Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

GCSE Computing > 3.6 Fundamentals Of Cyber Security > Flashcards

3.6 Fundamentals Of Cyber Security Flashcards

You may prefer our related Brainscape-certified flashcards:
GCSE Religious Studies - Edexcel Route A flashcards GCSE Religious Studies - Eduqas Route A flashcards GCSE Geography - AQA flashcards GCSE Religious Studies - Edexcel Route B flashcards GCSE Religious Studies - Eduqas Route B flashcards
1
Q

Cyber security definition:

A

= the technologies, practices and processes used to protect networks, data, programs & computers against damage, cyber attacks & unauthorised access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

List the cyber security threats:

A
  • social engineering techniques
  • malicious code
  • weak and default passwords
  • misconfigured access rights
  • removable media
  • unpatched and/or outdated software
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Social engineering techniques:

A

-

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Malicious code

A

web scripts designed to create system vulnerabilities in order to upload malware
(leading to back doors, security breaches, information and data theft, and other potential damages to files and computing systems)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Weak and default passwords

A
  • big security risk as can be easily cracked
    hackers use:
  • brute force attacks to get past short/simple passwords easily
  • social engineering to figure out commonly used passwords (birthdays/addresses)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Misconfigured access rights

A

Users being given access to info they should not have access to

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Explain removable media:

A
  • malware can get onto device by being hidden in removable media
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Unpatched and/or outdated software

A
  • could be more easily exploited by hackers, malware, viruses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Penetration testing definition:

A

= process of attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access
= when organisations employ specialists to stimulate potential attacks to their system to identify possible weaknesses in their cyber security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what does White-box penetration testing do?

A

= simulates a malicious insider who has knowledge of the target system (employee)
(Given some credentials)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

what does Black-box penetration testing do?

A

= simulates an external hacking/cyber warfare attack, (not given any credentials)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Social engineering definition:

A

= art of manipulating people so they give up confidential information (of networks)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

List the forms of social engineering:

A
  • pharming
  • phishing
  • shouldering (shoulder surfing)
  • blagging
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is pharming?

A

Cyber attack intended to redirect a websites traffic to another, fake site using malware

  • fake site designed to look the exact same
  • user will enter personal info which will be taken by the criminal

Reduce risk by ensuring anti-malware software up-to-date

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Phishing?

A

Technique of fraudulently obtaining private info, often using email/SMS
- criminals send emails/texts to people claiming to be a well-known business (bank), often lead to fake websites

Reduce risk = many email programs, browsers, firewalls have anti-phishing features (reduces amount of phishing emails received),
other giveaways = poor grammar, urgency, unknown email address,
Be cautious around emails asking to follow links/update personal details

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Shouldering (shoulder surfing)?

A

Observing a person’s private info over their shoulder (cashpoint machine PIN numbers)

Reduce risk = be discreet/careful

17
Q

What is Blagging?

A

Act of creating & using invented scenario to engage targeted victim in a manner that increases the chance victim will reveal info or perform actions unlikely in ordinary circumstances (money for friend)

  • someone makes up story/pretends to be someone they aren’t
  • someone phones the victim , trying to gain their trust

Reduce risk = use security measures that can’t be given away (biometrics)

18
Q

Malware (malicious software) definition

A

= refers to a variety of forms of hostile/intrusive software, designed to cause harm/gain unauthorised access to computer system

19
Q

Types of malware:

A
  • computer virus
  • Trojan
  • spyware
  • adware
20
Q

What is a computer virus?

A
  • attach (by copying themselves) to certain files

- users spreads them by copying infected files & activate them by opening infected files

21
Q

What is a Trojan?

A
  • malware disguised as legitimate software
  • don’t replicate themselves, unlike viruses/worms
  • users install them not realising they have a hidden purpose
22
Q

What is Spyware?

A
  • secretly tracks actions (key presses) and sends info to hacker (who might be able to work out things like passwords/bank details
23
Q

What is Adware?

A
  • can cause pop-up ads that can’t be closed
24
Q

How can you protect against malware?

A

-

25
Q

List the types of security measures/user authentication:

A
  • biometrics
  • passwords
  • CAPTCHA
  • email confirmation
  • automatic software updates
26
Q

Explain biometric measures:

A
  • use scanners to identify people by unique part of their body (fingerprint, retina)
  • many different uses (smartphones contain fingerprint scanners to prevent unauthorised access)
  • usually quite secure/convenient for users (don’t have to remember password) - but often more expensive to implement as require special hardware
27
Q

Explain password systems:

A
  • simple method of checking someone’s identity
  • should be strong (many characters long, combination of letters /numbers / symbols) and changed regularly
  • weak/default passwords = big security risk as can be easily cracked
  • hackers can use brute force attacks to get past short/simple passwords easily & social engineering to figure out commonly used passwords (birthdays/addresses)
28
Q

Explain CAPTCHA

A

= ‘Completely Automated Public Turing test to tell Computers and Humans Apart’

  • designed to prevent programs automatically doing certain things (creating user account on website)
  • usually consists of simple task (recognising animals, typing blurred/distorted words)
  • tests rely on computers not being able to read images as well as human can
  • but as image recognition software & artificial intelligence developing, machines becoming more capable of passing these tests
29
Q

Explain email confirmation:

A
  • used by most web services that require account registration to confirm email address belongs to person registering
  • used to stop people from using fake email addresses to sign up
  • however as lots of webmail services free, people can usually sign up for new email address whenever they want, so not always effective for confirming someone’s identity
30
Q

Explain automatic software updates:

A
  • used to patch/fix any identified security holes in piece of software
  • so software is less easily exploited by hackers, malware, viruses

GCSE Computing (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions