6 Fundamentals Of Cyber Security

Question 1

What are the different forms of attacks?

Answer 1

Insider attack
Active attack
Passive attack
Social engineering

Question 2

What is Social engineering?

Answer 2

When a person is exploited into giving away critical information that gives access to the network or accounts

Question 3

What is an insider attack?

Answer 3

When someone in an organisation gives away access details or sensitive information

Question 4

What is an active attack?

Answer 4

When someone uses malware or other technical methods to compromise a network’s security

Question 5

What is a passive attack?

Answer 5

When a hacker eavesdrops on a network by ‘sniffing’ the data packets

Question 6

What do hackers do to overcome authentication mechanisms?

Answer 6

Hackers mainly crack passwords

Question 7

What is cracking the password?

Answer 7

Finding people’s passwords to overcome authentication is called cracking the password

Question 8

What is the brute force attack?

Answer 8

A brute force attack tries to crack a password by trying every single combination of letters and numbers until the correct one is found.
This can take a very long time, although special software is used to do this which makes it possible to make millions of attempts per second

Question 9

What is the Dictionary attack?

Answer 9

A quicker form of the brute force attack is the dictionary attack.
Rather than attempting every single combination, a dictionary attack tries words from a predetermined list:
A common dictionary to use would be a list of common passwords

Question 10

How do you protect against cracking?

Answer 10

Writing a network policy which enforces strong passwords can protect against dictionary attacks.
Using two-factor authentication can prevent the hacker from logging in, even if they have the password.
Restricting the number of failed password attempts before an account is ‘locked’ for a fixed period of time can deter hackers

Question 11

What is a Denial of Service attack?

Answer 11

A denial of service (DoS) attack tries to bring down a server by flooding it with useless traffic
The attack aims to overload the server. This stops the server responding to legitimate traffic

Question 12

How do you protect against Denial of Service (DoS) attacks?

Answer 12

To protect against DoS attacks, a server’s firewall can blacklist (ban) any traffic from an IP address which is known to perform DoS attacks.
Firewalls can also monitor traffic in real time. So if a new IP address starts to send too much traffic then traffic limits can be set.

Question 13

What are Distributed DoS attacks?

Answer 13

Distributed DoS (DDos) attacks are commonly used to overcome the blacklisting of an IP address because of a high number of requests
In a DDoS attack, the requests are sent from an army of compromised machines, known as a botnet
Botnet machines are infected with malware which allows a hacker to send requests from their computer
The botnet can launch a huge number of simultaneous requests. The owners of the devices in the botnet might not even realise they are taking part

Question 14

What is Authentication?

Answer 14

Authentication is the name for any methods which allow users to prove that an account is theirs

Question 15

What is Penetration testing?

Answer 15

Penetration testing identifies vulnerabilities in a network’s security by attempting a controlled attack on the network
This usually involves carrying out multiple types of attack to see which is most successful
Penetration testing is done by the organisation itself, or an external organisation or contractor they have hired

Question 16

What is a good penetration test?

Answer 16

A good penetration test will check:
Technical vulnerabilities
Likelihood of social engineering
A test of damage recovery

Question 17

Why do organisations perform penetration tests?

Answer 17

Organisations choose to perform penetration testing to try to find vulnerabilities before criminals do
If an organisation can find and fix a bug before it is exploited, it can save time and money

Question 18

What are the two types of Penetration testing?

Answer 18

Black-box penetration testing

White-box penetration testing

Question 19

What is black-box penetration testing?

Answer 19

A black box penetration test is done outside of an organisation
A system administrator might pay an outside organisation to attempt to gain access to their systems in a controlled way
This will allow the system administrators to experience a ‘practice’ attack which is very similar to a real attack

Question 20

What is White-box penetration testing?

Answer 20

A white box penetration test is done inside an organisation
In a white box penetration test, system administrators will test how vulnerable the system is against someone with knowledge of the system, and possibly a user account with low access rights
This will help to prevent insider attacks

Question 21

What is Cold calling?

