5. The internet and its uses Flashcards

1
Q

How do DOS attacks work?

A

Large number of requests sent to server at once
Useless traffic floods the server
Server will come to a stop trying to deal with the traffic
Prevents users gaining access to the web server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What do cookies do?

A

Saves log-in information
Provides customized page for user
Enables target advertisements
One-click purchasing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

3 functions of browsers

A

− Allows user to view web pages
− Renders HTML
− Allows user to bookmark/favourite web pages
− Provides navigation features
− Allows (multiple) tabs
− Stores cookies
− Records history of pages visited
− Has a homepage
− Runs active script
− Allows files to be downloaded from website/internet
− Sends a request to the IP address/web server (to obtain the contents of a web page)
− Sends URL to DNS
− Manages HTTP/HTTPS protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Physical security

A

Data needs to be kept physically safe from intruders, in large companies by…
Issuing staff with ID
Having all visitors sign in on arrival and having escorts around the office
Keeping sensitive areas locked
Security cameras
Security guards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Physical Security and Biometrics

A

Locks on doors
Security Guards
Biometrics:
- Fingerprint recognition
- Retina scanner
- Iris recognition
- Voice recognition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Audit trails and logs

A

Audit trail maintains a record of all activity on a computer system
The time and date a user accesses the system will be logged as well as their activity
Assists in detecting security violations
Help system admin ensure the system has not been harmed by hackers, insiders or technical problems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Acceptable use policies (AUP)

A

Many businesses and educational facilities require employees or students to sign an AUP before being given a network ID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Secure passwords

A

Minimum of 8 characters
Mixture of numbers, lowercase and uppercase characters
Include symbols
Do not include name, DOB or personal details

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Phishing

A

A phishing email is one that tricks you into handing over your personal or sensitive information
You receive an email leading you to a bogus site to enter your details from where they are captured by phishers

What to look out for:
Generalised impersonal greeting
Sender’s address, variation from original
Forged link, roll mouse over link to check
Request personal information, legit sites do not do this
Sense of urgency
Poor spelling and grammar

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Pharming attacks

A

Similar to phishing but instead of using a fake link in email, pharming redirects victims to bogus sites despite entering the legit website

Detecting pharming attacks:
ISPs filter out bogus redirects as soon as an attack is detected
Check the URL once loaded has not changed
Before entering sensitive information check that http has changed to https

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Trojan Horse Email

A

Offers something tempting to look at like an attachment or link eg. funny video

When you open the attachment or click the link it installs a virus on your computer which may:
- record your keystrokes and send them to the attacker
- Provide someone else with access to your files
- Use your computer to send spam to everyone in your
address book

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Virus generated emails

A

Appear to be sent from a friend
Usually means your friend’s email has been infected and sent to their entire address book
Typically includes product or shop recommendation and asks for emergency cash
Encourages you to click a link to a sales website or transfer cash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Encryption

A

Encryption is the encoding of data so that it can no longer be easily understood to safeguard the data if intercepted.

Terminology:
Plaintext: original message
Ciphertext: encrypted message
Encryption: the process of converting plaintext into ciphertext
Key: a sequence of numbers used to encrypt or decrypt, often data using a mathematical formula.
Encryption algorithm: the formula for encrypting the plaintext

Encryption techniques:
Private key (symmetric encryption)
A single key used to encrypt and decrypt a message and must be given to the recipient of your message to decrypt the data

Public key (asymmetric encryption)
Two keys are used, one to encrypt and one to decrypt
This is more secure as you never have to send or reveal your decryption key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Caesar shift cipher

A

Earliest known substitution cipher invented by Julius Caesar

Each letter is replaced by n positions further in the alphabet

n is the key used to encrypt and decrypt the message - symmetric encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Cryptanalysis

A

The objective of cryptanalysis is to decode the ciphertext - typically by finding the secret key

Methods include:
Brute-force attack
every possible key is tried
Non-brute-force attack (cryptanalysis)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Key strength

A

5 bits would enable 2^5 key combinations so it could be said that you are using 5 bit encryption

Increasing the number of bits used for a key increases encryption strength.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Algorithmic security

A

Ciphers are based on computational security

keys determined using computer algorithm
given enough computer power and time any key can be cracked.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Strong and weak encryption

A

Encryption can be considered “strong” when the useful lifetime of the encrypted data is less than the time needed to crack it

Weak encryption means that the encryption can be cracked while the encrypted data is still in its lifetime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Other methods of data protection

A

Passwords
SSL (security protocol)
TSL (security protocol)
Firewalls

HTTPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Proxy server

A

A proxy server is a computer that acts as an intermediary between a web browser and the internet.
It helps to improve web performance by storing a copy of frequently accessed web pages.

A proxy server may act as a firewall
can help to improve security by filtering out some web content like malware
responds to input packets by blocking and allowing some
gateway from one network to another

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

HTTPS

A

s in https stands for secure

this means a security protocol is used to ensure a trusted encrypted data connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Secure Sockets Layer and Transport layer security

A

SSL is a protocol for transferring private documents via the internet

it uses asymmetric encryption to encrypt data before transmission

many websites use SSL to receive confidential information like credit card details

TSL is a more recent upgrade to SSL. Like SSL it uses public key to encrypt.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Process of getting web page from webserver

A

Web browser sends request to IP address or web server to identify itself by providing certificate
Web page sent from web server to browser
Browser renders HTML to display web pages
HTTPS used to secure data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Benefits of USB connection

A

Universal connection
High transmission speeds
No incorrect connections
Can be inserted both ways
Backwards compatible
Fast data transfer speed
Inexpensive to purchase

