The Importance of Network Security (Edexcel GCSE Computer Science)
Revision Note
Written by: Robert Hampton
Reviewed by: James Woodhouse
What is network security?
Network security is any activity designed to protect a network and it's data from internal and external threats
A network vulnerability is a weakness that can be exploited by a criminal to gain unauthorised access to information or resources
Identifying Network Vulnerabilities
What are common network vulnerabilities?
Examples of common network vulnerabilities are:
Weak passwords
Outdated software
Malware
Poorly configured firewalls
Weak passwords
A week password is a password with less than 8-12 characters and does not contain a combination of:
Upper case characters
Lower case characters
Numbers
Special characters (*, #. ! etc.)
Predictable patterns make a weak password, for example, using birthdays, names and/or keyboard patterns (qwerty)
Weak passwords can lead to hackers deploying brute force attacks, which can lead to:
Data theft
Access to private information
Further attacks
Outdated software
Outdated software is software that has not been patched or updated regularly
Outdated software can lead to hackers exploiting vulnerabilities in source code
Malware
Malware is malicious software designed to cause harm to a network or computer system
Examples of issues that malware can cause are:
File deletion/corruption
Use system resources - slow down performance/internet
Logging key strokes
Poorly configured firewalls
A firewall is designed to monitor incoming and outgoing traffic from a network
A poorly configured firewall can lead to malicious software getting in or cause it to spread
Penetration Testing & Ethical Hacking
What is penetration testing?
Penetration testing is the process of attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access
A company will employ penetration testers to test a networks security and use any information gained to to fix any issues that are found
There are two main types of penetration testing:
Internal (white-box)
External (black-box)
Internal (white-box)
When the person or team testing the system has knowledge of and possibly basic credentials for the target system, simulating an attack from inside the system
External (black-box)
When the person or team testing the system has no knowledge of any credentials for the target system, simulating an attack from outside the system
What is ethical hacking?
Ethical hacking is attempting to gain unauthorised access to a network or computer system with the intention of helping to fix any vulnerabilities
Ethical hackers have permission from the system owner
There are 3 categories of hackers:
White-hat hackers | Grey-hat hackers | Black-hat hackers |
---|---|---|
|
|
|
Last updated:
You've read 0 of your 5 free revision notes this week
Sign up now. It’s free!
Did this page help you?