Copyright Goodheart-Willcox Co., Inc. 487 Chapter 15 Network Security Summary Hacking ■ A hacker is a computer enthusiast who experiments with systems to learn about them. ■ Th ere are three types of hackers: white-hat, black-hat, and gray-hat. Common Network Security Breaches ■ Authentication is the procedure of verifying a user’s identity. ■ Encryption is a method of using an algorithm to encode data. ■ An unprotected network share establishes a possible entry point for an attack from outside a network. ■ Social engineering is an activity that uses personal skills rather than techni- cal knowledge to gain access to a network or secure area. ■ Zeroconf outlines recommendations for designing a device that automati- cally detects other devices on the same network. ■ A Denial of Service (DoS) attack overloads a server to the point of it crashing. ■ Man in the middle is a method of intercepting a network transmission. ■ Spoofi ng is fooling the destination by using an IP address other than the true IP address of a source to gain access to a system. ■ Malware is a term given to software programs intended to damage, destroy, or steal data. ■ Malware comes in many forms including Trojan horses, viruses, worms, ransomware, and logic bombs. ■ DNS poisoning occurs when an attacker tries to get fake entries into the target’s DNS server. ■ An evil twin is a rogue wireless access point that is confi gured so it has the same MAC address as one of the existing legitimate access points. ■ A deauthentication, or deassociation, attack causes the client to deauthenti- cate from a reliable source. ■ In a phishing attack, an e-mail is sent that appears to be from a legitimate enterprise in an attempt to solicit personal information. ■ Insider threats are perhaps the most critical threat. Intrusion Detection and Intrusion Prevention Systems ■ An intrusion detection system (IDS) and intrusion prevention system (IPS) are designed to monitor host and network systems for unauthorized activity. Security Methods and Protocols ■ Th ere are two main types of key encryption methods: symmetric-key encryp- tion and asymmetric-key encryption. ■ A key is a software code used to encode or decode data. ■ A symmetric key is a key classifi cation that uses the same key to encrypt and decrypt data.