6 - Cyber security

Question 1

What is cyber security?

Answer 1

the protection of networks, computers, or data from attack, damage or unauthorised access with certain testing routines and technologies

Question 2

Name 7 cyber security threats:

Answer 2

-social engineering techniques
-malware
-pharming
-weak/default passwords
-outdated/unpatched software
-removable media
-misconfigured access rights

(SMP, WORM)

Question 3

What is social engineering?

Answer 3

the art of manipulating people (a system’s greatest vulnerability) to make them give up confidential information

Question 4

What are some common techniques used in social engineering? Describe them:

Answer 4

blagging - lying about something to gain info, that the victim wouldn’t usually do under ordinary circumstances.

phishing - fraudulently obtaining confidential info using emails/SMS

shouldering - observing a person’s private info without consent at places like ATMs

Blagging is also known as pretexting, and shouldering is known as shoulder surfing

Question 5

How could phishing be prevented?

Answer 5

-educate users to not click on fraudulent emails that ask you for personal info or to click on links
-prevent users from downloading files on emails
-use a firewall and keep it updated so it can’t be exploited

Question 6

What is malware?

Answer 6

malicious software referring to a variety of forms of hostile or intrusive software

Question 7

Describe 3 types of malware:

Answer 7

virus - hidden program within another program that can self-replicate into other programs, spread by removable media

trojan - malicious software disguised to be legitimate or run another program

spyware - gathers info about a user without them knowing (eg keyloggers)

Question 8

What is pharming?

Answer 8

a cyber attack intended to redirect a website’s traffic to a disguised fake website hosted on a malicious server, where details may be stolen

Question 9

Why are weak/default passwords a cyber security threat?

Answer 9

-can easily guess passwords by brute force, and default passwords are usually posted online
-system is vulnerable to unauthorised access
-can allow the attacker to gain access to admin accounts

Default passwords are the ones where a website makes it for you, but then prompts you to change it

Question 10

Why is having misconfigured access rights a cyber security threat?

Answer 10

-access rights block users from doing certain things, eg downloading software or accessing confidential info

-access rights must be assigned correctly, so confidential info is only accessible to those who need it to prevent insider attacks of reconfiguring the network or giving themselves admin

An insider attack is where someone attempts to gain unauthorised access when they have only some access rights

Question 11

Why is removable media a cyber security threat?

Answer 11

-data theft, intentional and unintentional (where unencrypted data is stored on it and falls into the wrong hands)

-could introduce malware into the network/computer system

Question 12

Why is using unpatched/outdated software a cyber security threat? How can it be protected against?

Answer 12

-older software is more likely to be hacked, as it usually contains known weaknesses that can be exploited and used to introduce malware

-use automatic software updates to install updates/patches as soon as they are available

Question 13

What is penetration testing?

Answer 13

the process of identifying vulnerabilities in a system’s security, by attempting to gain access to resources on it without knowledge of credentials and other means of access

Question 14

What is the purpose of a white box penetration test?

Answer 14

simulates a malicious insider who has basic credentials and knowledge of the target system

Question 15

What is the purpose of a black box penetration test?

Answer 15

simulates an external hacking/cyber warfare attack where the attacker has no knowledge of the target system or credentials

Question 16

Explain why both types of penetration tests are done:

Answer 16

-white box can be used to target specific vulnerabilities, which is easier as you should know what to test for all scenarios

-black box can be used to exploit weak spots in the system with lots of brute force and investigating the system, but it might not test the whole system as you don’t know its full functionality

Question 17

What does anti-malware software do?

Answer 17

-detects and removes malware by:

-periodically scanning the computer system and incoming network traffic for malware
-if malware is detected, it can be quarantined, so it can’t run, and can later be removed

Question 18

State 4 methods of protecting against cyber security threats:

Answer 18

-authentication (using credentials/biometrics)
-CAPTCHA
-email confirmations
-automatic software updates

Question 19

What is CAPTCHA?

Answer 19

Completely Automated Public Turing test to tell Computers and Humans Apart

-a form of challenge-response test, where the user has to identify the contents of some distorted text/images

Question 20

Where might using a CAPTCHA system be appropriate? Give 4 examples:

Answer 20

-account registration/access
-online voting systems
-ticket purchasing
-on websites where comments/reviews can be posted

Question 21

What does an email confirmation mean for the user? How do they help to protect against cyber security threats?

Answer 21

-a user can’t register a new account without clicking a confirmation link sent to their email

-proves that their email address is valid and proves the identity of the user, so they are given corresponding access rights
-also alerts user of fraudulent login attempts (eg failed passwords multiple times)

Question 22

Why do automatic software updates provide better security than manual ones?

Answer 22

-automatic means the computer is protected more quickly, since the user might forget to update manually
-manual updates might be from an infected source, automatic ones are from more trusted sources