

Denial of Service Attacks

What is a denial of service attack?

  • A Denial of Service Attack (DoS attack) occurs when an attacker repeatedly sends requests to a server to flood the server with traffic, causing it to overload the system

  • The server will slow down to the point of becoming unusable 

  • There is also a larger-scale version of this known as a Distributed Denial of Service (DDoS) attack

  • This works in a s similar way to a DoS attack, with the main difference being that the traffic comes from multiple distributed devices in a coordinated attack on a single server/network

  • A network of compromised devices, called a botnet can be used to facilitate a DDoS attack

    • A botnet consists of numerous internet-connected devices, that have been infected with malware and can be controlled remotely by an attacker

What is the purpose of a DoS attack?

  • A DoS attack will prevent customers from accessing or using a service

  • This will result in companies losing money and not being able to carry out their daily duties

  • A DoS attack can cause damage to a company’s reputation

Data Interception & Theft

What is data interception & theft?

  • Data interception and theft is when thieves or hackers can compromise usernames and passwords as well as other sensitive data

  • This is done by using devices such as a packet sniffer

  • A packet sniffer will be able to collect the data that is being transferred on a network

  • A thief can use this data to gain unauthorised access to websites, companies and more 

SQL Injection

What is SQL?

  • Structured Query Language (SQL) is a language used to create, access and manipulate a database

What is SQL injection?

  • SQL injection is entering an SQL command into a web text field to manipulate the SQL query

  • The goal is to insert, modify or delete data from the database

  • An example of SQL injection would be a user typing in a query such as

    • SELECT UserId, Name, Password FROM Users WHERE UserId = 100 or 1=1;

    • This would return all of the User IDs, Names and passwords because 1 is always equal to 1

Responses

您的邮箱地址不会被公开。 必填项已用 * 标注