6) Fundamentals of Cyber Security Flashcards
What are the forms of attack on a network?
Active attack
Passive attack
Insider atatck
Social engineering
What is a passive attack?
When a hacker eavesdrops of a network by ‘sniffing’ data packets
What is an active attack?
When someone uses malware or other technical methods to compromise a network’s security
What is authentication?
Any methods which allow users to prove that an account is theirs
What is a dictionary attack?
Brute force attack from words in a pretermined lists
What are ways of protection against cracking?
Writing a network policy which enforces strong passwords
Using two-factor authentication
Restricting number of failed password attempts
What does DoS stand for?
Denial of Service
What does a DoS attack do?
Attempt to bring a server down by flooding it with useless requests
What are ways of protection against DoS attacks?
Firewalls blacklisting traffic from known IP addresses
Monitor and limit traffic
What does DDoS stand for?
Distributed Denial of Service
What does DDoS attacks overcome?
Blacklisting of IP addresses
How do DDoS attacks work?
Requests are sent from an army of machines
A botnet
What does penetration testing identify?
Vulnerabilities
What does a good penetration test check?
Technical vulnerabilities
Likelihood of social engineering
Test of damage recovery
What is the motivation for penetration tests?
Fixing bugs saves money
What is black box testing?
Outside organisation practices a real attack
What is white box testing?
Inside organisation tests vulnerabilities with knowledge of system and basic access rights, prevents insider attacks
What is cold calling?
Pretending to be from a bank or utility company
Attempting to gain confidential details
What tactic do social engieers often use?
Fear
How can we protect against social engineering?
Public awareness campaigns
Company security policies
Education and training
What is pharming?
Setting a fake website and attempting to redirect people to it
Often done through DNS servers
What is blagging?
Attacker pretends to be involved with an organisation to gain information
What is shouldering?
Physically watching a user either in person or using screen capture software
What is phishing?
Using fake emails and websites to trick people into giving away sensitive data
How can you protect against phishing?
Don’t click email links
Check email sender address is correct
Look for clues email is not legitimate
What are viruses?
Small pieces of code injected into other programs which spread from computer to computer
What are worms?
Small pieces of code which spread across a network, smiliar to viruses but without a host program
What are trojan horses?
Any form of malware which tricks the user into installing it by pretending to be a different program
What is ransomware?
Encrypts files on an infected system and only decrypts files once a payment has been made to the hacker
What is spyware?
Gathers information about a user by tracking their activity
What are rootkits?
Malware which modifies the computer’s OS to avoid detection by antivirus software
What are backdoors?
Malware which opens up an access channel to a computer that other malware can use to take over the machine
How can malware spread?
Installations
Attachments
Replication
What are macros?
Small programs that give permission to run on the computer
What can macros install?
Malware
What does anti-virus software provide?
Real time scans of files
Checks if file is infected when opened
What does anti-malware software do?
Periodically scan system to detect malware and remove them from the computer
What does quarantining a piece of software do?
Prevents it from running until user decides whether to destroy software or attempt to remove virus from it
What do firewalls do?
Inspect and filter incoming and outgoing data packets
What is packet filtering?
Inspecting each packet and dropping those that don’t meet a certain criteria
What is IP address filtering?
Only allowing traffic from certain known sources
What is port blocking?
Blocking access to certain ports
What is a firewall?
A hardware device or piece of software which sits between a device and the internet
What are common defences of cyber attacks?
Biometric authentication
Email verification
Automatic updates
CAPTCHA
What are access rights?
Whether each user can:
Read files
Write files
Execute files
What can we limit with user access levels?
Installing software
Creating new accouts
Accessing confidential information
When are passwords effective?
When kept secret
When strong against brute force attacks
What are principles of a strong password?
Long
Letters, numbers, symbols
Changed regularly
Never written down
What is encryption?
Scrambling data according to a specific algorithm so it cannot be read by third parties
Only intended recpient can decode data
How long are keys?
256 bits
1,024 bits
What are keys?
Shared secrets
Why is it especially important to encrypt wireless networks?
High chance of data interception