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Protocols to transfer data safely
HTTPS SSL TSL - layers are handshake and record
26
What is the internet
A collection of interconnected networks, not the world wide web as that is a part of the internet
27
ISP what do they supply what they allow you to do storage in an ISP
ISPs are companies supplying connectivity to the internet, email services, web hosting and VOIPs. You connect to the Internet service provider that you are contracted with, when you connect to the ISP you become a part of their network. This ISP may connect to a larger network and become a part of that. Every ISP has its own data storage facility.
28
Browser softwares Examples How to access
Internet explorer, google chrome and firefox are all browser softwares. One way to access a particular page is by typing its address into an address bar.
29
Cloud based services Mini def Examples
Servers host software or services that you can access. Online storage: Dropbox OneDrive Google Drive
30
Connecting to the internet
PC > Router > Modem > ISP > Internet router provides access to local area network modem connects to your internet service provider (ISP) - modem no longer used in modern technology ISP connects you to the internet
31
Modem
stands for modulator/demodulator converts digital signal from computer and converts to analogue signal for phone lines a second modem at the receiving end converts the signal back to digital
32
Router
A router is a hardware device that allows you to connect several devices to a single internet connection (home setting) Many routers have a WAP (Wireless access point) allowing you to create a wireless access point
33
TCP/IP protocol
TCP (transmission control protocol) breaks up messages sent over the internet into packets reassembles packets at the other end detects errors resends lost messages IP protocol - routes the individual packets between sender and recipient
34
HTTP and HTTPS Protocol
HTTP (hyper text transfer protocol) used for accessing and receiving web pages in the form of HTML files on the internet The protocol requests the web server to upload the requested web page to the users browser for viewing HTTPS (secure protocol) encrypts the information so that it can not be hacked
35
Packet switching files and packets micro def packet header
Each file is broken up into packets Each packet is given a header containing: - IP address its going too (Internet protocol) - IP address it came from - Sequence number of the packet - Number of packets in the whole communication
36
IP Addressing
Every device connected to the internet has an IP address eg. 81. 101. 137. 12 Packets are labelled with the senders and the destinations IP address Packets are sent across the internet along separate routes and reassembled at the end
37
Public vs Private IP addresses
A PC network has a public and private IP address Public IP belongs to the router on your LAN Private IP is accessible only through the LAN ISPs are allocated blocks of IP addresses Once a message arrives at the router of your LAN it will use the private IP address to identify which device requested information
38
MAC Addressing in full and assigned by who how many addresses and for what what it looks like similarity of and combinations role
A media access control address is assigned to each Network interface card by the manufacturer. Computers may have 2, one for ethernet and one for wireless or for a phone wireless and bluetooth Hex value eg. 3B:14:E6:39:0A:2C Every network device in the world has a unique MAC address There are 2^48 possible MAC addresses Role of a MAC address: When you request a web page each router along the way uses the MAC address of the next router to send the data packet to the next leg of its journey.
39
URL
Uniform resource locator is a web page and all are unique WWW. Domains names (TDLs) .uk , .nz etc
40
DNS
Domain Name system DNs technology allows you to type a URL into your web browser and it translates the web address into an IP address. There are 13 DNS “root” servers worldwide that keep complete database of all names and IP addresses Lower level DNS servers are owned by ISPs and hold parts of the database When a DNS server receives a request not in its database it will pass it on until reaches one with the matching name and IP address
41
Cookies
A cookie is a small data file that a web server puts onto your computer when you visit a website Cookies save any data entered such as registration details, passwords and relevant adverts for you as well as web preferences.
42
Role of a browser how browser gets webpage/website on your computer
User types web address (URL) into browser Browser forwards request to web server to access page Web server acknowledges request and sends HTML source code for the web page to the computer Source code is rendered (translated) into viewable web page
43
Malicious software what it does what it can/typically does types x6
Malware is any software written with malicious intent. Disrupt computers from their work Corrupt files Record key presses and gather information Gain unauthorised access to a computer or files Not all viruses cause harm, but the ones (most) that do: limiting hard disk space and memory destroying or damaging files and data spamming your address book with contacts consuming your internet bandwidth Types of Malware: Spyware, gathers information, installs more spyware, sends information back to spyware author, sells to advertising companies or help with identity theft Adware, irritating pop ups, instals itself on a computer, rarely harms Viruses, small program that replicates by inserting itself in other computer programs - attach them self to existing software programs and infect when you run that program - self replicate Worms, a standalone file that does not need a host program to attach itself to Trojans, a non-self-replicating virus that masquerades as a harmless file that you might want to open Ransomware, malware used to lock your computer or access to your flies for which you are then asked to pay a fee to regain access
44
Botnets
A virus can compromise a computer and use the host’s storage and processing power to perform jobs This computer can then become a part of a Botnet network ( a group of computers secretly cooperating to send spam or cause disruption on a much larger scale) Computers in a botnet can: send email spam to other users store and distribute illegal material perpetrate a Denial of Service attack
45
DOS attacks
Denial of service attack Frequently aimed at company or web servers to overload them or make them crash by: - flooding servers with millions of requests - absorbing 100% of its processor time or memory - using all available bandwidth Attempts to make a network or website unavailable to legit users and the motive is often revenge, blackmail or terrorism
46
Reducing the risk of any cyber security issues
Use strong passwords, keep software up to date, and avoid clicking on suspicious links or downloading files of unknown sources.
47
Anti-virus softwares what they do how they do
detects viruses deletes or quarantines infected files commonly finds all malware including adware, spyware, worms and Trojans Works by: holding a dictionary of snippets used in viruses scans new files, downloads, external drives on your computer looks for suspicious codes by comparison keeps a dictionary of know viruses up to date
48
Firewall
acts as a filter or barrier between your own trusted network and others only allows certain data packets across that meets set filtering rules
49
Hacking
Breaking security defined as unauthorised access to files or data Exploiting weaknesses in websites or security systems to access data Guessing default or common passwords Tricking people into downloading malware to gain access to their computer Logging in as someone else without their permission In order too: pure mischief or a challenge steal money steal or modify information for political reasons, expose wrongdoing or revenge on opposing views
50
Black and white hats
Black hat hackers are illegally hacking with criminal intent White hat hackers ethical hackers employed by companies to deliberately find holes in their own security Grey hat hackers look for wholes in other systems and ask for a payment from those systems
51
Cracking
Not hacking Illegally accessing program source code to change it or fool it to: Bypass security or licensing control prevent software from expiring unlock features that otherwise would require a subscription
52
Hyper Text Markup Language
International standard language that all pages can read and all pages are written in. Webpages, webpage code
53
HTML Code
In a text file containing the content of the website to be displayed by the browser Uses to govern how to present sections of content Stores locations of images that are to be displayed Stores the location of other websites that are linked to using hyperlinks
54
HTML vs CSS
HTML controls content and function of a web page Cascading Style Sheets control its style and appearance
55
Writing HTML code
open <> and close > Websites are made of a head and body

,

,

,

- different headings (main , sub) : emphasis Click here for more info : link placed in middle line, click to access

