Block 2 Part 7 - Dangerous Data Flashcards
These three principles represent the core objectives of information security and are often referred to as the CIA triad:
What does the acronym stand for?
C = Confidentiality: Ensures that information is accessible only to those who have the proper authorization. It involves protecting data from unauthorized access or disclosure.
I = Integrity: Ensures the accuracy and reliability of data. It involves maintaining the consistency and trustworthiness of information by protecting it from unauthorized alterations.
A = Availability: Ensures that information and resources are available and accessible when needed. It involves ensuring that systems and data are reliably and promptly accessible to authorized users.
Most bugs do not represent a security risk as they occur in non-critical software – but those in the heart of the ___________ _________, or bugs in programs requiring access to critical ____________, can endanger users’ security.
operating systems
critical systems
What are ‘zero days’?
Bugs unknown to software developers and security companies.
Is a botnet a virus, malware or a worm?
Malware
In a botnet, infected machines are called…?
Zombies
A botnet can also be called a Z______ a____.
A zombie army
Botnets fall into two broad categories:
1. c______-____________
2. p______-t__-p_________
client-server
peer-to-peer
Click fraud
Click fraud uses software to simulate clicking on an a______. It has been used by companies to exaggerate the popularity of their sites or products, whilst other companies have used click fraud to cripple r_______ by forcing them to pay advertising fees for billions of fake clicks.
advert
rivals
Brute-force decryption
Passwords and other forms of secure data can be attacked by brute force. B________ share the task amongst many machines, allowing for faster decryption.
botnets
Bitcoin mining
New Bitcoins are produced through a complex mathematical process requiring huge amounts of computer power. Rather than invest in their own computers, criminals can use b_________ to create new Bitcoins.
botnets
Denial-of-service (DoS) attacks
DoS is a method of attacking computers by flooding their network connections with spurious d_____ that prevents legitimate traffic from being sent or received.
data
Distributed denial-of-service (DDoS) attacks
Botnets allow thousands or even millions of z_______ to collaborate in an attack
zombies
Antivirus software aims to detect, isolate and, if necessary, delete malware on a computer before it can harm data. Antivirus software uses several techniques to identify malware. The two most common are known as:
- s___________
- h_____________
- signatures
- heuristics
A signature is a u_______ p_______ of d____ created by a malware program in a computer’s memory or in a file.
unique pattern of data
Antivirus programs may run invisibly in the background, looking for malware signatures in files either when they are downloaded or when they are accessed by opening a file.
Although signatures are widely used by antivirus programs, they have two significant drawbacks.
- Malware authors regularly release new versions of their software at short intervals.
Why? - More sophisticated malware modifies its own program during the process of infecting new machines. These p___________ (or metamorphic) programs have the effect of automatically producing new signatures without affecting the operation of the malware itself.
- The new releases are designed to extend the vulnerability window. Making changes to malware inevitably changes its signature and effectively renders the program invisible to antivirus programs until the new signature can be incorporated into the application.
- polymorphic
