CIS 4110 Chapter Notes - Chapter 1: Sql Injection, Wardriving, Keystroke Logging

Digital (the information that lies on your network) Potential malicious employees lock the door on the server room. Potential hacks, understand who might be attempting to hack you network (a bank has more potential of being hacked by an expert hacker than a small bakery website: find out what vulnerabilities your system has. Identifying types of threats: malware: this is a generic term for software that has a malicious purpose. Trojan horses, worms, logic bombs, adware and spyware. Security breaches: this group of attacks includes any attempts at gaining unauthorized access to a system. Session hijacking: involves an attacker attempting to take over a session. Insider threats: someone who already has access to your network misusing the access to steal or destroy data: dns poisoning: this attack compromises a dns server so that users are redirected to a malicious site. The software could delete some files, alter the configurations or release a virus.