Answer 21

Social engineers often cold call victims and pretend to be from an organisation such as a bank
The social engineer will then ask a victim to confirm their details, so that they can use these details to access their account later

Question 22

Why do social engineers use fear?

Answer 22

Fear is often used to put people off-guard and make them more likely to comply
Social engineers know that people will make irrational decisions when panicked

A common attack would be to call someone pretending to be a bank, and ask why they have emptied out their account:
This would panic the victim, who would then want to sign into their account straight away over the phone

Question 23

What is the weakest point in most networks?

Answer 23

People

Question 24

What are the tactics used to help prevent Social Engineering?

Answer 24

Education and Training
Public Awareness Campaigns
Company Security Policies

Question 25

What are the types of Social engineering attacks?

Answer 25

Pharming
Shouldering
Blagging

Question 26

What is Pharming?

Answer 26

Pharming is where an attacker will set up a fake website, and try to redirect people to it
This is often done through attacks on DNS servers, or by using common misspellings of links

Question 27

What is Shouldering?

Answer 27

Shouldering is where an attacker will gain information by physically watching a user.
Shouldering can be done in two ways:
Watching someone in person, e.g. someone entering a password.
Using screen capture software

Question 28

What is Blagging?

Answer 28

Blagging is where an attacker will pretend to be involved with an organisation in order to gain information
For example, an attacker may pretend to be an employee and ask a fellow employee what a code for a door is because they are new and have forgotten

Question 29

What is Phishing?

Answer 29

Phishing uses fake emails and websites to trick people into giving away their sensitive data
Emails are sent to thousands of people, claiming to be from a known service such as a bank or utility provider
Victims are taken to a realistic looking but fake version of the site where they log in. This gives their details to the attackers

Question 30

How do you protect yourself against phishing?

Answer 30

Never click a link in an email that asks you to update or enter your account details.
Check that the sender’s email address is correct.
Look for clues that the email is not legitimate such as spelling mistakes or generic greetings

Question 31

What is Malware?

Answer 31

Malware is any kind of malicious software that is installed without your knowledge or intent

Question 32

What are Viruses?

Answer 32

Small pieces of code injected into other programs which spread from computer to computer

Question 33

What are Worms?

Answer 33

Small pieces of code which spread across a network, similar to viruses but without a host program

Question 34

What are Trojan horses?

Answer 34

Any form of malware which tricks the user into installing it by pretending to be a different program

Question 35

What is Ransomware?

Answer 35

Ransomware encrypts files on an infected system and only decrypts files once a payment has been made to the hacker

Question 36

What is Spyware?

Answer 36

Gathers information about a user by tracking their activity

Question 37

What are Rootkits/

Answer 37

Rootkits:

Malware which modifies the computer’s operating system to avoid detection by antivirus software

Question 38

What are Backdoors?

Answer 38

Malware which opens up an access channel to a computer that other malware can use to take over the machine

Question 39

What techniques are used by malware to spread across a network as fast as possible?

Answer 39

Installations
Replication
Attachments

Question 40

How do Installations help spread Malware across a network?

Answer 40

Users often willingly install malware if they are tricked into thinking that they are installing a different piece of software
Common ‘disguises’ for malware include:
Security updates
Software drivers

Question 41

How does Replication help spread Malware across a network as fast as possible?

Answer 41

Once one device on a network has been infected with a worm or a virus, then it becomes very easy for it to spread to other devices on the network
The process of spreading to other computers is called self-replication

Question 42

How do Attachments help spread Malware across a network?

Answer 42

Opening attachments in emails such as Word and Excel documents can include ‘macros’
A macro is a small program that is given permission to run on the computer
The macros can be set up to install malware

Question 43

What is a Macro?

Answer 43

A macro is a small program that is given permission to run on the computer

Question 44

Why do we use Anti Virus/Malware Software?

Answer 44

These pieces of software can help to identify and quarantine malware.
Quarantining a piece of software prevents it from running and allows users to decide whether to:
Attempt to remove a virus from the software.
Destroy the software

Question 45

What is Anti-Virus Software?

