CA8 Flashcards
State:
2 examples of what an organisation may store information about
2 of:
* Employee salaries
* Employee perks
* Client lists
* Trade secrets
* Sales numbers
* Customer information
* News about pending restructuring
FIll The Blank:
Information the company stores such as ……….. ……………. and employee ……………….. must be kept confidential because any ……………. relating to this information can have a serious impact leading to possible loss of ……….. or business. This could lead to a downturn in the ………….. of the organisation which may ultimately lead to failure.
Trade Secrets, Salaries, Breaches, Clients, Health
Explain:
Why it is important that employee salaries and perks are kept confidential
Different employees carrying out same task may not be paid the same because of different experience or other factors
Fill The Blank:
A client list may inlude individuals but also named ………………. of other businesses/organisations and should only be accessed by ………………… if abosolutely necessary
Representatives, Employees
Fill The Blank:
Customer …………………… usually relates to those who buy goods or services and usually includes …………………. details.
Information, Personal
Fill The Blank:
If privacy and confidentiality of client lists and customer ………………….. are not maintained, the organisation could lose clients or …………………. and people should expect that any organisation storing their personal data will keep it ………… and ……………… to limit any breaches.
Information, Customers, Safe, Secure
Fill The Blank:
The breach of personal data can have an impact on the …………………. and the people whose data has been …………………
Organisation, Leaked
Fill The Blank:
Any leak of ……… of a pending restructuring can have an impact on the organisation and its internal and external stakeholders, for example if employees here news that could threaten their job they may ……………
News, Leave
Fill The Blank:
Maximising privacy can be done by using …………… controls, ……………….., authorisation and other security procedures to limit the access to the data and information - important data should also be regularly …………………. up
Access, Priveleges, Backed
Fill The Blank:
The impact/s of failing to maintain privacy and confidentiality can be wide ranging but includes ……………….. and …………………………….. impacts
Financial, Reputational
State:
4 possible financial impacts of failing to maintain privacy and confidentiality
- Possible payment of compensation
- Increased costs to improve security and new computer devices, including installation and maintenance
- Loss of customers leading to loss of revenue
- Loss of revenue if, for example, invoices are lost
State:
examples of how reputation can be damaged by failing to maintain privacy and confidentiality
- Business no longer seen as trustworthy
- Business goes to competitors
- Lost or corrupt data
- Limited or halted day to day function - because data is required
Define:
Cyber Security
The practice of defending computers, servers, mobile devices, electronic systems, networks and data from malicious attacks
Fill The Blank:
Every business, industry, organisation and individual can be the target of technical ……………. and every digital system can have ………………………..
Threats, Vulnerabilities
State:
3 examples of possible technical threats a system could face
3 of:
* botnets
* DDoS
* hacking
* Malware
* Social engineering
* Insecure APIs
* Use of ad hoc or open networks
* Eavesdropping/man-in-the-middle attacks
Fill The Blank:
An API is the ………………. that enables two, or more different software applications to …………………….
Interface, Communicate
Fill The Blank:
Over time APIs can become ……………… and this can lead to vulnerability that can be …………………
Unsecure, Exploited
Fill The Blank:
Most data is interconnected, and if one ……. is insecure then it can lead to a …………………. which can also lead to a higher risk of threat to everything this …… interacts with
API, Vulnerability, API
Explain:
A wireless ad hoc website (WANET)
A network that is created without a wireless router or an access point and the devices in the network communicate directly with each other
State:
2 main problems with ad hoc networks
- Slow data transmission rate
- Minimal security
Explain:
How a man in the middle attack works
When a hacker places themselves in the middle of a communication between two digital devices and/or the users to attempt to steal data and information
Fill The Blank:
An attacker may steal financial ……….. or ……..-…. details which may be posted to the …………. …….. where they can be bought and used by other attackers
Data, Log-in, Dark Net
Define:
Hacker
Someone who uses computers to gain unauthorised access to data
Define:
Dark Net
Networks that are not indexed by search engines; they can only be accessed by people with the relevant credentials and authorisation