56
Adding CSS to a webpage
Define the style at the top between tags h1 {colour:blue; text-align: centre} Everything that falls inside the style tag, that html will adopt that style Sector ==> h1 or other Declaration ==> property and value Property ==> colour or other Value ==> blue or other h1 {colour: blue;} To add a CSS style: Define a style for a particular tag eg. h1 or Define a general style and attribute it to a new name eg. #page Attribute style to a
block: Image file on desktop
57
Describe how the SSL works
− Browser / client sends request to webserver for identification − Web server sends its digital / security certificate − Browser authenticates certificate − If authentic connection, is established any data sent is encrypted − Using public and private key to do this
58
Describe how the TSL works
− Handshake and record protocols − Client/Browser requests secure connection to web server − Browser requests server to identify itself − Web server then provides digital certificate after identification − Browser validates certificate − Browser sends signal to web server to begin transmission − Session key generated − Encryption method is agreed on The handshake protocol is used to exchange all the information needed by both computers in order to establish a secure SSL/TLS connection The record protocol handles the actual data and it’s encryption
59
Describe how a browser accesses a web page
Browser sends URL to DNS using HTTP DNS find matching IP address for URL and sends it to the browser Browser requests web server for web pages Web pages are then sent from web server to the web browser Browser then renders the HTML to display web pages Security certificates authenticated, SSL and TSL used to encrypt data sent to and fro
60
Describe how a proxy server works
− Acts as mediator between the user’s computer and web server − Allows internet traffic to be filtered − Speed access to information on website using cache
61
Describe encryption
− Encryption key used − Key uses algorithm to scramble data − Data before encryption is plain text − After encryption it is known as cypher text − Same key used to decrypt data
62
Describe symmetric encryption
− Key is kept secret, only sender and receiver know − Sender uses same key to encrypt and decrypt − Key has to be sent over internet, can be intercepted − Less safe but fast
63
Describe asymmetric encryption
− Public and private key mathematically linked − Public key used to encrypt, anyone can see − Private key not transmitted, used to decrypt − Safer process but slower
64
Describe a Denial of Service attack
− Webserver is sent multiple requests, requests flood the webserver at the same time − Webserver crashes / runs slow − Designed to prevent access to e.g. a website // Stops legitimate requests being processed/serviced
65
Describe copyright, plagiarism
Copyright − law/legislation that requires permission to use intellectual property / other people’s work Plagiarism − To claim other’s work as your own − To use other people’s work without consent / acknowledgement − Theft of intellectual property
66
Accidental loss of data and prevention
Lost from Human error, accidentally deleting file Hardware failure Power failure or surge Physical damage, fire or flood Misplacing storage device Prevention Back up data regularly Use surge protection and UPS Keep data in protective case Use verification method for deleting file Follow and educate on correct procedure of ejecting files, saving, etc.
67
Internet risks
Phishing Pharming Spyware Dos Malware Viruses Worm Rootkit Backdoor
68
How to minimise risk of spyware
Anti-spyware Scans computer for spyware Removes/quarantines any spyware found Prevent spyware from being installed Onscreen keyboard Key-logger can’t collect data of key press Can’t relay useful info to 3rd party 2 Factor Authentication Extra data sent to device Harder for hacker to obtain data Data has to be entered into same system if entered from remote location not accepted Firewall Can be software or hardware based Monitors incoming and outgoing traffic Allows criteria to be set Blocks access to signal that do not meet criteria Restricts access to specific applications
69
How to minimise risk of virus
Anti-virus Scans computer for viruses daily Has a record of known viruses Removes/Quarantines any virus found Warns user of virus Checks data before downloaded Prevents download of virus found Firewall/Proxy server Monitors incoming and outgoing traffic Allows setting of criteria Checks if traffic meets criteria Blocks traffic that does not meet criteria
70
How to minimise risk of hacking
Firewall/Proxy server Monitors incoming and outgoing traffic Allows setting of criteria Checks if traffic meets criteria Blocks traffic that does not meet criteria Passwords Use long and more random passwords Change it regularly Lock after a set attempts Biometrics Data needed to enter is unique to individual Hard to replicate Lock after set attempts 2 Factor Authentication Extra data sent to device Hard for hacker to obtain Data entered needs to be in the same system, if attempted from remote location it’s not accepted
71
Describe Phishing and Pharming
Phishing − Legitimate looking email sent to user − encourages user to click a link that directs user to a fake website − User encouraged to enter personal details into a fake website // designed to obtain personal details from a user Pharming − Malicious code/malware is downloaded without users’ knowledge − That re-directs user to fake website (when legitimate URL entered) − User encouraged to enter personal details into a fake website − Designed to obtain personal and sensitive details from a user
72
Describe free software, freeware, shareware
Free software- * Type of software licence * Free of charge * Normally distributed without the source code * Can legally share / copy * Cannot legally modify code * Cannot resell Freeware- Owner has copyright for software but can be given away for free Shareware- Often a trial version of full software, fee required for full access
73
Copyright
Legal protection person can obtain to provide protection against their work stolen
74
Identify and describe risks to a device when accessing the internet
Hacking − When a person tries to gain unauthorised access to a computer system − Data can be deleted/corrupted by hacker Malware − A software program designed to damage data / disrupt the computer system − Replicates itself and fills the hard disk Virus − A program that replicates itself to damage/delete files
75
Describe Cracking
-When someone alters a program source code usually for a backdoor (by disabling computer security software)
76
What is hacking?
illegally gaining access to a computer system
77
illegally gaining access to a computer system in known as
hacking
78
Why do people hack (5)
Curiosity Financial Gain Malicious Hacktivism Military
79
Curiosity,Financial Gain,Malicious,Hacktivism,Military are all reasons to___?
Hack
80
Cracking is
Changing a program’s source code to be used for another use (illegal)
81
Changing a program’s source code to be used for another use illegally is known as
Cracking
82
What is spyware
Software which tracks keylogs and through this can find out passwords.
83
Software which tracks keylogs and through this can find out passwords. Is known as
Spyware
84
How is Spyware prevented
Antispyware
85
Antispyware prevents___?
Spyware
86
Spyware (5)
User clicks on a link from an email or website When clicked spyware is downloaded Monitors users activity and relays it back to author Keypresses can be analysed to find passwords Common key logs allow password to be found
87
Viruses (3)
Program that replicates itself Deletes or corrupts files Ransomware a new form of virus
88
Phishing (5)
Fake email sent that looks legitimate User clicks on link in the email User redirected to fake website Often used to try and steal financial details How to avoid – Don’t click on links from unknown emails
89
Pharming (3)
Malicious code stored on a computer Redirects user to fake website to steal users data How to avoid – check the URL is as expected
90
Cookies (4)
Message given to browser by webserver Stored in a text file Stores detail about users preferences on a website Message sent back to server each time that page is requested
91
Cookies uses (5)
Enable logon information to be kept Provide customized pages for the user Enable target adverts Enable one-click purchasing with shopping carts Be able to distinguish between new and repeat visitors
92
Causes of data loss (5)
Accidental Deletion Malicious – virus Hardware failure Software failure Natural disaster
93
Data loss prevention (4)
Set data to read only Use correct shut down procedures Use correct procedures when removing portable storage devices Backup
94
Firewalls(5)
Prevents unauthorized access Acts as a filter for incoming/outgoing data Checks data meets criteria Logs incoming and outgoing traffic Blocks access to specified IP addresses
95
Antivirus (2)
Compares virus signature against a database of known virus signatures Removes any viruses
96
Proxy servers (3)
Keeps user IP address secret Prevents direct access to a web server Filters traffic
97
Biometrics examples (3)
Voice recognition Facial Recognition Thumbprint
98
Text v Biometric (2)
Text passwords easier to hack than biometrics - Biometric passwords are unique and can’t be shared
99
Security methods (2)
Encryption - SSL
100
SSL (5)
Uses encryption Uses SSL Uses digital certificates – contains public key Makes use of public and private keys Data is meaningless without the key
101
How can we tell a website is using SSL(3)
Protocol end in s e.g. https Padlock on some browsers Colour of address bar changes
102
SSL process (5)
Web browser connects to the website Web browser requests web server to identify itself Web server sends browser a copy of its SSL certificate Browser checks the certificate is trustworthy and sends message back to server Server acknowledges message and SSL session begins
103
TLS layers (2)
Record - Handshake
104
Record layer (2)
Contains the data being transferred - Can be used with or without encryption
105
Handshake layer (2)
Website and client authenticate each other - Encryption algorithms used to establish secure session
106
Differences between TLS and SSL (3)
Possible to extend TLS using new authentication methods TLS can make use of session caching TLS separates handshake and record protocol
107
How does encryption work on text (6)
Before encryption it is plain text Text encrypted using an algorithm Text encrypted using a key Encrypted text called cypher text Key transmitted separately from text Key used to decrypt the cypher text
108
Assymetric(5)
Private key and Public key needed Public key given to everyone Private key only known by the computer user Encryption keys generated using a hashing algorithm Different keys
109
Plain text & Cyper text
Text encrypted using encryption algorithm Text encrypted using a key Key transmitted separately from the text Key used to decrypt the text
110
Authentication (1)
-Used to verify that data comes from trusted source
111
Symmetric Encryption (1)
-Uses the same key to encrypt and decrypt data
112
Hashing algorithm (4)
Takes message or key and translates it into string of characters Usually shown in hex notation Length depends on algorithm used Same hashing algorithm needed to decrypt
113
DoS Attacks (4)
Large number of requests sent to server at once Designed to flood a server with useless traffic Server will come to a stop trying to deal with the traffic Prevents users gaining access to the web server
114
Types of softaware(3)
Free software Freeware Shareware
115
Free software (4)
Can use for any legal purpose you wish Can study and change the source code Can pass on to other people Must not be used to infringe copyright laws by copying existing software
116
Freeware(2)
Can download and use free of charge - Cannot view or modify the source code e.g. Skype
117
Shareware (5)
Can use for a trial free of charge Need to pay once the trial is over Often trial version missing key features Protected fully by copyright laws Cannot modify code or distribute the software
118
What is hacking?
the act of gaining illegal access to a computer system
