5.3 - Cyber Security Flashcards
Brute - force attack
-A brute-force attack is a type of cyber security attack that tries to guess a password or encryption key by trying every possible combination of characters
-This can be done by using a computer program to automatically generate and test different combinations
Data interception
- stealing data as it is being transmitted between two computers
-This can be done by using a variety of techniques, such as sniffing, packet injection, and man-in-the-middle attacks
Distributed denial-of-service (DDoS) attack
- overwhelms a website or server with traffic, making it unavailable to legitimate users
-This can be done by using a botnet, which is a network of compromised computers that can be controlled by a hacker
Hacking
- involves gaining unauthorized access to a computer system or network
- This can be done by exploiting vulnerabilities in the system or network, or by using social engineering techniques to trick the system’s administrator into giving the hacker access.
Malware (virus, worm, Trojan horse, spyware, adware, ransomware)
- Malware is a type of software that is designed to harm a computer system
- There are many different types of malware, including viruses, worms, Trojan horses, spyware, adware, and ransomware.
Phishing
- using deceptive emails, text messages, or even phone calls to lure you into clicking a malicious link or attachment
-These links often lead to fake websites that look like legitimate ones, such as your bank or social media platform - Once you enter your login credentials or other sensitive information on the fake site, the attacker steals it.
Pharming
- manipulating your computer’s settings or the DNS system to automatically redirect you to a malicious site, even when you type in the correct website address
- This is like the angler secretly changing the direction of your fishing line to a hidden trap.
Social engineering
-This broader strategy involves psychological manipulation to trick you into revealing information or taking actions you wouldn’t normally take
Access levels
prevent unauthorized access to sensitive data
Anti-malware
Anti-malware programs can detect and remove malware. For example, Norton AntiVirus provides real-time protection and automatic updates to safeguard your computer
Authentication
Username and Password: The most common form of authentication. For example, logging into your email requires a username and password.
- Biometrics: Use physical characteristics like fingerprints or facial recognition for access. Smartphones often have biometric security.
- Two-Step Verification: Adds an extra layer of security by requiring a second form of verification, like a code sent to your phone, in addition to your password.
Automatic software updates
Automatic updates keep systems secure. Microsoft Windows Update can automatically download and install security patches.
Checking the Spelling and Tone of Communications
Phishing emails often contain spelling errors. Companies train employees to spot such errors to avoid falling for scams
Checking the URL Attached to a Link
Before clicking on a link, check if the URL looks legitimate and matches the expected destination.
Firewall
Firewalls can be software or hardware and protect networks by filtering traffic. For instance, the Windows Firewall protects your computer by blocking unauthorized access.
