5.3 Cyber security

Question 1

Brute force attack

Answer 1

The systematic method used by cybercriminals to crack passwords by trial and error with all possible combinations

Question 2

Word list

Answer 2

A text containing a collection of words used in a brute force attack

Question 3

Data interception

Answer 3

Attempt to eavesdrop on a wired or wireless network transmission; cybercriminals

Question 4

Packet sniffing

Answer 4

Method to intercept data, examine data packets being sent over network and send back to cybercrimnal

Question 5

Wardriving

Answer 5

Using laptop, antenna or gps device to intercept Wifi - signal

Question 6

Distributed denial of service attack

Answer 6

Denial of service attack(disrupt normal operation of a website, flooding it with requests) in which fake requests come from many computers

Question 7

Hacking

Answer 7

Act of gaining illegal access to a computer system without the owner’s permission.

Question 8

Malware

Answer 8

Programs installed on user’s computer with aim of deleting, corrupting or manipulating data illegally

Question 9

Virus

Answer 9

Programs that replicates itself with intention of deleting or corrupting files causing malfunctions

Question 10

Worm

Answer 10

Stand-alone malware;can self replicated unlike viruses, contain malicious code that can damage comp system.

Question 11

Trojan horse

Answer 11

Type of malware that is disguised as legitimate software, but contain malicious code

Question 12

Spyware

Answer 12

Type of malware that gather’s info by monitoring user’s activities on computer and sends gathered info back to criminal

Question 13

Adware

Answer 13

Type of malware that attempts to flood the end-user with unwanted advertising, usually not harmful in general

Question 14

Ransomware

Answer 14

Type of malware that encrypts data on user’s comp and holds data “hostage” asking for ransom

Question 15

Phishing

Answer 15

Sending out legimate-looking emails deceiving recipients into giving person details to the sender.

Question 16

Spear phishing

Answer 16

Phishing but targeted on single user

Question 17

Pharming

Answer 17

Redirecting user to fake website to gain personal data without their knowledge ; disguised(Uses DNS cache poisoning or switching IP addresses for redirection sometimes)

Question 18

Social engineering

Answer 18

Manipulating people into breaking normal security procedures, to gain access to computer systems or place malware.

Question 19

Access Levels

Answer 19

Levels of acces in computer system allowing a hierarchy depending on user’s level of security

Question 20

Anti-spyware

Answer 20

Software that detects and heuristically removes sypware programs on a system, based on particular rules or file structures

Question 21

Authentication

Answer 21

Proccess of proving user’s identity by using something they know or something unique to them

Question 22

Biometrics

Answer 22

type of authentication that uses a biological unique human characteristic

Question 23

Two-step verification

Answer 23

Type of authentication that requires two methods of verification to prove the identity of a user

Question 24

Firewall

Answer 24

Software or hardware that acts as filter between computer and external network

Question 25

Typo squatting

Answer 25

Subtle spelling errors in web adresses to decept users into visiting fake websites

Question 26

Proxy server

Answer 26

Server that acts as intermediary server through which internet requests are processed;often makes use of cache memory to speed up web page access

Question 27

Privacy settings

Answer 27

Controls available on social networking and other websites which allow users to limit who can access their profile or what they are allowed to see

Question 28

Secure sockets layer

Answer 28

Security protocol used when sending data over a network

Question 29

SSL certificate

Answer 29

A form of digital certificate which is used to authenticate a website; providing SSL certificate can be authenticated, any communication or data exchange between browser and website is secure

Question 30

Describe the steps taken by a cybercriminal when targeting their victim through social engineering

Answer 30

1. Victims are identified and researched 2.Victim is contacted and targeting using methods like phishing,pharming or trojan horse 3. Attack is executed, cybercriminals gets information 4. Cybercriminal removes traces

Question 31

Three features of a typical anti-virus software

Answer 31

Detects and removes virus on device Prevents user from downloading viruses Constantly updates it's "rules" of what a virus is

Question 32

Explain why firewalls are used

Answer 32

To filter info between web server and user's computer, to protect computers from cyberthreats such as hacking, malware, phishing and pharming

Question 33

Four tasks of a firewall

Answer 33

Checks if data transmitted qualifies particular set of data Helps prevent cyberthreats entering the network or user's device Logs all incoming/outgoing "traffic" Warns users about security issues or potential dangers