1.4 New

Question 1

Malware

Answer 1

term for any software that has been created with malicious intent to cause harm to a computer system

Question 2

examples of issues caused by malware

Answer 2

-files being deleted, corrupted or encrypted
-internet connection becoming slow or unusable
-computer crashing or shutting down

Question 3

what are the types of malware

Answer 3

-virus
-worms
-trojan
-spyware
-ransomware

Question 4

virus

Answer 4

a program which can replicate itself on a user’s computer. It contains code that will cause unwanted and unexpected events to occur

Question 5

examples of what a virus can do

Answer 5

-corrupt files
-delete data
-prevent applications from running correctly

Question 6

worms

Answer 6

similar to viruses except they will spread to other drives and computers on the network

Question 7

how can worms infect other computers

Answer 7

-infected websites
-instant message services
-email
-network connection

Question 8

trojan

Answer 8

disguise themselves as legitimate software but contain malicious code in the background

Question 9

spyware

Answer 9

software which will allow a person to spy on the user’s activities on their devices

Question 10

examples of what spyware can do

Answer 10

-record your screen
-log your keystrokes to gain access to passwords and more

Question 11

how does one download spyware

Answer 11

embedded into other software like games or programs that have been downloaded from illegitimate sources

Question 12

ransomware

Answer 12

-malware that locks your computer or device and encrypts your documents and other important files
-a demand in made for money to receive the password that will allow the user to the files
-no guarantee paying ransom will result in user getting data back

Question 13

social engineering

Answer 13

exploiting weaknesses in a computer system by targeting the people that use or have access to them

Question 14

examples of social engineering

Answer 14

-fraudulent phone calls
-phishing
-pretexting

Question 15

phishing

Answer 15

-sending fraudulent emails to a large number of email addresses claiming to be from a reputable company to try gain access to details, often by coaxing the user to click on a login button

Question 16

examples of human errors in computer systems

Answer 16

-not locking doors to computer/server rooms
-not logging their device when they are not using it
-sharing passwords
-not encrypting data
-not keeping operating systems or anti-malware software up to date

Question 17

brute force attack

Answer 17

attacker repeatedly tries multiple combinations of a user’s password to try and gain unauthorised access to their accounts or devices

Question 18

dictionary attack

Answer 18

trying popular words or phrases for passwords to guess the password quickly

Question 19

DoS attack

Answer 19

-occurs when an attacker repeatedly sends requests to a server to flood the server with traffic, causing it to overload the system
-server slows down until it becomes unusable

Question 20

larger scale of DoS attack

Answer 20

-Distributed Denial of Service
-multiple devices in a coordinated attack

Question 21

botnet

Answer 21

numerous internet-connected devices that have been infected with malware and can be controlled remotely by an attacker

Question 22

purpose of a DoS attack

Answer 22

-prevents customers from accessing or using a service
-results in companies losing money
-damage to a company’s reputation

Question 23

data interception and theft

Answer 23

-when thieves compromise usernames and passwords and other sensitive data
-using packet sniffer, which can collect data that is being transferred on a network
-gain unauthorised access to websites, companies and more

Question 24

SQL

Answer 24

language to create, access and manipulate a database

Question 25

SQL injection

Answer 25

-entering an SQL command into a web text field to manipulate the query -to insert, modify, delete or gain unauthorised access to the database

Question 26

penetration testing

Answer 26

-method or preventing vulnerabilities where a company employs people to try and hack their network and databases -allows hackers to point out the parts of the system that are vulnerable -company uses this information to fix the issues that are found

Question 27

what does penetration testing protect against

Answer 27

SQL injection

Question 28

anti-malware

Answer 28

term to describe a combination of different software to prevent computers from being susceptible to viruses and other malicious software

Question 29

types of anti-malware

Answer 29

-anti-virus -anti-spam -anti-spyware

Question 30

how does anti-malware work

Answer 30

-scans through email attachment, websites and downloaded files to search for issues -has a known list of malware signatures to block immediately if they try to access -perform checks for updates to ensure database of known issues are up to date

Question 31

what does anti-malware protect against

Answer 31

any form of malicious software

Question 32

firewall

Answer 32

barrier between a network and the internet

Question 33

what does a firewall do

Answer 33

prevents unwanted traffic from entering a network by filtering requests to ensure they are legitimate

Question 34

hardware firewall

Answer 34

-protect the whole network and prevent unauthorised traffic

Question 34

software firewall

Answer 34

protect the individual devices on the network. monitoring the data going to and from each computer

Question 35

what does a firewall protect against

Answer 35

-hackers -malware -unauthorised access to a network -DoS/DDoS attacks

Question 36

user access levels

Answer 36

-ensure users of a network have designated roles on a network

Question 37

password

Answer 37

digital lock to prevent unauthorised access to an account -stores as an encrypted text entry in a database, ensuring even with unauthorised access to a database, a hacker would not be able to gain access to individual passwords of users

Question 38

what forms of attacks does user access levels and passwords prevent

Answer 38

-data interception and theft -physical security issues -SQL injections

Question 39

encyrption

Answer 39

-method of converting plain text into ciphered text to be stored

Question 40

what forms of attacks does encryption prevent

Answer 40

all forms of attack on a network -does not prevent attack from occurring but stops attacker from gaining access to the information

Question 41

physical security

Answer 41

method of physically preventing access to any pat of a network

Question 42

examples of physical security measures

Answer 42

-locked doors: prevents access to server rooms and switches -biometrics -surveillance cameras

Question 43

what form of attacks to physical security prevent

Answer 43

-data interception and theft -social engineering

Question 44

chart

Answer 44

https://www.savemyexams.com/gcse/computer-science/ocr/22/revision-notes/4-network-security/identifying-and-preventing-threats-to-computer-systems-and-networks/methods-of-preventing-a-network-attack/

Question 46

Why should someone use encryption

Answer 46

-data cannot be understood -personal information can be stolen -follow legilsation