2.2 Security Aspects Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

Features of a strong password

A
  1. Mixture of uppercase and lowercase letters
  2. Combination of letters, numbers and special symbols
  3. At least 8 characters
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Virus

How to minimise the risk

A
  • Software that replicates itself
  • Intends to delete or alter data stored on a computer
  • Can make the computer “crash”/run slow

Minimise risk:

  • use of anti-virus software
  • do not download software/data from unknown sources
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Spyware

How to minimise the risk

A
  • Software that gathers information by recording key presses on a user’s computer/keyboard and relays the information back to the person who sent the software
  • User activity/key presses can be analysed to find sensitive data eg. passwords
  • a common pattern/word in the key logs could allow a password to be identified

Minimise risk:

  • use anti-spyware software
  • use data entry methods such as drop-down boxes
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Hacking

How to minimise the risk

A

The act of gaining illegal access to a computer system without the owner’s consent/permission

Minimise risk:

  • use of passwords / user IDs
  • use of firewalls
  • encrypt data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How does anti-virus software protect the user?

A
  1. Scans computer system for viruses
  2. Removes any viruses found from computer
  3. Checks data before it is downloaded, and stops download if virus found / warns you may contain virus
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Firewall

A

Software that filters data coming from the Internet, to stop malware and hackers and block unsuitable content

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

5 ways that data could be accidentally damaged or accidentally lost

A
  1. human error eg. accidentally deleting a file
  2. hardware failure
  3. physical damage eg. fire/flood
  4. power failure
  5. misplacing a storage device
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Methods to prevent data entry errors that can accidentally cause data corruption

A
  1. Using checks on data entry such as check digits, range checks, etc.
  2. Entering data twice
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Explain what is meant by a denial of service (DoS) attack.

A
  • designed to deny people access to a website
  • a large number of requests is sent to a server all at the same time
  • the server is unable to respond to ALL the requests
  • the server fails/times out as a result
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Proxy server

A

A computer that acts as an intermediary between a web browser and the Internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Advantages of a proxy server

A
  1. Helps to improve web performance by storing a copy of frequently used web pages
  2. Can help improve security by filtering out some web content and malware
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Transport Layer Security (TLS)

A

The TLS security protocol checks that the website you are using is real and then establishes a private link between two devices that are communicating, using encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Secure Sockets Layer (SSL)

A

SSL security protocol has different methods of encryption to TLS and is less secure; uses public and private keys, uses https
*purpose is the same as TLS (check authentication of website, establish private communication between devices using encryption)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Encryption

A

The process of converting plain text into cypher text

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Decryption

A

The process of converting cypher text into plain text

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Symmetric VS Asymmetric encryption

A

Symmetric encryption
- Uses the same encryption key to encrypt and decrypt a message (1 key)
- The secret key has to be sent over the Internet before encryption can begin, so anyone who finds out the key can decrypt the messages
Asymmetric encryption
- 2 keys: a public key and a private key
- The public key is shared with any computer that needs to send a message
- The private key is kept secret on your computer. Only your computer can use it to decrypt the messages sent to you
- slower than symmetric, but safer

17
Q

What will increase the strength of the encryption?

+ explain

A

Increasing the length of a key and making it more complex

- will generate more possibilities for key

18
Q

Phishing

How to minimise the risk

A
  • Legitimate-looking emails sent to a user
  • As soon as recipient clicks on link in the email the user is directed to a fake website (without their knowledge)
  • To obtain personal/financial information

Minimise risk:

  • do not open emails/attachments from unknown sources
  • some firewalls can detect fake websites
19
Q

Pharming

How to minimise the risk

A
  • Malicious code installed on a user’s computer/actual web server
  • This code redirects user to a fake website (without their knowledge)
  • To obtain personal/financial information

Minimise risk:

  • only trust secure websites, eg. look for https
  • check the URL matches the intended site
20
Q

4 examples of biometrics

A
  1. fingerprint scanner
  2. face recognition software
  3. retina scanner/iris scanner
  4. voice recognition software
21
Q

Cracking

How to minimise the risk

A
  • The act of illegally changing the source code of a program so that it can be exploited for another use

Minimise risk:

  • set strong passwords
  • encrypt data
22
Q

6 ways of preventing ACCIDENTAL loss or corruption of data

A
  1. back up files on a regular basis to another device / to the cloud
  2. set data to read only to prevent accidental editing
  3. save data on a regular basis to prevent loss/corruption of data in unexpected shutdown/failure
  4. use correct shut down / start up procedures to prevent damage to components/stored files
  5. use correct procedures before disconnecting portable storage device to prevent damage to device/data corruption
  6. keep storage device in a safe place away from fire hazards
23
Q

5 tasks carried out by a firewall

A
  1. Examines traffic to and from a user’s computer and the Internet
  2. Checks whether incoming and outgoing traffic meets a given set of criteria
  3. Firewall blocks traffic that doesn’t meet the criteria
  4. CAN prevent viruses and hackers gaining access
  5. Blocks access to specified IP addresses/websites
24
Q

How does anti-spyware software work?

A
  1. scans the computer for spyware
  2. removes any spyware that is found
  3. can prevent spyware from being downloaded
25
Q

Describe how data are encrypted.

A
  1. an encryption algorithm is used
  2. …to scramble data
  3. the original data is called the plain text
  4. a key is used to encrypt the data
  5. the key is applied to the plain text
  6. plain text is encrypted into cypher text
26
Q

Explain what is meant by spam.

A
  • junk/unwanted emails
  • sent to large numbers of people
  • used for advertising / spreading malware
  • fills up mail boxes