Page 207 - Computer_Science_F5
P. 207

Computer Science  (ii) Technical security networks  accessing a network without receiving
                                                     permission.  Among the causes of
           Technical security controls protect the
           information transmitted over the network,  unauthorised access attacks are
           ensuring both incoming and outgoing data  weak passwords, lacking protection
           is safeguarded. This protection is twofold:  against social engineering, previously
           (d) Importance of network securityREADING ONLY
           it defends information and devices from  compromised accounts, and insider
           unauthorised access, while also preventing  threats.
           unauthorised actions from within the
           organisation’s workforce.                 (ii) Distributed Denial of Service attacks
                                                     Distributed  Denial  of Service  (DDoS)
           (iii) Administrative network security     attacks is the network-based attempts to

           Administrative network security controls  make a website, a service, or a complete
           manage end-user behavior, encompassing  infrastructure  unavailable,  typically  by
           authentication, access levels, and        simultaneously attacking a victim from
           the implementation of infrastructure      several compromised systems.
           reforms by an organization’s IT staff.
           Administrative security involves the      (iii) Man-in-the middle attacks
           establishment of various security policies   A man-in-the middle  attack involves
           and processes to ensure its effectiveness.
                                                     attackers  intercepting  traffic  between
          FOR ONLINE
                                                     your network  and  external  sites  or
                                                     within your network. If communication
           The following are some of the importance   protocols  are  not  secured,  attackers
           of network security:                      find a way to evade that security; they
            (i)  It helps to reduce the risk of data   can  steal  data  transmitted,  obtain  user
                loss, theft, and sabotage,           credentials, and hijack their sessions.
            (ii)  It helps to protect client data,
            (iii) It helps to protect your workstation  (iv) Code and SQL injection attacks
                from harmful spyware,                 Many websites accept user inputs and
            (iv)  It ensures that shared data is kept  fail to validate and sanitise those inputs.
                secure.                              Attackers  can  then  fill  out  a  form  or
                                                     make an  Application Programming
           (e) Types of threats that can             Interface  (API) call,  passing malicious
                compromise network security          code instead of the expected data values.

           The following  are  common threats        The code is executed on the server and
           that attackers can use to penetrate your   allows attackers to compromise it.
           network:
                                                     (v) Privilege escalation

           (i) Unauthorised access                    Once attackers penetrate your network,
           Unauthorised access refers to attackers   they can use privilege  escalation  to

                                                 198
                                                                for Advanced Secondary Schools



     Computer Science Form 5.indd   198                                                     23/07/2024   12:33
   202   203   204   205   206   207   208   209   210   211   212