GCSE Computing - Systems Security

View mindmap
  • System Security
    • Malware
      • It is short fro malicious software.
      • Types of Malware
        • Virus - A program hidden within another program, designed to cause damage to file systems.
        • Worm - A malicious program that acts independently and can replicate itself.
        • Trojan - Installed by another user thinking it is a legitimate piece of software when it will actually cause damage.
        • Spyware - Secretly passes information on to criminals without the user knowing. It is packaged with free software.
        • Adware - Displays targeted advertising and directs search requests without permission.
        • Ransomware - Limits or denies a user access to their system until a ransom is paid to unlock it.
        • Pharming - The redirecting of a user's website to a fraudulent site without their permission.
    • Types of Attacks
      • Phising - This is when a criminal sends you a message from somebody else trying to access your information and passwords.
        • Signs of Phishing - Urgency, careless use of language, impersonal, fake links, Attachments.
      • Spear Phishing - this is targeted phishing.
      • Brute Force Attacks - This is a trail and error method of cracking a password. This is where a known email or username is used to crack a password.
      • DoS - This is designed to make a network come to a halt by bombarding it with useless requests.This causes the service to go offline.
      • Data Interception and Theft - Packets that travel can be intercepted and rebuilt by people.
      • SQL Injection - Some criminals write SQL code which bypasses log in pages.
    • Network Policies
      • A poorly managed network will allow many attacks.
      • Physical security: keep doors locked, CCTV, bio metric scanners.
      • User security: network access levels, good passwords.
      • Encryption
        • This is carried out using a cipher.
        • A public key is something that anybody has access to. It is used to decode an encrypted message.
        • A private key is a unique key that is never shared.
      • Polocies
        • Acceptable Use Policy - This is a set of rules or guidelines that tell the user what they must and must not do before logging into the system.
    • Firewalls
      • These prevent any unauthorised access to a machine from the internet.
    • Network Forensics
      • This is the recording, monitoring and analysis of a network.
      • Lets the administrator see any unusual activity.
    • Penetration Testing
      • This is where a network is destructively tested for any weaknesses or vulnerabilities.
      • Some companies hire people to hack their systems to find weaknesses.


No comments have yet been made

Similar Computing resources:

See all Computing resources »See all Computer systems resources »