3.6 Cyber Security

Question 1

What is Cyber Security?

Answer 1

Cyber Security covers the different processes, practices and technologies the protect the following from attacks, damage or unauthorised access:
-Networks
-Computers
-Programs and data

Question 2

What is a computer vulnerable to?

Answer 2

Malware (Including viruses)
Social Engineering
Pharming
Misconfigured access rights
Unpatched or outdated software
Removable media

Question 3

What is a default password?

Answer 3

The password that was set at the point of manufacture on a piece of hardware such as a router

Question 4

Why are default passwords a potential security risk?

Answer 4

Attackers can easily identify and access internet-connected devices that use shared default-passwords

Question 5

What is meant by user access levels?

Answer 5

Each user in an organisation is assigned individual access rights, according to their role. This will limit their ability to carry out certain tasks on the network

Question 6

What happens if user access levels are not configured correctly?

Answer 6

The user will be able to gain access to restricted areas of the network or be able to write to files. This could allow them to view/edit/delete sensitive or confidential information.

Question 7

What happens when a DNS system is hacked?

Answer 7

When your computer requests for a website such as barclays.co.uk, it asks a DNS (Domain Name System) server for the IP address.

The DNS Server replies with the IP address

If the server has been hacked then the hacker may have changed the website’s IP to a fake one that looks similar to the legitimate one.

You then enter your login details and the hacker steals them from you.

If this was a fake bank then the hacker can now transfer money to themselves.

Question 8

What is removable media?

Answer 8

Removeable media is any storage device that can be inserted and removed from a computer

Question 9

Why is removeable media an issue?

Answer 9

Removable media can be used to:
-Steal documents and files from a company
-Introduce malware

Question 10

What is unpatched software?

Answer 10

Software that has not been updated to close a security flaw(s) which could potentially be exploited by hackers

Question 11

What is the most important software to update?

Answer 11

-OS (Operating System)
-Antivirus/Anti-malware

Question 12

What is social engineering?

Answer 12

Manipulating someone to give away personal information

Question 13

What is blagging (or pretexting)?

Answer 13

Setting up a scenario that encourages someone to give away personal information

Question 14

How is blagging done?

Answer 14

It makes use of psychological confidence tricks to get the target to give information or do something they wouldn’t do under normal circumstances

Question 15

What is a pretext?

Answer 15

The scenario which contains personal information (often found on social medial)

Question 16

What is shouldering/shoulder surfing?

Answer 16

The ability to get information or passwords by observing as someone types them in.

Question 17

How is phishing done?

Answer 17

Emails, texts or phone calls are sent to users commonly pretending to be from a bank or website
The ‘From’ email address may be forged
The message will contain a link to a website that closely resembles the banks website.
The website will then collet personal information such as:
-Usernames
-Passwords
-Credit Card details
-Other personal information

Question 18

What are the key things to look out for in a phishing email?

Answer 18

• Greeting: The phishers don’t know your name so the email is not personalised
• The sender’s address is often a variation on a genuine address​
• Forged link: The link looks genuine, but it may not link to the website given.
• Request for personal information: Genuine organisations never do this​
• Sense of urgency
  Poor spelling and grammar

Question 19

How can you protect yourself against Blagging?

Answer 19

Check the identity of the person you are speaking to
Update social media accounts so that personal information is no longer available

Question 20

How can you protect yourself against Shouldering?

Answer 20

Cover PIN/Passwords when entering them
Check over your shoulder to see if anyone is around or if there are any cameras/reflective surfaces
Go somewhere private when making personal phone calls

Question 21

How can you protect yourself against Phishing?

Answer 21

Examine the correspondence carefully, checking out the key features of phishing
Don’t click on links
Go directly to an organisation’s website through a browser

Question 22

What is malware?

Answer 22

Software that is specifically designed to disrupt, damage or gain unauthorized access to a computer system

Question 23

What is a virus?

Answer 23

Computer viruses infect computers
Normally attached to an executable file

They replicate their code in other programs
They infect other computers
They harm the computer by deleting, corrupting or modifying files

They cannot spread without human interaction (i.e. running the program)

Question 24

What is a worm?

Answer 24

Worms are very similar to viruses except that they do not require human interaction to travel and execute.
A work takes advantage of file or information transport features on your system, which allows it to travel unaided.
A worm replicates itself in order to spread to other computers.
They might cause no damage to the attacked computers
They may slow down networks and computers

Question 25

What is spyware?

Answer 25

Spyware is installed without the user’s knowledge
It aims to spy on user activities by:
-Tracking them as they visit websites
-Installing a keylogger that can read passwords and personal information
Personal data is then sent back to the hacker, often through the use of cookies

Question 26

How does Anti-Malware work?

Answer 26

Anti-malware software will detect malware
When a new malware is detected it will report it to the anti-virus company
They verify it is a malware and create a signature of the virus
They then add it to their virus database and tell the computers to run an update.

Question 27

What can viruses do to avoid detection?

Answer 27

Viruses can morph which makes it harder to create a signature