119
What is cracking?
the editing of program source code so it can be exploited/changed for a specific purpose
120
What are viruses?
program code that can replicate/copy itself with the intention of deleting/corrupting data/files or causing the computer to malfunction
121
What is phishing?
sending legitimate lookng emails to encourage uses to give out personal data
122
What is pharming?
malicious code installed to redirect uses to a fake website
123
What is spyware/key logging software?
gathers data by monitoring keypresses on user’s keyboards
124
What are cookies?
pieces of data that allow detection of web pages viewed by a user and store their preferences
125
What is accidental or malicious loss of data?
this could be due to accidentally deleting a file or to a malicious attack from viruses or hacking
126
What are firewalls?
examines traffic between user’s computer and a public network - can help prevent viruses or hackers entering a user’s computer
127
What is secure sockets layer (SSL)?
allows data to be sent and received securely across a network
128
What is transport layer security (TLS)?
a protocol that is designed to ensure that no third party may eavesdrop or tamper with any message
129
What is symmetric encryption?
a secret key which makes a message unreadable unless the recipient also has the decryption key
130
What is asymmetric encryption?
a form of encryption requiring both a public and private key
131
What is authentication?
used to verify that data comes from a trusted source
132
What is a denial of service attack?
an attempt at preventing users from accessing part of a network
133
What is free software?
users have the freedom to run, copy, change or adopt free software
134
What is freeware?
software which users can download free of charge
135
What is shareware?
users are allowed to try out shareware for a trial period
136
What can hacking lead to?
lead to identity theft and loss or corruption of data
137
How can you minimise the risk of hacking?
using strong passwords using firewalls
138
Why is cracking done?
for malicious purposes (such as modifying legitimate software to do something like redirect a user to a fake website)
139
How can you minimise the risk of cracking?
it is hard to do software engineers need to make the act of breaking into the software nearly impossible (make it difficult to identify back doors)
140
What do viruses cause computers to do?
run slow crash cause some software to run abnormally
141
How to reduce the risk of viruses?
running anti-virus software don’t open emails/software from unknown sources
142
What are the main signs that an email is a phishing email?
messages containing poor spelling/grammar asks for personal information unrealistic threats/promises made
143
How can you reduce the risk of pharming?
anti-spyware software can identify and remove pharming code on the hard drive
144
What is wardriving?
the act of locating and using wireless internet connections illegally can lead to stealing of internet time/bandwith
145
How can you prevent the risk of wardriving?
use of WEP (wired equivalent privacy) encryption complex passwords firewalls
146
What are Networks?
Networks are connections between nodes (devices) to share resources. Being connected to a network can be dangerous because there are more access points.
147
What are the types of Networks?
Personal Area Network (PAN) Local Area Network (LAN) Wide Area Network (WAN)
148
What is PAN?
A personal area network is within the range of an individual, +- 10m. Examples are: Bluetooth
149
What is LAN?
It is a network that connects devices close to one another, like in the same house; school; office.
150
What is WAN?
A wide area network is a network over a broader, geographic area. For example, an internet connection is given by an ISP. The internet is a WAN made up of individual LANs.
151
What is a Client-Server Network
In a Client-Server Network, every device is either Client or Server. A client will request resources from the server. When a resource is wanted, the client establishes a connection with the server over the network Servers backup and store data centrally, although expensive and difficult to run. It is centralized
152
What is a Peer-to-Peer Network
A P2P network is decentralized. Each node is equal in responsibility and can work as both client and server.
153
What are the factors that affect Network Performance?
Latency The Delay, Speed of Signals Bandwidth Max rate of Data Transfer (bps) Error Rate How often data is corrupted How often data must be resent
154
What are the differences between wired connections and wireless connections?
Wired connections are generally faster Though Bandwidths must be taken into account, but is shared across a network Wireless range signals degrade quickly and can be blocked Signals at the same frequency can interfere, leading to dara collisions Bus topology have higher error rates
155
What are network protocols?
They are rules that must be accepted to devices can be compatible and reliably communicate.
156
How are protocols developed?
They are developed in layers, each responsible for a different part of the process of communication. Layers break the process down into managable self-contained parts. Easier to develop because it is focused on one aspect easier to develop standards changing one layer won’t affect another
157
What us the TCP/IP Protocol Stac?
It has 4 layers: Application Layer HTTP/S; FTP; SMTP; IMAP & POP; DNS Transport Layer TCP; UDP Network Layer IP Link Layer Ethernet; Wifi
158
What is the Application Layer?
The application layer is where network applications can operate, e.g: Web Browsers, Email Clients
159
What is the Transport Layer?
This layer sets up communication between the two hosts, and includes the agreed rules.
160
What is the Network Layer?
This layer addresses and packages data, and routes it.
161
What is the Link Layer?
This is where the hardware and drivers operate.
162
What is the Ethernet?
It is a standardised family of protocols. Ethernet works at the link layer it describes how devices on the same netwoek degment format data and transmit it
163
What is Wi-Fi (WLAN)?
It is a form of wireless transmission, radio waves EM waves are categorised on frequency A channel represents a small frequency range, designated by number Frequency overlap can cause interference. Data is encrypted using WAP
164
What is the TCP?
TCP is the transmission control protocol, which runs in the transport layer. It deals with the connection between devices, it: receives data from the application layer receives the packets from the network layer splits data into packets reassembles them sends an acknowledgment
165
What is the IP?
It is the internet protocol, it addresses packets with the source and destination’s IP address, and works at the network layer. The IP removes the IP addresses when the packets are no longer needed.
166
What is HTTP?
It is the hypertext transfer protocol, a hypertext is a type of text with links. HTTPS is HTTP with encryption through certificates. HTTP is used to access a webpage from a web server, the process goes as: The client requests a message the webserver gives a response
167
What is FTP?
The file transfer protocol is of the application layer, which handles file uploads and downloads. HTTP transfers viewable content whilst FTP transfers data.
168
What are the email protocols?
SMTP POP3 IMAP
169
What are the outbound email protocols?
SMTP
170
What are the Inbound email protocols?
POP3 IMAP
171
What is SMTP?
The simple mail transfer protocol is of the application layer.. it handles outbound. It sends the email to a mail server, and then to the internet. SMTP servers have user databases.
172
What is POP?
it is post office protocol, this is from the internet, mail server to the client. It doesn’t keep client and server in sync. When the mail is downloaded, it is deleted from the server.
173
What is IMAP?
It is internet message access protocol, where it keeps both client and server synced in which the mail is copied instead of downloaded. For the mail to be deleted from the server, you must contact the client.
174
What are the network topologies?
Topologies are the arrangement of the nodes and connections in a network. Bus Star Mesh Ring
175
What is the Bus Topology?
All clients, serbers and resrouces are connected to one medium, the bus. When a node communicates, the data is transmitted down the bus. All drivers receive it but only the intended recipient accepts and processes the message. There are terminators on both ends, which are resistors. They prevent data from reverberating
176
What are the advantages and disadvantages of the bus topology?
Advantages: Cheaper, because less wires Disadvantages: If the main bus fails, all fails Prone to data collisions in high traffic, which slows the data down.
177
What is the ring topology?
In this topology, each device is connected to two other devices, forming a ring for messages to travel around. The nodes take turns sending data, data is sent one direction through each device until the intended recipient receives it.
178
What are the advantages and disadvantages of the ring topology?
Advantages: Simple, less wires, cheaper. Disadvantages: All nodes must be one for the data to be sent.
179
What is the star topology?
Most home networks uses this topology, as each node is connected to the central connection point.
180
What are the advantages and disadvantages of the star topology?
Advantages: Data goes immediately to recipient Disadvantages: If the central connection point fails, network stops.
181
What is the mesh topology?
In a full mesh, every node is connected to every other node. In a partial mesh, there are simply many connections between nodes. A mesh could be used as a backup mechanism, called the redundancy as it is needed but used as an alternative route.
182
What are the advantages and disadvantages the mesh topology?
Advantages: Provides backup should one route fails Direct links to recipient. Disadvantages: Expensive, many wires Complicated Can’t add one device without connecting to every other device.
183
What is Network Security?
It is the processes, practices, and technologies designed to protect networks from attacks, damages, or unauthorized access.
184
Where do attacks originate from?
It can happen internally and externally.
185
What are the kinds of security do you need to watch out for?
Physical Security CCTVs, Case Locks, Disabling USB Ports Cloud Security Ensure the cloud servers you use are safe
186
What should be done when checking security?
Validation Ensuring that data is correct and secure before processing Authentication Ensuring that an entity is genuine, like users, product authentications.
187
What are some security threats?
Unpatched Software Misconfigured Access Controls Social Engineering Phishing Shoulder Surfing USB devices Portable Digital Devices Eavesdropping Malicious Code, malware basically Commercial Analysis tools
188
What is Unpatched Software?
It is basically just un-updated software, which may have some protection holes.
189
It is basically just un-updated software, which may have some protection holes.
It is when an entity has permission to access something that they’re not supposed to.
190
What is Phishing/Pharming?
It is the usage of sending emails from a ‘verified’ entity that contains malicious links that can lead to websites that download malware.
191
What is shoulder surfing?
Someone staring at you when you type in important information.
192
What is Malicious Code?
It is malware like: viruses spyware things like that
193
How can you identify vulnerabilities?
Penetration Testing Ethical Hacking
194
What is penetration testing?
It is basically stimulating an attack to find any weaknesses. For example, entering a random username and password just to see if it can access the site. It is normally done by an external entity.
195
What are the kinds of penetration testing?
White-box pen test Inside attack, where attacker has some knowledge of the system Black-box pen test Outside attack, hacking
196
What is ethical hacking?
