6) Fundamentals of Cyber Security Flashcards

1
Q

What are the forms of attack on a network?

A

Active attack
Passive attack
Insider atatck
Social engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a passive attack?

A

When a hacker eavesdrops of a network by ‘sniffing’ data packets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is an active attack?

A

When someone uses malware or other technical methods to compromise a network’s security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is authentication?

A

Any methods which allow users to prove that an account is theirs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a dictionary attack?

A

Brute force attack from words in a pretermined lists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are ways of protection against cracking?

A

Writing a network policy which enforces strong passwords
Using two-factor authentication
Restricting number of failed password attempts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does DoS stand for?

A

Denial of Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does a DoS attack do?

A

Attempt to bring a server down by flooding it with useless requests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are ways of protection against DoS attacks?

A

Firewalls blacklisting traffic from known IP addresses

Monitor and limit traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does DDoS stand for?

A

Distributed Denial of Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does DDoS attacks overcome?

A

Blacklisting of IP addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How do DDoS attacks work?

A

Requests are sent from an army of machines

A botnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does penetration testing identify?

A

Vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does a good penetration test check?

A

Technical vulnerabilities
Likelihood of social engineering
Test of damage recovery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the motivation for penetration tests?

A

Fixing bugs saves money

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is black box testing?

A

Outside organisation practices a real attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is white box testing?

A

Inside organisation tests vulnerabilities with knowledge of system and basic access rights, prevents insider attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is cold calling?

A

Pretending to be from a bank or utility company

Attempting to gain confidential details

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What tactic do social engieers often use?

A

Fear

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

How can we protect against social engineering?

A

Public awareness campaigns
Company security policies
Education and training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is pharming?

A

Setting a fake website and attempting to redirect people to it
Often done through DNS servers

22
Q

What is blagging?

A

Attacker pretends to be involved with an organisation to gain information

23
Q

What is shouldering?

A

Physically watching a user either in person or using screen capture software

24
Q

What is phishing?

A

Using fake emails and websites to trick people into giving away sensitive data

25
How can you protect against phishing?
Don't click email links Check email sender address is correct Look for clues email is not legitimate
26
What are viruses?
Small pieces of code injected into other programs which spread from computer to computer
27
What are worms?
Small pieces of code which spread across a network, smiliar to viruses but without a host program
28
What are trojan horses?
Any form of malware which tricks the user into installing it by pretending to be a different program
29
What is ransomware?
Encrypts files on an infected system and only decrypts files once a payment has been made to the hacker
30
What is spyware?
Gathers information about a user by tracking their activity
31
What are rootkits?
Malware which modifies the computer's OS to avoid detection by antivirus software
32
What are backdoors?
Malware which opens up an access channel to a computer that other malware can use to take over the machine
33
How can malware spread?
Installations Attachments Replication
34
What are macros?
Small programs that give permission to run on the computer
35
What can macros install?
Malware
36
What does anti-virus software provide?
Real time scans of files | Checks if file is infected when opened
37
What does anti-malware software do?
Periodically scan system to detect malware and remove them from the computer
38
What does quarantining a piece of software do?
Prevents it from running until user decides whether to destroy software or attempt to remove virus from it
39
What do firewalls do?
Inspect and filter incoming and outgoing data packets
40
What is packet filtering?
Inspecting each packet and dropping those that don't meet a certain criteria
41
What is IP address filtering?
Only allowing traffic from certain known sources
42
What is port blocking?
Blocking access to certain ports
43
What is a firewall?
A hardware device or piece of software which sits between a device and the internet
44
What are common defences of cyber attacks?
Biometric authentication Email verification Automatic updates CAPTCHA
45
What are access rights?
Whether each user can: Read files Write files Execute files
46
What can we limit with user access levels?
Installing software Creating new accouts Accessing confidential information
47
When are passwords effective?
When kept secret | When strong against brute force attacks
48
What are principles of a strong password?
Long Letters, numbers, symbols Changed regularly Never written down
49
What is encryption?
Scrambling data according to a specific algorithm so it cannot be read by third parties Only intended recpient can decode data
50
How long are keys?
256 bits | 1,024 bits
51
What are keys?
Shared secrets
52
Why is it especially important to encrypt wireless networks?
High chance of data interception