3.6 Cyber Security Flashcards
Define cyber security
Consists of the processes and technologies designed to protect networks and data from attack or unauthorised access
Main purposes of cyber security
To protect networks and data from attack or damage or unauthorised access
Cyber security threats
Name 3
Social engineering
Malicious code
Pharming
Weak and default passwords
Removable media
Outdated software
Social engineering definition
The act of manipulating people so they reveal confidential info
3 types of social engineering
blagging, shouldering and phishing
Define malware
A variety of forms of hostile or intrusive software
Security measures to protect against malware
Biometric measures
Password systems
CAPTCHA
Using email to confirm identity
Auto software updates
Penetration testing used for
Attempting to gain access to a computer system w/o knowledge of authorised means of access
To stimulate a cyber security attack to expose any weaknesses in the processes
White box penetration testing
To simulate the unauthorised access by a malicious insider who has knowledge and possibly the basic login credentials for target system
Black box penetration testing
To simulate an external hacking where attacker has no knowledge of target computer system
Pharming
Directing people to fake website to mimic the legitimate one to steal personal info like login credentials
Forms of malware 3x
virus trojan and spyware
what is blagging?
to invent a scenario to engage targeted victim to reveal confidential information
what is phishing?
fraudulently obtaining private information often using email or sms
what is shouldering?
observing a person entering private information to obtain their credentials