Hacking is finding and exploiting vulnerabilities, it is only ethical when done in a testing context. There are kinds identified by white/black/gray hat hackers. For it to be ethical, it must: Have permission Be worked on securely notify admins when weaknesses are found
197
What are Firewalls?
They monitor network traffic and filter data packets based on agreed rules. Routers and dedicated hardware contain firewalls, they can: Block Packets Connections from certain regions
198
What is the structure of a data packet?
Header Data Trailer
199
How do firewalls work?
Packet filtering is done by looking at the addresses on the packet header. (first generation) Stateful Inspection is done by looking at the data context. (second generation)
200
What are some security measures (2)?
Design Stage Planning Audit Trails Securing Operating Systems Good Programming Practices
201
What is Design Stage Planning?
It is threat modeling, basically just analysing vulnerabilities from a theoretical attacker’s view.
202
What are Audit Trails?
These are system records kept, which can trace security issues.
203
What is Securing Operating Systems?
Limit User Accounts Directory Permissions Strong Passwords Limit automatic softwares Install patches and update new versions
204
What is the internet?
It is the worldwide collection of networks that use the internet protocol suite, TCP/IP.
205
What is the World Wide Web?
It is the collection of web pages hosted on web servers.
206
What is the difference between the WWW and the Internet?
The WWW is the resources on the internet, whilst the internet is the hardware.
207
What are URLs?
They are addressers to specific web resources.
208
What is the structure of a URL?
Network Protocol → Domain Name → File Names
209
What is an IP address?
It is an address that uniquely identifies devices on a network. IP addresses are denary, but also uses 8 bit binary, it is: assigned by the ip temporary, like in ram defines geographic locations
210
How does the internet work?
Data transverses throughout international servers.
211
How does data get to a certain device?
The international routers uses the destination IP address of the packet to identify where to send the packet. Routing algorithms will determine the best route to get there.
212
What is the method of data transmission?
Packet Switching
213
What is Packet Switching?
There is no fixed paths, but each packet can take different routes, packet heads contain packet numbers, MAC and IP addresses as well as the protocol. The trailer has a validation checks.
214
what are ISPs
internet service protocol are companies that provide users with access to the internet
215
what are IP addresses
IP address is used to identify a device (on the Internet / network) 32-bits changes as you move because static or dynamic ipv4 and ipv6 assigned by ISP address is unique for given Internet session 256.342.34.235
216
what are MAC addresses
hardware/physical address unique number that identifies a device (connected to the Internet) address is made up of manufacturer id + serial number of device address is allocated by the manufacturer 48 - bits 1st half is manufacturing 2nd half is serial number does not change/ static only part on Number identification card
217
what is hypertext transfer protocol
a set of rules obeyed when transferring files across the internet
218
parts of URL
access protocol domain name file name
219
What is the Internet?
A global infrastructure of interconnected networks
220
What is the World Wide Web?
All of the web pages that are accessible via the Internet.
221
What is a URL and what does it stand for?
Uniform Resource Locator Each web page has its own unique text-based address
222
What is the https part of a URL called?
Protocol
223
What is the www part of a URL called?
Host
224
What is the disney.co.uk part of a URL called?
Domain Name
225
What is the index.html part of a URL called?
Web page / file name
226
What is a protocol?
A set of rules for communication between devices. It allows equipment from different suppliers to work together
227
What does HTTP stand for?
HyperText Transfer Protocol
228
What is HTTP?
The standard transmission protocol of the Web
229
What is HTTP?
The standard transmission protocol of the Web
230
What is the problem with HTTP?
Any data you enter into the site is sent in plaintext and is susceptible to hacking
231
What does HTTPS stand for?
HyperText Transfer Protocol Secure
232
What is HTTPS?
A secure protocol that encrypts any data sent between the website and your browser so that it can’t be understood if intercepted.
233
What are the functions of a browser?
Storing bookmarks and favourites Recording user history Storing cookies Providing navigation tools Allowing use of multiple tabs Providing an address bar
234
What does HTML stand for and what is it?
Hypertext Markup Language The standard markup language for creating web pages
235
What is an IP address?
A public address that is unique to each device. Every networked computer has an IP address
236
What does a Domain Name Server do?
It converts a URL address into an IP address This means that a browser on a client machine can make a request to the correct web server hosting that web page
237
What does a Domain Name Server do?
It converts a URL address into an IP address This means that a browser on a client machine can make a request to the correct web server hosting that web page
238
What happens if the DNS server doesn’t have an entry for the domain name?
It passes the request to a more authoritative DNS server. An error is sent back if no match is found.
239
What are cookies?
Text files with small pieces of data
240
What do cookies do?
They are used to track user preferences, hold items in a shopping cart, store login details and other personal details
241
What are session cookies?
They are created and replaced each time a user visits a website
242
What are persistent cookies?
They are created and saved on the first visit and retained until they expire
243
What advantages come from using cookies for a retailer on an online shopping site?
The retailer can send personalised email advertisements to customers The retailer can analyse quantity and value of sales/advertising The retailer can implement one-click purchasing
244
What are the advantages for the user when visiting an online shopping site that uses cookies?
They will not need to remember login details They can use one-click purchasing Websites will remember their personal customisations
245
What is digital currency?
Any money-like asset that only exists in digital form. It is exchanged digitally with no physical banknotes or coins in circulation
246
Why are digital currencies gaining in popularity?
Can transfer funds without the intervention of private banks Reduced transfer fees and sped-up transaction completion time Improves security and anonymity
247
What is a blockchain?
A digital ledger –> a time-stamped series of transaction records sequentially linked in a chain, tracking the movement of a digital currency
248
How does blockchain work?
Each new transaction is added onto a chain of transaction blocks Each block will carry the user’s ID number and a reference to the previous block. This is known as a hash total and is calculated with a hashing algorithm A change of data in one block will create a ripple effect of incorrect hash totals The blockchain will be stored on multiple different servers, and if one chain doesn’t match all others, it will be rejected
249
What is digital currency
currency (a system of money) that exists in electronic form only;
250
What is cryptocurrency
a form of digital currency that uses a chain of decentralised computers to control and monitor transactions
251
What is cryptography
the protection of data/information by use of coding; it usually involves encryption and decryption
252
What is a blockchain
is a digital ledger, that is a time-stamped series of records that cannot be altered
253
What is a timestamp
a digital record of the date and time that a data block is created in blockchain networks
254
4 things a block contains
Data Hash value Previous hash value time stamp
255
Why is tampering prevented
Because altering one block will change its hash value and break the link to the following blocks - invalidating the whole chain.
256
What is hacking?
Automated or manual attempts to gain unauthorised access to programs or data
257
How to protect against hacking?
Firewall to block access by unauthorised devices
258
What is a brute force attack?
Automated or manual attempts to gain unauthorised access to secure areas by trying all possible password/key combinations
259
How to protect against brute force attacks?
Strong passwords Limited attempts allowed
260
What is data interception and theft?
Data may be intercepted during transmission, but physical theft can occur where storage devices or data files are left insecurely
261
How to protect against data interception and theft?
Encryption Passwords Physical locks
262
What is spyware?
Software that hides on your computer and records your activities to send back to a third-party for analysis
263
How to protect against spyware?
Anti-malware Anti-spyware software
264
What is phishing?
Phishing emails redirect a user to a fake website where they trick the reader into divulging confidential information such as passwords that can be used fraudulently
265
How to protect against phishing?
Network policy Firewall User awareness of phishing ‘clues’
266
What is pharming?
Sends the user to a fake website that looks like the real thing. The user types in a legitimate address and is redirected to a fake website
267
How to protect against pharming?
Checking the URL Making sure the site says HTTPS, not HTTP
268
What is malware?
Checking the URL Making sure the site says HTTPS, not HTTP
269
What is malware?
Malicious software written to cause inconvenience or damage to programs or data
270
What is a virus?
A program that is installed on a computer without the user’s knowledge or permission with the intent of doing harm. It includes instructions to replicate automatically on a computer
271
What is a worm?
A program that is similar to a virus, except it cannot self-replicate
272
What does anti-virus software do?
Software that runs on a computer checking all files for known viruses It must be updated regularly
273
What is a Trojan horse?
A program that masquerades as having one legitimate purpose, but it actually has another
274
How does a Trojan horse work?
A link is spread by email The user is invited to click on a link for an everyday purpose This link then executes a program which gives the controller unauthorised access to the computer
275
What is ransomware?
A form of malware that encrypts a victim’s files.
276
How does ransomware work?
A ransom is demanded from the attacker in return for instructions on how to decrypt the files
277
What is adware?
A malware that displays onscreen advertisements. It is not always dangerous, but could redirect the browser to an unsafe site
278
What does DDoS stand for?
Distributed Denial of Service
279
What is a DDoS attack?
A malicious attempt to disrupt the normal traffic of a targeted server with a flood of Internet requests
280
How does a DDoS attack work?
Multiple interconnected devices in different locations establish a botnet The attacker is then able to direct the attack by sending remote instructions to the bots to send requests to the target’s IP address The server becomes overwhelmed, and genuine requests cannot be handled The server fails or times out
281
How can you protect against DDoS attacks?
A firewall can filter through requests to separate the genuine and fradulent requests
282
What are biometrics?
Pre-recorded characteristics to authenticate authorised users of a system/device
283
What are some examples of biometric authentication?
Facial recognition Iris and retina scanners Fingerprint recognition Voice recognition
284
What is two-step verification?
Two authentication methods performed one after the other to prove someone’s identity
285
What are automatic software updates?
These updates will keep applications and the OS up-to-date. This enables bugs and security flaws in the software to be fixed with a patch
286
What does SSL stand for?
Secure Socket Layer
287
What does SSL stand for?
