1.4.1 Threats to Computer Systems and Networks Flashcards

1
Q

What is Malware?

A

Stands for “Malicious Software”

Created by a human to cause damage to a computer’s software including programs and files. Also used for unauthorised access by a hacker.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are some examples of Malware?

A
  • Virus
  • Worm
  • Trojan horse
  • Ransomware
  • Spyware
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a Virus?

A
  • Attached to a file/email and sent to target computer.
  • It can replicate itself and spread system to system by attaching itself to other files.
  • Virus only starts when activated by a human.
  • Once active it can cause damage to computer software or files.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is an example of a famous Virus?

A

A famous example is Storm Bot(2006) using enticing headlines to persuade people to click a link.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a worm?

A
  • Replicates itself and spreads from system to system by finding weaknesses in software and networks
  • A worm doesn’t need to attach itself to files or be activated by a human.
  • They spread very quickly across a network once it has infiltrated
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is an example of a famous Worm?

A

A famous example is Nimda (2001) spreading across various weakness, it spread very quickly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a Trojan Horse?

A
  • Looks like legitimate software so people are tricked into downloading it
  • Can give a hacker backdoor access to the system
  • Does not replicate itself or infect other files.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is an example of a famous Trojan Horse?

A

A famous example is Zeus (2007), used to steal banking information and more.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Spyware?

A

Secretly records the activities of the user and all information is passed back to hacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is Keylogger

A

Secretly records the key presses of a user and all information is passed back to hacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Ransomware?

A

Locks files on a computer using encryption then demands money from victim to decrypt files, usually bitcoin as it is hard to trace

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is an SQL Injection?

A
  • A SQL injection is where a malicious SQL command is entered into a data input box on a website
  • If the website is insecure then the SQL command can trick the website into giving unauthorised access to the database.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a DoS?

A
  • A denial of service attack is used to cause a website or server to overload and crash.
  • This happens by flooding the website or server with rapidly repeating requests.
  • This causes the website/server to overload, slow down and potentially be taken offline.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a DDoS?

A
  • A distributed denial of service attack uses a botnet of infected systems to overload a server/website.
  • A botnet is a large group of devices controlled by the hacker.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a Brute Force Attack?

A
  • A hacker will use a computer program to test every possible combination of a password in order from start to finish.
  • This method can be sped up by using multiple computers at the same time.
  • Eventually the hacker will break in and gain unauthorised access.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Social Engineering?

A
  • Used to trick users into breaking normal security systems and relies on human interaction.
  • Humans are the weakest link in a system.
17
Q

What are some examples of Social Engineering?

A
  • Phishing
  • Blagging
  • Data interception
18
Q

What is Phishing?

A
  • Designed to gain sensitive information such as usernames, passwords and card details
  • Most common form is emails.
  • Just like fishing in real life “bait” is used to entice victims.
19
Q

What are some examples to look out for in a phishing email?

A
  • Informal greeting - they should know your name
  • Grammar errors and misspelled words
  • Email addresses and domain names don’t’ match
  • Unusual content or request (usually money or login credentials)
  • A sense of urgency
20
Q

What is Blagging?

A
  • Act of knowingly disclosing personal data or information without the consent of the owner of the data
  • To prevent blagging the company needs to provide security training so employees don’t fall for this trick.
21
Q

What is Human Error?

A
  • Weak passwords/using the same password for all accounts
  • Not keeping private information locked away
  • Losing/stolen personal devices and - USB drives that contain private information
  • Unknowingly downloading malware or falling for a phishing scam
22
Q

What is Data Interception?

A

As data travels to its destination it can be intercepted through various means:
- Physically eg
- Stealing hard drives and other external hardware
- Connecting a wire to an established network

  • Through wireless networks
    • If data is not encrypted, it can be read