9.1 Cyber Security Flashcards
What is malware?
Malware is malicious software designed to cause damage to computer systems, e.g. virus, worm, Trojan and Ransomware.
What is social engineering?
Social engineering is where the hackers trick the user into giving their private information out, because they trust the hacker is the real person they are pretending to be.
What is the difference between a brute force attack and a denial of service attack?
A brute force attack is when a hacker keeps trying all possible options of password to hack into an account, e.g. trial and error, whereas a distributed denial of service attack is where botnets/zombie computers are used by hackers to crash websites, by flooding the website with irrelevant requests.
What are the reasons for attacking computer systems?
Fun, challenge, revenge, disruption, industrial espionage, money.
What is industrial espionage?
Industrial espionage is when a hacker is used to spy on other business competitors to steal business/industrial secrets.
How does an attack cause disruption?
If a business is attacked, the computer system needs to shut off, and thus the computers cannot be used - this is known as downtime, e.g. when the school email was hacked, we had no access to the school website until the issue was fixed, which caused an issue in the computing lesson where we use Google Classroom.
What is a security breach?
When a system has been breached/broken into, e.g. the hacker has got through the defences.
What is the impact of the security breach on the business?
Downtime, loss of sales, loss of income, loss of data, loss of reputation, fines.
What is the impact of the security breach on the customers?
Loss of reputation (social media word-of-mouth), loss of custom, anger, worry.
How can user access be restricted?
Username and password, biometrics, 2 factor authentication, physical locks on doors.
What is biometrics?
The unique identity of the individual is used to identify them, e.g. fingerprints, iris scanner, facial recognition.
What is 2 factor authentication?
When two forms of identification are used to identify/verify the user, e.g. password and PIN, code sent to phone etc.
What is a firewall?
A firewall monitors data traffic going in and out of the organisation, letting unsuspicious code through whereas suspicious code is stopped, blocked and reported to the user.
What is anti-virus software?
Anti-virus software recognises the signature code of computer viruses, e.g. the program code, and stops, quarantines and deletes it so that it can do no further harm to the computer system. Anti-virus software needs to be updated regularly.
What is encryption?
Encryption is where code is jumbled during data transfer so if it is intercepted during data transfer (man-in-the-middle attack), the data would not make any sense.