Provides a secure channel between two computers or device operating over the internet
288
What is SSL used for?
SSL is used to secure communication between a web browser and a web server. It will then use an HTTPS address for the website Similar to asymmetric encryption
289
What can privacy settings allow a person to do?
Control what information about them is shared on a social media platform. A user can control who has access to what they post, and who can see their full profile
290
What could be counted as a proxy server?
Any machine that checks and forwards traffic between networks or protocols.
291
What does a proxy server do?
It’s an intermediary server that separates end-user clients from their destination site. It can provide varying levels of functionality, security and privacy.
292
Why does data need to be kept safe?
Accidental damage could occur, such as file corruption and human errors Malicious actions may be taken by other people to view, delete, copy and/or corrupt data without authorisation
293
What is SSL?
Secure Socket Layer Provides secure connection between internet browser and websites Allows transmission of private data Indicated by padlock sign on the web browser (sometimes the address bar is green) Uses two keys to encrypt the data: a public key known to everyone and a private key only known to the recipient URLs that require an SSL connection start with ‘https’ e.g. e-commerce shops use SSL to keep credit card details secret
294
What is symmetric encryption?
A type of encryption where the same key is used to encrypt and decrypt the message. This differs from asymmetric (or public-key) encryption, which uses one key to encrypt a message and another to decrypt the message. Increasing the length of the key increases the strength of the encryption.
295
Define network
A computer network is a number of computers linked together and able to communicate using certain protocols. Networked computers can share resources including hardware, software and data. Most computer networks have at least one server.
296
List some advantages of using networks
Advantages: Easy, efficient communication by emails, instant messaging, telephony, video conferencing, chat rooms, etc. Ability to share files, data and information (beneficial for large organizations to organise data and allow certain people access to data) Saves costs by sharing hardware (e.g. printer) and software (site licences are likely to be cheaper than buying several standalone licences) Sensitive files and programs on a network can be password protected. Rapid sharing and transferring of files, saves time while maintaining the integrity of files
297
List some disadvantages of using networks
Disadvantages: Possibility of breakdowns and loss of resources Expensive to build Managing a large network is complicated, requires training and a network manager usually needs to be employed Viruses can spread to other computers in the network Danger of hacking, particularly with wide area networks. Security procedures are needed to prevent such abuse, e.g. a firewall.
298
Define protocol
Pre-agreed signals, codes and rules that are used between two or more computer systems to exchange data and information
299
Define internet
The internet is a global computer network providing a variety of information and communication facilities, consisting of interconnected networks using standardized communication protocols. It is a network of networks that consists of millions of private, public, academic, business, and government networks, of local to global scope, that are linked by a broad array of electronic, wireless and optical networking technologies. The Internet carries an extensive range of information resources and services, such as the inter-linked hypertext documents of the World Wide Web (WWW) and the infrastructure to support email.
300
Define web browser
A piece of software used to view and download web pages and various types of files such as text, graphics, sound and video.
301
List the typical functions offered by web browsers
Displaying web pages Browsing back and forward between web pages Customisation of basic options such as your homepage, content censorship and security preferences Bookmarking History Offline browsing Downloading Search engines E-mail
302
Define server
A combination of computer and software that provides a service to other client computers or application programs.
303
What is an Internet server?
This is a computer with specific web server software that provides clients with access to web pages
304
Define client
Client devices send requests for services, e.g. printing or retrieval of data to specific server devices that perform the requested processing
305
What is an Internet Service Provider (ISP)?
A company that provides you with access to the Internet, usually for a fee. The most common ways to connect to an ISP are by using a phone line (dial-up) or broadband connection (cable or DSL). Examples : STC, Mobily, Zain, etc.
306
What is http?
Hypertext transfer protocol (http) is the underlying protocol used by the World Wide Web which defines (1) how messages are formatted and transmitted, and (2) what actions Web servers and browsers should take in response to various commands. For example, when you enter a URL in your browser, this actually sends an HTTP command to the Web server directing it to fetch and transmit the requested Web page.
307
What is https?
Hypertext transfer protocol over secure (https) is a secure method of accessing or sending information across a web page. All data is encrypted before it is sent, preventing anyone from understanding that information if intercepted. Because data is encrypted over https, it is slower than http, which is why https is only used when requiring login information or with pages that contain sensitive information such as an online bank web page.
308
What is HTML?
HyperText Markup Language (HTML) is the markup language used in creating web pages on the World Wide Web. A document Markup Language is a modern system for annotating a document in a way that is clearly distinguishable from the text.
309
Distinguish between HTML structure and presentation
Structure consists of the mandatory parts of an HTML document plus the semantic and structured markup of its contents. Presentation is the style you give the content. In most cases presentation is about the way a document looks, but it can also affect how a document sounds – not everybody uses a graphical web browser. Separate structure from presentation as much as possible. Ideally you should end up with an HTML document which contains the structure and content, and a separate CSS file which contains everything that controls presentation.
310
What is TCP/IP?
IP: internet protocol TCP: transmission control protocol, it performs handshakes, packet sequencing, flow control and error handling Extremely popular protocol on which the internet is based Data is broken up into independent small packets Size of the packet is up to the network designer (typically they start from 512 bits upwards)
311
What is an IP address and why is it used?
An Internet Protocol (IP) address is a unique identifier for computers on the internet —Each device that is part of a network using TCP/IP (normally internet) has to have an address to be able to identify itself and be allowed to use the network. Static IP addresses are fixed, dynamic addresses change frequently.
312
What are the two forms of IP address and how do they differ?
IPv4: —Uses 32-bit addresses There are not enough addresses for all computers on the internet, as some addresses are reserved for certain purposes or for certain companies IPv6: Uses 128-bit addresses Solution to the problem of not having enough addresses
313
What is the format of an IPv4 address?
Four numbers separated by periods (in the form w.x.y.z.) Each number is an 8-bit binary number between 0 and 255, making up a 32-bit address Each number group in the address sub-divides the network to which the computer is connected with the final number being the actual computer. 11000000.10101000.00000000.11001011 192.168.0.203 Network address Host address
314
What is a MAC address?
Stands for Media Access Control Also known as a hardware address or physical address Uniquely identifies each node of a network (A node is a processing location – a network adapter or any device with built-in network capability) While an IP address can potentially be assigned to any device, a MAC address is ‘burned into’ a given device from the factory – it is hard-coded into the network interface card (NIC) by the manufacturer
315
How are MAC addresses used?
Uniquely identifies an adapter on a LAN Allow communication between devices on a local network by making it possible to reliably distinguish one computer from another Increase security as cannot be impersonated If you set up a WiFi one of the things you can do to improve security is to only allow devices with certain MAC addresses to connect to the network. When a data packet is being sent out to a station that is on the same network LAN segment, only the MAC address is needed.
316
What is the format of a MAC address?
Six pairs of hexadecimal digits (48 bits in length), usually separated by colons or dashes 01:1F:33:68:BC:14 OR 01-1F-33-68-BC-14 Organisational Unique Identifier (OUI) *Identifies the company that manufactured or sold the product Universallv Administrated Address (UAA) *Specific to the device, like a serial number
317
What is the format of a MAC address?
Six pairs of hexadecimal digits (48 bits in length), usually separated by colons or dashes
318
What are cookies and why are they used?
A message given to a Web browser by a Web server. The browser stores the message in a text file. The message is then sent back to the server each time the browser requests a page from the server. They are used: to enable logon information to be kept on the computer to provide customised pages the next time the user logs on, e.g. customised adverts to implement shopping carts and one-click purchasing to be able to distinguish between new and repeat visitors to the website
319
Standalone computer
A computer that is not connected to a network
320
Network
An arrangement of two or more computers that are connected together for the purpose of sharing resources and data
321
Internet of Things (loT)
A network of physical objects that use sensors, actuators, embedded systems and wireless technology such as WiFi and bluetooth to collect and exchange data with no human interacion
322
VoIP
Voice internet protocol
323
LAN
Local Area Network
324
WAN
Wide Area Network -Bank / hotel chain network
325
WLAN
Wireless Local Area Netwrok - Hand held scanners
326
Wireless Local Area Netwrok - Hand held scanners
A computer connceted to a network used to coordinate (store and share) huge amounts of data
327
Latency
The time it takes for a message to transfer (ms). AkA ping
328
Internet
An interconnected network or network of networks. Most networks are part of the internet. Consists of multiple cables or links that connect countries together, and can be though of as the backbone.
329
Packet switching
Breaking down a large amount of data into small packets, each packet is independent from one another Each packet is tagged with: Source address Destination address Sequence number of the packet total number of packets being sent
330
Router
Manages communication on the network. Can have a built-in wireless access point (WAP)
331
TCP
Transmission Control Protocol Responsible for delivering data to a given address
332
Modem
Modulator / Demodulator
333
HTTP
Hyper Text Transfer Protocol
334
SMTP
Simple Mail Transfer Protocol
335
Network topology
A Network topology is the arrangement with which computer systems or network deveices are connected to each other
336
Bus topology
In a bus topology, all nodes in the network are connected directly to a central cable that runs up and down the network
337
Ring topology
Each node is connected with two other deveices
338
Star typology
All nodes indirectly connect to each other through 1 or more switches. The switch acts as a central point through which all communications are passed.
339
Mesh topology
There is no central connection point. Instead each node is connected to at least one other node
