System security

  • Created by: BeatmanHD
  • Created on: 14-02-18 15:53
View mindmap
  • System security
    • Malware
      • software which is specifically designed to disrupt, damage, or gain authorized access to a computer system.
      • Phishing
        • the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers
          • denial  of service attacks
            • A denial-of-service (DoS) is any type of attack where the attackers (hackers) attempt to prevent legitimate users from accessing the service. In a DoS attack, the attacker usually sends excessive messages asking the network or server to authenticate requests that have invalid return addresses.
              • SQL injection
                • is a computer attack in which malicious code is embedded in a poorly-designed application and then passed to the backend database. The malicious data then produces database query results or actions that should never have been executed.
      • Brute force attacks
        • A brute force attack is a trial-and-error method used to obtain information such as a user password or personal identification number (PIN). ... Brute force attacks may be used by criminals to crack encrypted data, or by security analysts to test an organization's network security.
          • Data interception and theft
            • Data theft is the act of stealing computer-based information from an unknowing victim with the intent of compromising privacy or obtaining confidential information.
              • Poor network policy
                • A network security policy, or NSP, is a generic document that outlines rules for computer network access, determines how policies are enforced and lays out some of the basic architecture of the company security/ network security environment. The document itself is usually several pages long and written by a committee.
    • Penetration testing
      • Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit.
        • Anti-Malware software
          • Antimalware software protects against infections caused by many types of malware, including all types of viruses, as well as rootkits, ransomware and spyware. Antimalware software can be installed on an individual computing device, gateway server or dedicated network appliance.
            • Firewalls
              • A firewall is a system designed to prevent unauthorized access to or from a private network. You can implement a firewall in either hardware or software form, or a combination of both. Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets.
      • Network forensics
        • Network forensics is a sub-branch of digitalforensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection. Unlike other areas of digital forensics,network investigations deal with volatile and dynamic information.
          • Passwords
            • A password is a string of characters used to verify the identity of a user during the authentication process. Passwords are typically used in conjuncture with a username; they are designed to be known only to the user and allow that user to gain access to a device, application or website.
      • Network Policies
        • A network security policy, or NSP, is a generic document that outlines rules for computer network access, determines how policies are enforced and lays out some of the basic architecture of the company security/ network security environment.
          • Encryption
            • The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text ; encrypted data is referred to as cipher text.
    • Threats
    • Preventions

Comments

No comments have yet been made

Similar Computing resources:

See all Computing resources »See all Computer systems resources »