Answer 45

Anti-virus software provides real-time ‘on-access’ scans of files to detect if they have been infected by a virus
That means that when a file is opened, the anti-virus checks that it has not been infected

Question 46

Waht is Anti-Malware Software?

Answer 46

Anti-malware software performs periodic scans of the system

Anti-malware software detects unknown pieces of malware, and removes them from the computer

Question 47

What are Firewalls?

Answer 47

A firewall is either a hardware device or a piece of software which sits between a device and the Internet
Firewalls inspect and filter incoming and outgoing data packets
They try to stop hackers gaining access to the network and stop malware getting into the network

Question 48

What is IP-address Filtering?

Answer 48

The firewall only allows traffic from certain known sources

This can be used to prevent denial of service attacks

Question 49

What is Port-Blocking?

Answer 49

Firewalls can block access to certain ports
One important port is port 22, which allows remote access via the Internet. By blocking this port, we can prevent hackers trying to take over the server

Question 50

How methods are used to prevent Cyber Attacks?

Answer 50

Email Verification
Biometric authentication
Automatic Updates
CAPTCHA

Question 51

What is Email Verfication?

Answer 51

Email verification is a tool used on many websites to ensure that a certain email address really does belong to a user
This is usually done during registration, where a user will sign up and then have to click a special verification link in an email to confirm their email
This prevents people from using other people’s email addresses to create accounts

Question 52

What is Biometric Authentication?

Answer 52

Biometric devices are a method of authentication which scan a part of the user’s body to authenticate them
Biometric devices include:
Fingerprint scanners
Retina scanners
Facial recognition
Biometric devices can sometimes be inaccurate, and either allow an attacker into the system, or not allow a valid user to access their system
Biometric devices do not require anything to be memorised

Question 53

How do Automatic Updates help prevent Cyber Attacks?

Answer 53

Automatic updates can either be for software or security definitions
Security definitions are used by antimalware and antivirus software to identify specific pieces of malware.
These updates are usually automated to make sure that as many users as possible are protected at all times

Question 54

How does CAPTCHA help prevent Cyber Attacks?

Answer 54

CAPTCHA is a computer program designed to determine if a user of a system is a human or a machine
It usually does this by asking the user to solve a problem such as selecting images where a certain item appears from different angles
CAPTCHA is often used on websites to avoid spam content by bots

Question 55

What are Access rights?

Answer 55

Users of a computer system can be given different access rights for different files on the system
For example, for each file on the system we might keep a record of whether each user can:
Read the file
Write to the file
Execute the file

Question 56

What are User Access Levels?

Answer 56

Network users can be arranged into user groups
Each group can then be given different access rights
This makes it easy to manage the access rights of a large group of people (e.g. employees)

Question 57

What are the advantages of User Access Levels?

Answer 57

We can limit the access rights of ‘normal’ users on the network. For example:
Not allowing them to install software
Not allowing them to create new user accounts
Not allowing them access to confidential information
These rights can be limited to the administrators only

Question 58

When are passwords effective?

Answer 58

Passwords are effective when:
They are kept secret
The password is strong enough against Brute Force attacks

Question 59

What is the purpose of passwords?

Answer 59

Passwords help to prevent unauthorised users from accessing a device or network
Passwords are one of the simplest authentication methods

Question 60

What should a strong paaword be like?

Answer 60

A strong password should:
Be long
Use letters, numbers, and symbols
Be changed regularly
Never be written down

Question 61

What is Encryption?

Answer 61

Encrypting data is the process of scrambling data according to a specific algorithm so that it cannot be read by third parties
Only the intended recipient will know how to decode the data

Question 62

What are keys for encryption?

Answer 62

A lot of encryption depends upon keys, which are shared secrets
Keys are made up of a pair of very large prime numbers, either 256 or 1,024 bits long
It would take an impractical amount of time to guess the key. So we say that the encryption is secure

Question 63

What are the first three sections of a URL?

Answer 63

Protocol
Path
Domain