340
Avantages of bus topology
Easy to install -Cheap to install
341
Disadvantages of bus topology
-If the central cable fails the whole networks fails and stops working
342
Advantages of Ring topology
No data collisions, as the data only flows in one directions
343
Disadvantages of ring topology
If the main cable fails, the network fails
344
Advantages of star topolgy
If a cable fails, the whole network will not fail and other computers can still work High performance as there are no data collisions
345
Disadvantages of star topology
It is expensive to build as it requires more hardware such as switches and wires
346
Advantages of mesh topology
Manages a large amount of data as computers can trasnmit data simultaneously If a cable fails, the network still works
347
Disadvantages of mesh topology
-It is expensive to build - It requires much more time to repair or build
348
IP
Internet protocol Responsible for obtaining the address to which data is sent. A set of rules that govern data transfer in the internet
349
TCP/IP
Layered protocol stack Collection of protocols It sets how data should be formatted and transmitted across networks
350
Web Server
Holds and shares web pages
351
File server
Holds and maintains user files
352
Mail server
Handles emails between users
353
Network speed
File size / time
354
Standalone computer
A computer that is not connected to a network
355
Network
An arrangement(or group or setup) of two or more computers that are connected together for the purpose of sharing resources and/or data.
356
Internet of Things (IoT)
A network of physical objects that use sensors, actuators, embedded systems and wireless technology such as WiFi, Bluetooth and Zigbee, to collect and exchange data, with minimal or no human interaction.
357
VoIP
Voice of Internet Protocol
358
LAN
Local Area Network Example: - School network
359
WAN
Wide Area Network Example: - Bank network
360
WLAN
Wireless Local Area Network Example: - Hand held scanners
361
Server
A computer connected to a network used to coordinate(store and share) vast amounts of data.
362
Latency
The time it takes for a message to transfer (ms). Also known as ping.
363
Internet
An interconnected network or network of networks. Most networks are part of the internet. Consists of multiple cables or links that connect countries together, and can be though of as the backbone.
364
Packet switching
Breaking down a large amount of data into small packets, each packet is independent of one another. Each packet is tagged (has a header) with the recipient and source IP, checksum and a sequence number for the packets to be put back in order at the destination and checksum
365
Server
A computer connected to a network used to coordinate(store and share) vast amounts of data.
366
Network topology
A Network Topology is the arrangement with which computer systems or network devices are connected to each other.
367
Bus topology
In a bus topology, all nodes in the network are connected directly to a central cable that runs up and down the network. Advantages: - Cheap since little cabling needed - It still works if a node fails - Easy to add extra devices Disadvantages: - If the central cable is damaged the network stops working - More devices, slower since more collisions - All nodes can access all traffic can be security risk
368
Ring topology
In a ring topology network, each node is connected to two other devices.
369
Star topology
In a star topology, all nodes indirectly connect to each other through one or more switches. The switch acts as a central point through which all communications are passed. Advantages: - Still works if a node fails - Damaged cable doesn’t stop the network from working - Data traffic only sent to intended recipient, secure - Easy to add extra nodes Disadvantages: - If central node fails, network stops working - Network capacity depends on central node’s capacity - Many cables, expensive and difficult to set up
370
Mesh topology
In a mesh topology, there is no central connection point. Instead, each node is connected to at least one other node. Advantages: - Very fault tolerant, if a connection fails, message is re-routed - Nodes can be added/removed without having take network offline - Very scalable - Very high performance, each node is connected to many other nodes Disadvantages: - Many cables, difficult and expensive to set up
371
Router
Manages communication on the network. Can have a built-in wireless access point (WAP).
372
TCP
Transmission Control Protocol Responsible for delivering data to a given address (packet switching) Transport layer
373
Modem
Modulator/Demodulator
374
HTTP
Hyper Text Transfer Protocol Application layer
375
SMTP
Simple Mail Transfer Protocol Application layer
376
IP
Internet protocol Responsible for obtaining the address to which data is sent. Internet layer
377
TCP/IP
Layered protocol stack (Application layer, Transport layer, Internet layer, Link layer) Collection of protocols It sets how data should be formatted and transmitted across networks
378
Web server
Holds and shares web pages
379
File server
Holds and maintains user files
380
Mail server
Handles emails between users
381
Methods to protect networks
Access control: Ensures that only authorised users can access the network and its resources Authentication (User management) : Ensures that users can only access data relevant to them File permissions: Prevents misuse: deleting/copying data, installing software Physical security: Prevents damage to hardware Firewall: Acts as a barrier between an organisation’s internal network and the internet. Inspects incoming and outgoing data traffic and decides what data to allow through
382
Importance of network security
Business success: data on the network is vital for running an organisation, it might fail if comprimised Privacy: data on the network might be sensitive Financial: the data might be financially valuable
383
Vulnerabilities of the cloud
Cloud data centres attract many attacks due to the vast amount of information stored, sensitive data is best stored locally.
384
Ethical hacking
Looks for weaknesses in software and systems by trying to penetrate into them so that they can be addressed.
385
Penetration testing
Used to test a computer system or network in order to find vulnerabilities
386
Social engineering
Exploiting human behavior. The attacker will ‘engineer’ a situation where the target individuals give away confidential information
387
Unpatched software
Someone can exploit a vulnerability in an unpatched (unfixed) software that still has that vulnerability
388
Anti-malware software
Prevents infection by malware by searching for it and destroying it
389
Encryption
Scambles data for anyone who doesn’t have the key to unscramble it.
390
Asymmetric encryption
Uses two different keys Every user has two keys (public and private) A message encrypted with a public key can only be decrypted with its private key
391
Symmetric encryption
Uses one key Encrypts and decrypts data using the same key Both ends of the transmission must know the exact shared key
392
Link layer
Ethernet Wi-Fi
393
Internet layer
IP
394
Transport layer
TCP
395
Application layer
FTP HTTP HTTPS SMTP POP IMAP
396
POP
Post Office Protocol Used by a client to retrieve emails from a mail server, message deleted on download, it will be stored on the device it was read/downloaded from
397
IMAP
Internet Message Access Protocol Similar to POP but messages can be read and stored on the message server. The message left on the server on read. Hence accesible from any device
398
Package switching verification
Checksum for package computed before leaving the computer Checksum added to the header At recipient, checksum is re-computed If don’t match, re-send request is sent back
399
What do computer networks enable? Give at least 2 examples of possible uses. HINT: ANSWER GIVES 5.
Computer networks allow computers and devices to share data. This includes: 1. computer-to-computer communication 2. mobile phone networks 3. computers communicating with devices such as printers, mice and keyboards 4. smart televisions 5. tablets and media players downloading videos and music and playing them through external devices such as speakers and digital projectors.
400
What does LAN stand for?
Local Area Network
401
When are LANs used?
Computers in a site such as an office building use an LAN to connect with each other.
402
What is a LAN?
An LAN is a computer network for data transmission within a small geographical area such as a home, office or school or a group of buildings on a site.
403
What does WAN stand for?
Wide Area Network
404
When are WANs used?
WANs are used for connecting LANs over a large geographical area.
405
What is a WAN?
A WAN is a network that connects separate LANs over a large geographical area. This ensures that computers in one location can communicate with computers and users in other locations.
406
True or false: The internet is a huge WAN.
True.
407
What are the two network types?
Client-server networks and peer-to-peer networks
408
When are peer-to-peer networks used?
Peer-to-peer networks are used to connect a small number of devices, for example in a home or office where there are just a few users.
409
Give two advantages of peer-to-peer networks:
easier to set up and maintain cheaper
410
Give two disadvantages of client-server networks:
more expensive to set up and maintain as a more powerful computer is required to act as the server and network software is required specialist knowledge is needed to administer the network
411
In client-server networks, what are the servers?
The computers that control access to the network
412
In client-server networks, what are the clients?
The computers on which the users work - computers that act as a desktop for the users and which relies on a server for its operations.
413
Explain how a client-server network works.
In a client-server network there are two types of computers: the computers that control access to the network (servers) and the computers on which the users work (clients). From the client machines, the users log into the network servers in order to be able to access programs and peripherals to save data on the servers. The server is therefore responsible for the security of the network, expecting users to log in with a username and password. As all files are stored on the server the data can be backed up centrally.
414
True or false: In a peer-to-peer network, all computers are equal.
True. The computers are simply connected together without any one computer having superiority over the others.
415
Explain how a peer-to-peer network works.
In a peer-to-peer network, the computers are simply connected together without any one computer having superiority over the others. All of the computers on a peer-to-peer network are equal. Through sharing rights granted by the users any computer can share thee programs of another, save data onto their hard disk and use printed connected to them. Each computer acts as both a client and a server and can communicate directly with all of the others. Security is distributed and the users of each computer have to be able to grant access rights to its resources and allot passwords. As data is stored on all f
416
Explain how a peer-to-peer network works.
In a peer-to-peer network, the computers are simply connected together without any one computer having superiority over the others. All of the computers on a peer-to-peer network are equal. Through sharing rights granted by the users any computer can share thee programs of another, save data onto their hard disk and use printed connected to them. Each computer acts as both a client and a server and can communicate directly with all of the others. Security is distributed and the users of each computer have to be able to grant access rights to its resources and allot passwords. As data is stored on all of the computers and is not held centrally, all the users are responsible for backing up procedures.
417
What does a computer need to connect to a network?
A computer needs some hardware and also some software that allows it to communicate with the other computers.
418
