07 - Cyber Security

Question 1

define cybersecurity

Answer 1

processes or technologies designed to protect networks/computers or programs from attack, damage, or unauthorised access

Question 2

what is a brute force attack (passwords)

Answer 2

guessing the password manually until you get access

Question 3

why is social engineering preferred by cyber criminals compared to hacking a system?

Answer 3

as it is easier, and people are the ‘weakest’ link

Question 4

define a cyber threat

Answer 4

any threat to a computer system from an internet source

Question 5

define hacktivism

Answer 5

the act of hacking or breaking into a computer system for politically or socially motivated purposes

Question 6

what is the aim of hacktivists?

Answer 6

• to promote their view of thinking/cause

- to challenge organisations/companies who are against their pov

Question 7

define social engineering

Answer 7

the art of manipulating individuals to break security procedures to give information away

Question 8

what is blagging?

Answer 8

creating an invented scenario to engage targeted victim to directly give away information (passwords)

Question 9

give an example of blagging

Answer 9

an employee is called and asked for login details and password to fix a security bug, they give it away, system is hacked

Question 10

what is phishing?

Answer 10

sending emails (pretending to be a genuine company), to gain personal details

Question 11

what are signs of a phishing email?

Answer 11

• spelling errors/ bad grammar
• informal writing
• impersonal (dear customer)
• deadline (if you don’t do this then account closes)
• email is unrealistic

Question 12

what is pharming?

Answer 12

when your computer has been infected so it changes valid hyperlinks to malicious websites

Question 13

how can you be directed to a pharming website?

Answer 13

• modifying certain files

- hacking domain name server

Question 14

what is shouldering?

Answer 14

direct observation of a user entering their security details (passwords/pins)

Question 15

what is another word for shouldering?

Answer 15

shoulder surfing

Question 16

define malware

Answer 16

software that is designed to disrupt or harm a user’s computer

Question 17

what does a virus do?

Answer 17

• self-replicates
• cause damage to computer system by corrupting data
• or using all available memory

Question 18

what does a trojan horse do?

Answer 18

• disguised as harmless file/download
• malware loaded with download
• attack performed once downloaded

Question 19

describe spyware

Answer 19

(computer program)

• gathers data about people without knowledge
• records key pressers on computer (can gather passwords/ usernames)

Question 20

describe adware

Answer 20

• inject adverts to websites/ programs on computer
• aim that the creator would generate advertising revenue
• not usually too bad (but can contain worse malware like viruses and spyware)

Question 21

how do you prevent threats from downloaded software?

Answer 21

• have anti-virus software

- only download from a reputable source

Question 22

what is penetration testing?

Answer 22

finding out whether there are any security vulnerabilities in a network or system by stimulating potential attacks and reporting vulnerabilities

Question 23

which kind of penetration testing has knowledge of the internals of the system?

Answer 23

white box testing

Question 24

what is the role of white box testing?

Answer 24

to stimulate an attack from someone with detailed insider knowledge of the system (rogue employee)

Question 25

what is the aim of black box testing?

Answer 25

go stimulate a full-on cyber warfare attack

Question 26

what kind of penetration testing does not have any knowledge of the system?

Answer 26

black box testing

Question 27

what is black-box testing used to stimulate?

Answer 27

full on cyberwardare attack (flood servers with more requests they can handle)

Question 28

what is a denial of service attack?

Answer 28

flooding the servers with more requests they can handle

Question 29

state examples of biometric authentication

Answer 29

fingerprints, iris scanning, facial recognition,

Question 30

how can an authentication system add extra security?

Answer 30

two-factor authentication

Question 31

what are email confirmations used for?

Answer 31

• ensure person signed up is using a valid email address

- prevent unnecessary strain on the computer’s servers (mass signing up)

Question 32

what is CAPTCHA for?

Answer 32

• stop bots from automatically signing up to a website and overloading the server

Question 33

what is an alternative to penetration testing?

Answer 33

automatic software updates (software is updated every time a new vulnerability is detected) - instead of right at the start

Question 34

what is the point of a virus?

Answer 34

• slow down computer

- consume memory usage

Question 35

what is the aim of spyware?

Answer 35

steal your passwords