5.4 User Security Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

Define social engineering (2)

A

Invovles manipulating of people

occurs when cybercriminal creates a social situation that can lead to a victim dropping their gaurd

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the 5 types of social engineering (5)

A

Instant messaging

Scareware

Email/Phishing scams

Baiting

Phone calls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is instant messaging (1)

A

Malicious links embedded into instant messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Features of scareware (2)

A

pop-up message claiming that user’s computer is infected with a virus

user is told to download anti-virus that looks real (fake)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How is baiting carried out (2)

A

cybercriminal leaves malware infected memory stick somewhere

curious user plugs memory stick into computer and downloads the malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What human emotions is social engineering exploiting (3)

A

fear

curiosity

empathy and trust

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Purpose of access levels (2)

A

different levels of access for different people

have a hierarchy of access levels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the 4 access levels (4)

A

Public access

friends

customs

data owner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Define public access (1)

A

data that the general public can access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Define friends (1)

A

(only people identified as “friends” by the owner of the data can see certain data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Define customs (1)

A

user can exclude certain content from selected people

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Define data owner (1)

A

data only owner can see

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

2 types of anti-malware (2)

A

anti-virus

anti-spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Define anti-spyware (1)

A

Detects and removes spyware programs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How does anti-spyware remove spyware using the rules method (2)

A

software looks for typical features which are usually associated with spyware

identifying any potential security issues

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How does anti-spyware remove spyware using the file structure method (1)

A

looks for certain file structures associated with spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Define authentication (1)

A

Ability of a user to prove who they are

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Common factors used in authentication (3)

A

Something you know (password or PIN code)

Something you have (mobile phone or tablet)

Something unique to you (biometrics)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

two Methods of authentication (2)

A

Passwords

biometrics

20
Q

Function of passowords (1)

A

restrict access to data or systems

21
Q

What should strong passwords contain (3)

A

-at least one capital letter

-at least one numerical value

-at least one other keyboard character

22
Q

Function of biometrics (1)

A

Relies on certain unique characteristics of human being

23
Q

Examples of biometrics (4)

A

fingerprint scans

retina scans

face recognition

voice recognition

24
Q

How do fingerprint scans work? (3)

A

Images of fingerprints compared against previously scanned fingerprint images stored in a database.

System compares patterns of ‘ridges’ and ‘valleys’ that are unique.

If they match, then a user is correctly recognised

25
Q

Benefits of fingerprint scans (5)

A

Unique

Can’t be misplaced

Easy to use

Small storage

Most developed biometric technique

26
Q

Disadvantages of fingerprint scans (3)

A

Expensive to set up

Affect scanning accuracy if finger is damaged

Some may consider it as infringement of civil liberties

27
Q

Function of retina scans (1)

A

Uses infrared light to scan unique pattern of blood vessels in the retina (back of the eye)

28
Q

Advantages of retina scans (2)

A

secure as there is no way to duplicate the blood vessels patterns

very high accuracy

29
Q

drawbacks of retina scans (3)

A

can be intrusive

slow to verify retina scans with stored scans

expensive to set up

30
Q

Disadvantages of face recognition (1)

A

can be affected by change facial features

31
Q

Benefits of voice recognition (3)

A

not intrusive

quick to verify

relatively cheap technology

32
Q

Disadvantages of voice recognition (3)

A

voice can be easily recorded and used for unauthorised access

low accuracy

voice can change

33
Q

Define two step verification (1)

A

Requires two methods of authentication to verify who a user is

34
Q

Where is two step verification often used? (1)

A

online purchases

35
Q

How does two step verification work? (2)

A

1st step is entering username and password

2nd step is when an 8 digit pin is sent to device’s email or text message. And user enters the 8 digit pin

36
Q

Define automatic software updates (2)

A

updating software on user computer

improves software performance and security

37
Q

2 Actions to take before opening emails (2)

A

spelling in email

tone used in emails

38
Q

Different ways of protecting against cyber security threats (10)

A

access levels

anti-malware

authentication (username and password
biometrics, two-step verification)

automatic software update

checking the spelling and tone of
communications

checking the URL attached to a link

firewalls

privacy settings

proxy servers

Secure socket layer (SSL) security protocol

39
Q

Purpose of firewall (1)

A

security system designed to prevent unauthorised access to or from your computer or private network.

40
Q

How do firewalls work? (3)

A

sit between the user and the external network, examining both the incoming and outgoing traffic

checks what is received and requested to ensure that traffic (data) meets a given set of criteria (rules).

Any traffic (data) that doesn’t meet the criteria is filtered and stopped.

41
Q

Purpose of proxy servers

A

intermidiary between user and web server

42
Q

Benefits of proxy servers(3)

A

Anonymity: IP address given to web server is the IP address of the proxy server (not user)

Security: IP is hidden so hacker cannot target user

Improved control: Large organisation can control what content is allowed to be accessed by employees, students etc

43
Q

Purpose of SSL

A

allows data to be sent and received securely over the internet

44
Q

Define SSL

A

Set of rules used by computers to communicate with each other over a network

45
Q

Are firewalls hardware based, software based or both

A

Can be hardware or software based

46
Q

Are proxy servers hardware based or software based or both

A

Can be hardware or software based