What are the most commonly used cables to connect devices?
Twisted pair cables
419
What are twisted pair cables?
Cables in which pairs of copper wires are twisted together and carry electrical signals.
420
What are optical fibre cables made of?
Glass
421
What are microwaves in computer science?
Electromagnetic waves that can be used to carry data between computers.
422
What are protocols?
Agreed rules for requesting and sending data across networks.
423
What is the motherboard?
The main printed circuit board of the computer; it has connectors that other circuit boards can be slotted into.
424
What are optical fibre cables?
Cables which are made of glass and transmit information encoded in beams of light. They are much faster than twisted pair cables at transmitting data.
425
What does NIC stand for?
Network Interface Card
426
What is the NIC (Network Interface Card) also known as?
Network adapter
427
What does the NIC/Network adapter do?
It is a component that connects a computer to a network. It formats the data sent from the computer into a required format according to the protocols (rules) of the network.
428
Where is the NIC built into?
The motherboard
429
True or false: NICs support both wireless and wired connections.
True
430
What does MAC stand for?
Media Access Control
431
Every NIC is created with a hardware number permanently burned into it. What is this called?
The MAC (Media Access Control) address.
432
What is the purpose of a MAC address?
Every MAC address is unique so that all data on a network can be sent to the correct component . MAC addresses are 48 bits in length, usually displayed as a 12-digit hexadecimal number.
433
What do network switches allow?
Network switches allow individual devices to connect to a network using cables.
434
How do network switches work? HINT: 5 POINTS
all of the computers on a network plug into a port on the switch using a cable. switches read the messages passing through them. they can read the destination addresses and send them to only the intended computers. they can do this because they build up a table of MAC addresses on the network to cut down on unnecessary network traffic. switches can send and receive information at the same time.
435
What is network traffic?
The overall network usage caused by all of the data that is being transmitted at a given time.
436
What do computers need an NIC or network adapter for?
To connect to a network.
437
What are switches used for?
To allow messages to be transmitted between computers in a single network.
438
What are routers used for?
To transmit messages between computers on different networks.
439
Give two ways to carry data across a network:
cables radio waves
440
Why are routers similar to switches?
Routers and switches both read the address information and forward the messages to the correct network. A switch does this within a single network, but a router does this across several networks.
441
What are routers commonly used for in the home?
Routers are commonly used in the home to allow many computers to access one internet connection. The router links the home network to the Internet. The router will transmit the incoming web pages, streamed audio, etc. to the correct computer on the network.
442
What does WAP stand for?
Wireless Access Point
443
What do wireless access points allow?
Wireless access points allow wireless devices to connect to a wired network.
444
How do wireless access points work?
Wireless access points convert data they receive through cables into a wireless signal (and vice versa) to allow wireless devices to connect to a wired network.
445
True or False: Wireless access points can direct messages to particular devices
False. Unlike switches, they CANNOT direct messages to particular devices.
446
What is a web server?
A computer that can serve world wide web pages to other computers that request them.
447
What is the Ethernet?
A set of technical standards for connecting computers.
448
What is frequency?
The number of waves per second.
449
What is Wi-Fi?
A set of technical standards or protocols for short-range connection of digital devices using radio waves.
450
What is bluetooth?
A set of technical standards or protocols for short-range connection of digital devices using radio waves.
451
What is bandwidth?
Bandwidth is the amount of data that can pass through a transmission medium per second.
452
What is bandwidth measured in?
Bits per second (bps) or megabits per second (Mbps) - bandwidth is a measure of how many bits can get through a particular point in a second.
453
How does a copper wire carry data?
Copper wires carry the data as electric currents.
454
How does a fibre optic cable carry data?
Fibre optic cables transmit data as pulses of light generated by a LED or laser.
455
What does LED stand for?
Light Emitting Diode
456
Name 3 advantages of fibre optic cables over copper wire cables:
Far greater bandwidth Can carry signals much faster Can travel over greater distances without needing to be boosted
457
True or False: Radio waves are a type of microwave.
True.
458
What do microwaves consist of?
Electromagnetic radiation travelling in waves with a frequency higher than 1 GHz.
459
Radio waves can transmit data across networks in what range of frequencies?
Radio waves are used to transmit data across networks in frequencies of between 2.4 and 5 GHz.
460
What is The Internet?
The Internet is a global system of interconnected computer networks which serves billions of users worldwide - this makes it a wide area network.
461
Name 2 services The Internet provides:
Email World Wide Web (www)
462
Who first proposed the World Wide Web?
British scientist, Tim Berners-Lee
463
When was the World Wide Web proposed by Tim Berners-Lee?
1989
464
When was the first website launched?
Time Berners-Lee launched the first website in 1990.
465
What is a host?
A host is a computer which can be accessed by users working at remote locations using networks, including the internet.
466
What do web hosting companies do?
Web hosting companies rent space on their servers where people can develop their own websites that can be accessed by users all over the world using the World Wide Web.
467
How many host computer systems were there in 1969?
4 - today there are 10s of millions.
468
When was The Internet Society established?
1992
469
Why was The Internet Society established?
It was established to oversee the policies and protocols that define how we use and interact with the Internet.
470
How does a DNS work?
A DNS (Domain Name Server) is used to translate the URL to an IP Address. It does this by sending the domain name to the DNS, then, the DNS finds the corresponding IP Address of the domain name sent. This IP address is sent back to the browser. Finally, the browser uses the IP address to access the web page.
471
What is HTTP?
HTTP is a set of rules that is used to send data across the internet.
472
What is HTTPS?
This is a protocol that ensures a secure connection is made between the devices before engaging in the transfer of data. The data packets are encrypted before they are sent across the internet and decrypted once they reach their destination. HTTPS uses SSL and TLS
473
How does SSL encryption work?
The web server sends a copy of its SSL certificate to the web browser The web browser confirms the legitimacy of the certificate If legit, the web browser sends a signal back to let the web server know Connection begins
474
What are some important data security measures?
1) never save passwords for quick access 2) never give out credientials 3) use a strong password 4) frequently change password
475
What are the four different folder access levels?
1) Read 2) Write 3) Execute 4) None
476
What can a user do when he has the “read” folder access level?
Can access files or directories, user can only read and not make any changes
477
What can a user do when he has the “write” folder access level?
Ability to also modify the file
478
What can a user do when he has the “execute” folder access level?
Ability to execute a file. (executable programs need this permission to allow the OS to run them)
479
What can a user do when he has the “none” folder access level?
Total access for all users
480
What do humans access information through?
Domain names
481
What do all web browsers interact through?
Internet Protocol addresses (IP)
482
What does the domain name system do?
Translates domain names to IP addresses so browers can load internet resources
483
What does each device that is connected to the internet have?
A unique IP address
484
The URL/website is input by the user, and the website is outputted as an _____ address
IP(v4)
485
What are network speeds measured in?
mbps
486
How many ways are there to set up a LAN?
three! (bus, star and ring)
487
What stops signals from reflecting back down the bus?
A terminator at the end of a cable
488
What is specific about a ring network?
Each device is connected in a ring so each is connected to two other devices
489
How does a ring network work?
Each data packet on the network travels in one direction. Each device receives each packet in turn until the destination receives it.
490
What is specific about a star network?
Each device on the network has its own cable which directly connects to a swtich or hub.
491
Which method is the most popular for setting up your LAN?
Star network
492
What do computers need to make a wireless connection?
a wireless NIC
493
What does a wireless router do?
A wireless router is connected to a physical network (ethernet) and uses radio signals
494
What does a wireless adapter (in a wireless router) do?
Converts data into a radio signal and also decodes it so that the computer can understand it
495
What does Firewall do?
It examines the traffic coming in and out of the network And ensures the traffic meets a certain criteria If traffic does not meet the criteria, it will block the traffic and warns the user of a possible security issue Firewall also can add undesirable IP addresses onto a blacklist so it cannot be accessed
496
What does Proxy server do?
A proxy acts as an intermediary between the user’s computer and a web server so it prevents direct access to the webserver. It filters traffic and will block requests to certain websites if needed. It can prevent hacking and DDOS of the web server.
497
What is HTML?
Hypertext Markup Language, a standardized system for tagging text files to achieve font, colour, graphic, and hyperlink effects on World Wide Web pages.
498
How old is HTML?
It was first developed by Tim Berners-Lee in 1990
499
What does an .html file need to contain, in order to be valid?
It needs to contain and
500
Name 5 different html elements:
Image, heading, table, link
501
What does do?
Anchor - used in to make a hyperlink
503
What elements can a contain?
It allows authors to arrange data – text, preformatted text, images, links, forms, form fields, other tables, etc. – into rows and columns of cells.
504
How do you tell an image how wide and high it should be?
Using width='' ” and height='' ”
505
How can you give an element a class?
Eg. img src=”example.png” width=”400” height=”400” class=”onetwothree”
506
What is CSS?
Cascading Style Sheets is a style sheet language used for describing the presentation of a document written in a markup language like HTML.
507
How do you include a .css file inside your .html file?
In the same folder as the .html file, put the style.css file, and in the .html file, say:
508
How can you tell an element to have a color for it’s background?
In style.css, .example{ background-color: rgb(200,300,200); }
509
How do you select an element based on it’s class?
Put “.” + “name of class”
510
What would the css selectors for all images look like?
.img{ //something }
511
What would the css selectors for anchors with a class of “special” look like?
.special{ //something }
512
What would the css selectors for all anchors inside paragraphs that have a class of ‘special’ look like?
p::special{ //something }
513
What would the css selectors for all button with a class of ‘special’, while you’re hovering over them look like?
b::special::hover{ //something }
514
How would you center an element vertically and horizontally?
Use margin:auto