Methods of Preventing a Network Attack (OCR GCSE Computer Science)
Revision Note
Written by: James Woodhouse
Reviewed by: Lucy Kirkham
Penetration Testing
What is penetration testing?
Penetration testing is a method of preventing vulnerabilities whereby a company employ people to try and hack their network and databases
This allows the 'hackers' to point out the parts of the system that are vulnerable
The companies then use this information to fix the issues that are found
What form of attack would this help to prevent?
SQL injection
Anti-Malware Software
What is anti-malware software?
Anti-malware software is a term used to describe a combination of different software to prevent computers from being susceptible to viruses and other malicious software
The different software anti-malware includes are
Anti-virus
Anti-spam
Anti-spyware
How does anti-malware work?
Anti-malware scans through email attachments, websites and downloaded files to search for issues
Anti-malware software has a list of known malware signatures to block immediately if they try to access your device in any way
Anti-malware will also perform checks for updates to ensure the database of known issues is up to date
What form of attack would this prevent?
Anti-malware would help prevent against any form of malicious software
Firewalls
What is a firewall?
A firewall is a barrier between a network and the internet
A firewall prevents unwanted traffic from entering a network by filtering requests to ensure they are legitimate
It can be both hardware and software and they are often used together to provide stronger security to a network
Hardware firewalls will protect the whole network and prevent unauthorised traffic
software firewalls will protect the individual devices on the network, monitoring the data going to and from each computer
What form of attack would this prevent?
Hackers
Malware
Unauthorised Access to a Network
DOS/DDOS attacks
User Access Levels & Passwords
What are user access levels?
User access levels ensure users of a network have designated roles on a network
Some examples of different levels of access to a school network include
Administrators: Unrestricted - Can access all areas of the network
Teaching Staff: Partially restricted - Can access all student data but cannot access other staff members' data
Students: Restricted - Can only access their own data and files
What are passwords?
Passwords are a digital lock to prevent unauthorised access to an account
They are often stored as an encrypted/ciphered text entry in a database, ensuring that even with unauthorised access to a database, a hacker would not be able to gain access to the individual passwords of users
What form of attack would this prevent?
Data Interception and Theft
Physical Security Issues
SQL Injection
Encryption
What is encryption?
Encryption is a method of converting plain text into ciphered text to be stored
Encryption uses complex mathematical algorithms to scramble the text
Asymmetric encryption, also known as private key, public key encryption is often used for web pages and other communication
What form of attack would this prevent?
Encryption plays a role in all forms of attack on a network
It is important to note that it does not prevent the attacks from occurring but it does stop the attacker from gaining access to the information
Physical Security
What is physical security?
Physical security is a method of physically preventing access to any part of a network
There are a range of physical security measures that can be implemented on a network
Locked doors: Preventing access to server rooms and cabinets of switches
Biometrics: Fingerprint scanners, facial recognition and retinal scans
Surveillance Cameras: Monitoring the activity around the site where crucial networking hardware is located
What form of attack would this prevent?
Data interception and theft
Social engineering
Summary of attacks a preventative measures
Form of Attack | Preventative Measure |
Malware | Anti-Malware Software |
Social Engineering | User Access Levels & Passwords |
Brute-Force Attacks | User Access Levels & Passwords |
Denial of Service Attacks | Firewalls |
Data Interception & Theft | Encryption |
SQL Injection | Penetration Testing |
Worked Example
A web development company wants to protect their computer systems and data from unauthorised access.
Identify and describe two software-based security methods that the company can use to protect their computer systems and data. [6]
How to answer this question
You should give a security measure for one mark, then describe it for the additional two marks
You must do this for two different security measures to be able to achieve all 6 marks
Answers
Anti-malware
Scans for / identifies virus/spyware/malware
Compares data to a database of malware
Alerts user and requests action
Quarantines/deletes virus/spyware/malware
Stops the download of virus/spyware/malware
Firewall
Scans incoming and outgoing traffic
Compares traffic to a criteria
Blocks traffic that is unauthorised
Blocks incoming/outgoing traffic
Encryption
Scrambles data using an algorithm
So if intercepted it cannot be understood
Key needed to decrypt
User access levels
Data can be read/write/ read-write
Prevents accidental changes
Limits data users can access
Passwords/biometrics/authentication code/fingerprint
Has to be correctly entered to gain access
Strong password // letters, numbers, symbols // fingerprint is unique to individual
Harder/impossible for a brute-force attack to succeed
Lock after set number of failed attempts
Last updated:
You've read 0 of your 5 free revision notes this week
Sign up now. It’s free!
Did this page help you?
