1.9) Security And Data Management

Question 1

Why is network security important?

Answer 1

As loss of data; in particular: personal or confidential data may have serious consequences. Risks to data become > as shared across a network.

Question 2

Why are user access levels important?

Answer 2

Not desirable that all users have access to all data on a computer system. User access levels 1 method to allow certain users to read + or write access to data on a computer system.

Question 3

Why are suitable passwords important?

Answer 3

Commonly used to prove a person’s identity to computer system.

Question 4

What is an encryption?

Answer 4

Conversion of data using an algorithm into a form called cyphertext that cannot be easily understood by people without the decryption key.

Question 5

What algorithm does lossless compression use?

Answer 5

1 that compresses data into a form that may be decompressed at a later time without any loss of data.

Question 6

What is archiving the process of?

Answer 6

Storing data no longer in current or frequent use.

Question 7

Why is the process of archiving used?

Answer 7

To hold data for security, legal or historical reasons.

Question 8

What does the process of archiving data do?

Answer 8

It frees up resources on the main computer system allowing faster access to data that is in use.

Question 9

What does cybersecurity refer to?

Answer 9

Range of measures that can be taken to protect computer systems, networks + data from unauthorised access or cyberattack.

Question 10

What are cyberattacks carried out using?

Answer 10

Various types of malware(malicious software).

Question 11

What are examples of malware?

Answer 11

Viruses.
Worms.
Spyware.
Trojans.

Question 12

What are viruses?

Answer 12

Programs that can replicate themselves + spread from 1 system to another by attaching themselves to host files.

Question 13

What are viruses used for?

Answer 13

Modifying or corrupting information on a targeted computer system.

Question 14

What are worms?

Answer 14

Self-replicating programs that identify vulnerabilities in operating systems + enable remote control of infected computer.

Question 15

What are spyware?

Answer 15

Installed by opening attachments or downloading infected software.

Question 16

What is spyware used for?

Answer 16

Collecting stored data without user’s knowledge.

Question 17

What are trojans?

Answer 17

A program that appears to perform a useful function, but also provides a ‘backdoor’ that enables data to be stolen.

Question 18

What are keyloggers?

Answer 18

Type of spyware that can be used to track keystrokes + capture passwords, account numbers for fraudulent use.

Question 19

What can keylogger software be used by?

Answer 19

Parents to monitor their children’s online activity.

Question 20

What are phishing emails?

Answer 20

Emails that ask you to confirm personal details are usually fakes. Should be caught by spam filter.

Question 21

What should you do to protect your computer from phishing emails?

Answer 21

Be suspicious + do not provide any sensitive information.

Question 22

What is shoulder surfing?

Answer 22

Using direct observation to get information. Relatively simple to stand next to someone + watch as they fill out a form or enter a PIN number, but shoulder surfing can also be carried out long distances with aid of binoculars or even CCTV.

Question 23

What is SQL injection?

Answer 23

Technique where malicious users can inject SQL commands into an SQL statement, via web page input. Injected SQL commands can alter SQL statements + compromise security of information held in database.

Question 24

What is DoS attack?

Answer 24

Denial of service attacks do not attempt to break system security, attempt to make website + servers unavailable to legitimate users, by swamping system with fake requests- usually in attempt to exhaust server resources.

Question 25

What will a DoS attack involve?

Answer 25

Usually a single internet connection. Distributed denial of service attacks launched from multiple connected devices distributed across internet. Multi-person, multi-device attacks target network infrastructure in attempt to saturate it with huge volumes of traffic.

Question 26

What are password based attacks?

Answer 26

Dictionary attack: simple file containing words found in dictionary. This attack uses exactly kind of words many people use as their password.
Brute force attack: similar to dictionary attack but able to detect non-dictionary words by working through all possible alphanumeric combinations from aa1 to zzz10. Not quick but will uncover password eventually.
Guess ???: user-generated password unlikely to be random. Passwords likely to be based upon interests, hobbies, pets, family etc. Educated guesses often work.