Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CSY3062 - Cybersecurity and Applied Cryptography > 1. Cybersecurity > Flashcards

1. Cybersecurity Flashcards

1
Q

What is cybersecurity?

A

Cybersecurity is a wide-ranging term that embraces all aspects of ensuring the protection of citizens, businesses and critical infrastructures from threats that arise from their use of computers and the internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the scope of cybersecurity?

A
  • Techniques of threat and attack mitigation and analysis.
  • Protection and recovery technologies, processes and procedures for individuals, businesses and government.
  • Policies, laws and regulations relevant to the use of computers and the Internet.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Why is cybersecurity a socio-technical systems problem?

A

Cybersecurity is a socio-technical systems problem because problems almost always stem from a mix of technical, human and organisational causes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a cyber attack?

A

A cyber attack is a malicious attempt to cause loss or damage to an individual, business or public body.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a cyber accident?

A

A cyber accident is an accidental event that causes loss or damage to an individual, business or public body.

Sometimes, protecting against cyber attacks can increase the chance of a cyber accident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is an insider attack?

A

An insider attack is an attack to an organisation that is carried out by someone who is inside that organisation.

They are difficult to counter using technical methods as the insider may have valid credentials to access the system attacked.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is an external attack?

A

An external attack is an attack to an organisation, carried out by an external agent. These attacks typically require either valid credentials or the exploitation of some vulnerability to gain access to systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the 5 classes of cyber attack?

A
  • Cyber-fraud
  • Cyber-spying
  • Cyber-stalking, cyber-bullying etc
  • Cyber-assault
  • Cyber-warfare
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is cyber fraud?

A

Cyber fraud is a type of cyber attack where the main aim is to gain monetary or related gains for the perpetrator.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is cyber spying?

A

Cyber spying is a type of cyber attack where the main aim is to gain information for the perpetrator. Cyber spying can be related to cyber fraud as one aim might be to sell the information gained.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is cyber stalking?

A

Cyber stalking is a type of cyber attack which is designed to intimidate individuals rather than businesses or governments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is cyber assault?

A

Cyber assault is a type of cyber attack where the main aim is to cause damage to information or equipment that is being attacked. Damage caused may be physical damage to equipment, reputational damage, psychological damage to individuals (cyber bullying or cyber stalking) or damage to information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is cyber warfare?

A

Cyber warfare is an extreme form of cyber assault where at least one of the parties involved is a nation state.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Why has the cybersecurity problem risen?

A

Businesses have focused on connectivity rather than security as the Internet has been able to cut costs, improve productivity and open new opportunities. Security is inconvient and slows down transactions. Businesses have prioritied convenience over security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Give 3 internet vulnerability examples.

A
  • Unencrypted traffic - packets can be intercepted and examined by an attacker.
  • DNS System - Possible to divert traffic from legitimate to malicious addresses.
  • Mail protocol - No charging mechanism therefore spam is possible.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the 4 risk clarifications?

A
  • Risks due to actions of people
  • Risks due to hardware or software
  • Risks due to organisational process
  • Risks due to external events, weather etc.
17
Q

How can the actions of people cause cybersecurity issues?

A

People may:

  • Delibrately or accidentally expose credentials to attackers.
  • Fail to maintain and secure personal devices
  • Be an insider and corrupt / steal data.
  • Prefer convenience and usability over security (e.g. weak passwords)
18
Q

How can hardware and software cause cybersecurity issues?

A

Hardware and software may have:

  • Misconfigured firewalls and mail filters.
  • Programming errors leading to vulnerabilities.
  • Inadequate server or router capacity, leading to failure in the case of a DoS attack.
19
Q

How can organisational process cause cybersecurity issues?

A

Organisational process may have:

  • No established process and checks for updating and patching software.
  • Lack of security auditing.
  • Lack of systematic backup processes.
20
Q

What is the suggested mitigation for cybersecurity attacks?

A

The following can be done:

  • MFA (Multi-factor authentication)
  • Password Hashing
  • Implement Access Control
  • Implementing Cryptography
  • User Training
  • Updating / Patching OS
  • Backing up important data
21
Q

What are the challenges in defending against cyber attacks?

A

Challenges can include:

  • The speed of attacks
  • Greater sophistication of attacks
  • Simplicity of attack tools
  • Quicker detection of vulnerabilities (0-day)
  • Delays in patching product
  • Distributed attacks
  • User confusion
22
Q

Who are the attackers that perform cyber attacks?

A

The attackers can be divided into several categories:

  • Hackers
  • Spies
  • Employees
  • Cyber criminals
  • Cyber terrorists
23
Q

What is the definiton of a hacker?

A

A hacker is anyone who illegally breaks into or attempts to break into a computer system, usually with advanced computing skills.

24
Q

What is a spy in the context of cybersecurity?

A

A spy is a person who has been hired to break into a computer and steal information. They do not randomly search for unsecured systems but instead have been instructed to attack a specific system.

Their goal is to break into the system and take information without being caught.

25
Q

Why might an employee inside a company attack their own company?

A

Reasons for attacks by employees:

  • Show company weakness in security.
  • Retaliation
  • Money
  • Blackmail
  • Carelessness
26
Q

What is a cyber criminal?

A

A cyber criminal is usually part of a network of attackers, indentity thevies and fraudsters motivated by money.

They usually steal information for financial gain.

27
Q

What is a cyber terrorist?

A

A cyber terrorist is an attacker where they are motivated by ideology.

28
Q

What are the 5 steps of an attack?

A

The 5 basic steps of an attack are:

  • Probe for information
  • Penetrate any defences
  • Modify security settings
  • Circulate to other systems
  • Paralyse network and devices
29
Q

What defences can be implemented against cyber attacks?

A

Systems can have the following implemented to make them more robust and resilient to cyber attacks:

  • Layering
  • Limiting
  • Diversity
  • Obscurity
  • Simplicity
30
Q
A

CSY3062 - Cybersecurity and Applied Cryptography (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions