5.3 Cyber Security Solutions Flashcards

1
Q

What is a firewall?

A
  • A firewall can be software (installed on pc) or hardware (on router)
  • It helps prevent unauthorised access to a network or device
  • Checks incoming and outgoing data/traffic meets specific criteria
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Explain how a firewall works

A
  • Checks incoming and outgoing data/traffic meets specific criteria
  • Acts as a filter for incoming and outgoing traffic
  • Keeps a log of activity e.g. website requests
  • Blocks unacceptable data and allows acceptable data through e.g.
    • … certain websites (IP addresses) can be blocked
    • … prevent malware can be blocked
    • … certain ports can be blocked
    • … can prevent hackers accessing the network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Firewalls … True or False?

  • Firewalls are only available as hardware devices
  • Firewalls allow a user to set rules for network traffic
  • Firewalls will automatically stop all malicious traffic
  • Firewalls only examine traffic entering a network
  • Firewalls encrypt all data transmitted on a network
  • Firewalls can be used to block access to certain websites
A

Firewalls are only available as hardware devices (False)
Firewalls allow a user to set rules for network traffic (True)
Firewalls will automatically stop all malicious traffic (False)
Firewalls only examine traffic entering a network (False)
Firewalls encrypt all data transmitted on a network (False)
Firewalls can be used to block access to certain websites (True)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain how a a proxy server can act as a firewall.

A
  • Prevents direct access to a web server
  • Used to direct invalid traffic away from the webserver
  • Examines and filters traffic
  • Rejects requests for data from the web server if invalid
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

State some functions of a proxy server

A
  • Caches websites (fast - no need to reconnect )
  • Used to hide the user IP address
    • Requests are anonymous
    • Requests/responses are passed through the proxy server
  • Firewall: Can filter outgoing/incoming requests for data e.g. Sensornet
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Encyption: What is plain text?

A

Message data before it is encrypted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Encyption: What is cipher text?

A

Message data after it has been encrypted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe the process of encryption

A
  • An encryption algorithm is used
    • … to scramble the data (make it not understandable)
  • The original data is called the plain text
  • A key is used to encrypt the data
  • The key is applied to the plain text
  • Plain text is encrypted into cipher text
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Describe the process of decryption

A
  • An algorithm is used to decrypt the text
  • The encrypted data is called the cipher text
  • A key is used to decrypt the data
  • The key is applied to the cypher text
  • Cypher text is encrypted into plain text
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the main uses of encryption?

A
  • To store information securely
  • To transmit messages securely
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Why do we use encryption?

A

To make data meaningless if intercepted or stolen

It does not stop it from being stolen!!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Describe symmetric encyption

A
  • Symmetric encryption uses …
    • an encryption algprithm and
    • a single shared key
  • The same key is used to encrypt and decrypt
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Describe the problem associated with symmetric encryption

A
  • When sending symmetrically encrypted data …
    • the key must be sent seperately to the cipher text
  • If the key is intercepted when being transmitted it is …
    • easy to decrypt cipher text with the algorithm and the key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Data is encrypted using a 64 bit key. How can we improve the security of the encryption.

A
  • Increasing the length (number of bits) of the key e.g. 8 bit to 64 bit
    • …means there are more possible combinations for the key
    • …and less chance of decryption by bruteforce
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Describe asymmetric encryption

A
  • Asymetric encryption (also known as public key encryption) uses
    • an encryption algorithm and
    • a public key and
    • a private key
  • Everyone has their own public and private key
    • Private key is kept secret, public key is freely available
  • A message encrypted with a public key
    • … can only be decrypted
    • … with a private key
  • A message encrypted with a private key
    • … can only be decrypted
    • … with a public key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a disadvantage of asymmetric encrption?

A

Slower than symetric encryption and decryption

17
Q

Asymetric encryption can be used to pass symmetric keys securely. Explain the stages of this process.

A
  • The sender (User A) applies a symrnetric key to encrypt the message
  • The symmetric key is then encrypted by the sender (User A) using the public key of the receiver (User B)
  • The sender (User A) sends the encrypted message and encrypted key over the internet
  • The receiver (User B) decrypts the symmetric key by using their own private key
  • The decrypted symmetric key is now used to decrypt the message sent by user A
18
Q

What is SSL and TLS?

A
  • SSL = secure socket layer
  • TLS = transport layer security
  • They are both security protocols
  • Both are used to encrypt data
    • … to provide a secure connection
    • … for the transmission of personal data
19
Q

TLS and SSL have 2 layers. What are they?

A
  • Handshake layer - exchanges information
  • Record Layer - handles data and encryption
20
Q

How is TLS different to SSL?

A
  • TLS is the updated version of SSL
  • TLS is more secure than SSL
  • TLS allows for session caching - to connect quicker
  • TLS can be extended by adding new authentication methods
21
Q

How do we know TLS or SSL is being used in a browser?

A
  • Protocol being used is https
  • Padlock icon is locked
  • You can view the website certificate
22
Q

How does SSL/TLS work when a browser requests a connection to a web server?

A
  • Browser requests web server to identify itself
  • Web server sends its digital certificate to the brwoser
  • Browser authenticates the digital certificate
    • … which contains the websites public key
  • Once authenticated a connection is established…
    • The browser uses the public key to encrypt and send a symmetric session key
    • The web server decrypts the symmetric session key with its private key
    • The symmetric session jey is then used to transmit data securely
  • If not authenticated …
    • .. a warning message is shown
    • .. open padlock is shown
23
Q

Where is SSL/TLS used?

A
  • cloud storage
  • video conferencing
  • gaming
  • email
  • shopping
  • banking
24
Q

What is authentication?

A
  • Authentication is used to verify data …
    • … comes from a trusted source
25
Q

What is a hashing algorithm?

A
  • Plain text is passed to a hashing algorithm …
    • … which generates some hashed text
  • The process is one-way
    • … you cannot calculate plain text from the hashed text
  • The process is repeatable
    • .. you always get the same hashed text from the plain text
26
Q

What are Digital Signatures?

A
  • A digital signature is an authentication mechanism that enables the creator of the message to attach a code that acts as a unique signature (like a finger print)
  • Based on asymmetric encryption
  • Used to authenticate an electronic document
  • Uses a hashing algorithm
27
Q

How are digital signatures used?

A
  • The message (data file) is put through a hashing algorithm (function) to generate a hash (text)
  • The generated hash (text) is encrypted with the senders private key to get a digital signature
  • The message and digital signature are sent to the receiver over the internet
  • The receiver puts the message through the same hash algorithm to generate its own hash (text)
  • The digital signature is decrypted using the senders public key to get the original hash (text)
  • The original hash (text) is compared to the receivers calculated hash (text)
  • If the hashes are the same then the it is verified and has not been altereted
28
Q

What is meant by “Access Levels” when talking about cyber security?

A

Different user accounts control a users permissions

This often involves having different levels of access

e.g. In a database different users will be able to view/edit/delete different tables

29
Q

Describe the main features of anti-virus software

A

Scans existing files for virus and checks software/files before they are downloaded or executed
Uses a database of known viruses for comparison
Can constantly run in background
Can run scheduled scans
Automatically updates virus definitions
Can quarantine or delete a virus

30
Q

Describe the main features of anti-spyware software

A

Detects and removes spyware already installed on a device
Uses rules and file structures to detect spyware
Prevents a user from downloading spyware
Encrypted files to make the data more secure
Blocks access to a user’s webcam and microphone

31
Q

Give some examples of things you should look out for when receiving emails/URL’s from unknown sources

A

You should check the spelling in the email and in the links
You should check the tone of the language used is appropriate
You should check the email address is legitimate
You should check the spelling of the domain name e.g. Amozon
You should check a secure protocol is used e.g. https

32
Q

State 3 different ways of authenticating a user logging on to a computer system

A

Usernames and passwords

Biometrics e.g. fingerprint scans, retina scans, facial recognition, voice recognition

Two-Step Verification - requires two methods of authentication to verify e.g. a pass code sent by text after logging in