Cambridge IGCSE Revision Question - Security Aspects Flashcards
Explain the difference between a private key and a public key when encrypting data to be sent via the Internet.
The private key is only known to the user’s
computer, while the public key is g iven by the user’s computer to any other computer that wants to communicate securely with it. To decode an encrypted message, a computer must have the public key and the private key.
The sending computer encrypts the message with a symmetric key, then encrypts the symmetric key
with the public key of the receiving computer.
The reeiving computer uses its private key to decode the symmetric key and then uses the symmetric key to decode the message
Describe what happens between web browser and web server when a user wishes to access a website which uses SSL certification.
List of stages:
- The web browser attempts to connect to a
website which is secured with SSL
- The web browser requests the web server to identify itself
- The web server sends the web browser a copy of its SSL certificate
- The web browser checks whether the SSL
certificate is authentidtrustworthy; if it checks
out as OK then the web browser sends a
message back to the web server
- The web server will then send back some form of acknowledgement to al low the SSL encrypted session to begin
- The encrypted data is then shared securely
between the web browser and the web server.
Describe three different types of authentication used as security
methods when accessing a secure website.
Passwords - user name and password; when these are entered, they are checked against a secure file to confirm an a uthorised person has ‘logged in’ to the system - if either user name or password are
incorrect, access is denied
Pass cards - pass cards contain a magnetic stripe (which contains security i nformation) and/or an embedded chip (which often contains a PIN)
Digital signatures - d igita l signatures are based on public key encryption (which use a private key and a public key)
Biometrics - biometrics are a recent introduction; they rely on the unique properties of certain aspects o f t h e h u m a n physiology:
- fingerprint scans
- retina scans
- face scan
- voice identification.
Explain how a firewall could be used to secure the data in a computer connected to the Internet.
List o f features:
- Examine a l l the traffic routed between the
private network and public network . . . .
- . . . . and check whether the traffic meets certain criteria
- If the criteria fails, the firewall will block the traffic
- It filters inbound and outbound traffic
- It can be used to log a l l attempts to enter a
private network and warn of such attempts
- Can prevent access to u ndesirable websites or websites which pose a security risk
- It helps to prevent malware/viruses getting into computers on the private network
- It keeps a list of undesirable websites or IP
addresses
- It keeps a list of acceptable websites/IP addresses
- It can reduce the risk of hacking from outside the private network
- It allows a user to accept or reject software trying to be downloaded from the Internet by software a lready installed on the user’s computer
What additional features do proxy servers offer to Internet users?
List of features:
- Proxy servers allow filtering of Internet traffic and can block access to certain websites
- Proxy servers help to speed up the access of information from web servers by using a cache;
the website home page is saved on the proxy
server cache (part of its memory area) after it is accessed for the first time - the next time the user wants to visit the same website, it is now accessed from the proxy server cache rather than from the remote web server; thus giving faster access
- Proxy servers help to keep a user’s IP address anonymous thus improving Internet security
- Some proxy servers can act as a firewall
improving security from, for example, hacking.
Describe what is meant by a cookie and discuss any potential security risks associated with the use of cookies.
An http cookie is a packet of information sent by a web server to a web browser and then sent back by the web browser to the web server every time it accesses it. Cookies are used to authenticate the
user (e.g. messages such as: ‘Welcome Nicolae. If you are not Nicolae please log out’ appear each time the website is accessed by the user).
Cookies also carry out user tracking and maintain user preferences (e.g. when visiting a music website, a user’s music choice wi l l be known as soon as they log on).
Cookies are not programs but are simply pieces of data and are unable to perform any operations on their own. They cannot erase or read data on the user’s computer and only allow detection of web pages viewed by the user on a particular web
site. Although this information is used to form annonymous profile of the user, and don’t contain personal data such as name and address, they have been the subject of some privacy concerns lately.
For this reason, they have been included here in the security issues section of the textbook.
Nonetheless, cookies have been the subject of many misconceptions over the years. For example, “none” of the foll owing are actually true:
- Cookies are like viruses and can do harm to data stored on a computer
- Cookies are a form of spyware/key logging
software and can access and transmit personal data when typed on a computer keyboard
- Cookies generate website pop ups/pop unders
. - Cookies are a form of spam
Name four potential security risks associated with connecting to
the Internet.
In each case, name a way of overcoming the risk.
Hacking:
- Use firewalls (these provide a log of incoming and outgoing traffic and can essentially prevent malicious access to a user’s computer or block
access to unwanted Internet sites).
- Use robust passwords and user ids.
- Use of encryption (this doesn’t stop illegal access to data but makes the intercepted data unreadable).
- Anti-hacking software is also available to helpprevent hacking.
Viruses:
- Install and regularly use u p-to-date anti-virus software (which detects and removes the virus or quarantines any files which have been infected).
- Do not use software from unknown sources
(e.g. from the Internet and CDs).
- Take care when opening attachments from
‘unknown’ email addresses.
Phishing:
- Many ISPs can filter out these phishing emails, but users should always be aware of the risk and exercise caution when opening emails.
Pharming:
- Certain anti-spyware software can identify and remove pharming code.
- The user should always be alert and look out for ‘clues’ that they are being re-directed to another site.
War driving:
- Use of WEP encryption.
- Use of passwords.
- Use of firewalls.
Spyware:
- Certain anti-spyware software can identify and remove this type of code/software.
- The user should always be alert and look out for ‘clues’ that they are being monitored in this way.
Shoulder surfing:
- The user is advised to ‘shield’ the keyboard
whilst they are typing a PIN i nto it, for example.
What is meant by the term cookie?
Why do websites send out cookies to customer’s computers?
Cookies are sma l l files sent to a user’s computer when they visit certai n websites. They store information about the user which is accessed every time they visit the website.
For example, every time the user logs on to a
website they may see a message such as ‘ Welcome back, Dmitry’; or ‘If you are not Dmitry Serdyuk then . . . . . ‘ This allows a user’s preferences to be recognised, for example, if a use often buys designer clothes, pop-ups (adverts) and pop-unders
related to designer clothes companies will appear on the user’s screen each time they visit the website.
They are not malicious or harmfu l and are simply a way of letting the website know who you are. But they can ‘clog’ up a computer which through time
will manifest itself as a slowing down of computer performance.
Describe how each of the following problems could occur and name a way of recovering from them. (i) Data loss (ii) Data corruption (iii) Illegal access to data
Hacking, Viruses, Phising, Shoulder Surfing, etc. cou ld lead to data loss/ corruption and constitute illegal access.
However, there are other factors which could
lead to data loss or corruption and there are
certain measures which can be taken to prevent or minimize these factors:
Accidental damage: use backups in case data is lost or corrupted; use passwords and user ids to restrict who has access to the data in the first place.
Hardware faults: hard d isk (head) crash guarded against by using backup files; use of UPS (uninterruptable power supply) in case of power loss; use of parallel systems.
Software faults: use backups in case data is lost or corrupted by software failure.
Incorrect computer operation: correct training of the work force which is reinforced on a regular basis; keep backups of files just in case.
A shopping mall offers customers WiFi hot spots (access points).
(a) Describe the security risk to users of this WiFi system.
(b) How can this risk be minimised?
(a) Wardriving is the act of locating and using WiFi (wireless Internet connection) connections i llegally; it usually involves driving round an area in a car to look
for WiFi signals. This requires a computer, wireless netcard (set to intercept and read network data packets)
and an antenna which can pick up the signals.
But, in general, tappi ng into a WiFi signal.
(b) . Use of WEP encryption; use of passwords; use of
fi rewall .
Look at the fol lowing list and tick whether it is a security risk or not a security risk to a user.
Description Security risk
Yes No
spyware
virus
cookie
phishing
spam
pharming
RSI
Description Security risk
Yes No
spyware . /
virus ./
cookie X
phishing . /
spam X
pharming . /
RSI XExplain why these statements are incorrect.
(i) Using encryption prevents a hacker gaining access to computer files.
(ii) Data Protection Acts prevent viruses being sent over the Internet.
(iii) Spyware is used to watch somebody keying in a PIN at an ATM
from a long d istance away.
(iv)Keeping back- up files wil l be an effective way of recovering
from a virus.
(v) Call centres are always an expensive way of giving customer support.
(i) Encryption scrambles the data, therefore doesn’t prevent access to files, it just makes them unreadable if illega l ly accessed.
(ii) DPA simply sets out the rules to protect data, but stil l can’t prevent hacking or remove the risk of viruses; the act indicates that data security is a necessary requirement together with protecting the i ntegrity of the data but i l legal acts can’t be prevented by an act on its own.
(iii) Spyware monitors actual key presses on a keyboard;
looking at a PIN as it is being entered at an ATM is shoulder surfing and isn’t a method of directly recording key presses as would happen with spyware.
(iv)The virus may be attached to the file itself; hence,
backing up the files would not be an effective way of recovering from a virus since using the backed up
files may simply reintroduce the virus to the system.
(v) Call centres tend to save companies’ money since
the workforce in the call centre countries tend to
be less expensive to hire.
Describe three ways in which banks help protect customers from
hackers and spyware.
Encryption is used in many cases to protect against
the effects of illegal access to data (i.e. to prevent
the hacker from understanding the data that has
been intercepted).
However, many banks, for example, go one stage
further when operating online banking. They
encrypt all data but also use some of the foll owing:
1 Use of user codes (this is often an 8-digit or
10-digit code unique to a user):
Please type in your user code:
2 Input some of the characters from a PIN and some of the characters from a password. This method prevents a hacker finding out the password/PIN, since each time a user logs onto the bank they wi l l be asked to key in different characters; for example, in the example below, the user is asked to type in the 3rd, 4th and 1st characters from their PIN and the 2nd, 5th and 9th
characters from their password:
Please type in the following characters from your PIN:
3rd
4th
1st
Please type in the fol lowing characters from
your password:
2nd
5th
9th
3 Alternatively, the user might be asked, for
example, to key in the 2nd, 5th and 9th characters from their password using drop down boxes.
This method is a further attempt to stop spyware picking up key presses (since the user clicks on the characters from the drop down boxes) and prevent the password cha racters becoming known to the spyware originator.
Please give the last four digits of your debit card:
‘You were last logged in on 5th August, 201 1.
