Chap 5.3 - solutions to cyber security threats

Question 1

Access control and levels

Answer 1

-hierarchy of different access levels through password to prevent unauthorised access
-important in organisation- keep data relevant to worker
-social networks in privacy settings- public access, friends, customs, data owner

Question 1

anti malware function

Answer 1

detect and remove malware

Question 2

anti virus function

Answer 2

-full system checks once a week and updates
-compare virus against signature files ( database of known viruses)
-do heuristics checking - check behaviors for possible viruses
-possible infected file are quarantined- automatically deleted, or asks user’s permission - maybe a false positive

Question 3

anti spyware function

Answer 3

-detect, remove and prevent installation of illegal spyware softwares
-encrypts file and keyboard strokes
-scans and warns uses of stolen information
-identifies spyware through file structure or typical features related to spyware

Question 4

authentication and how it works

Answer 4

-process of confirming user’s identity before allowing access
-user need to have something have, know, unique to them

Question 5

ways passwords are kept safe for authentification

Answer 5

-change frequently
-run anti- spyware
-shown as * on screen for privacy
-finite amount of tries
-has to match with user name

Question 6

biometrics and how it is done

Answer 6

-using physical charastics for access
-fingerprint scans
-retina scans
-face recognition
-voice recognition

Question 7

how does fingerprint scans work, good and bad

Answer 7

-image is compared to image stored in database
-1 in 5000 accuracy
good - person always has them, difficult to replicate, unique to each person, easy to use, small storage requirement
bad - mistakes if skin is dirty, damaged fingerprints

Question 8

how does retina scans work, good and bad

Answer 8

-use infrared light to scan blood vessels in the eyes
-person has to be still for 10 - 15 s
-1 in 10 000 000 accuracy
good - high accuracy, cannot replicate blood vessels
bad - intrusive, expensive installation, long time to verify

Question 9

how does face recognition scans work, good and bad

Answer 9

good- non- intrusive, inexpensive
bad - affected by lighting, hair , age changes, glasses

Question 10

how does voice recognition scans work, good and bad

Answer 10

• good - non- intrusive, short to verify, inexpensive
• bad - voice can be recorded and used, low accuracy, illnesses affecting voice

Question 11

2 step verification

Answer 11

-authentication that requires 2 methods of verification to prove user’s identity
-user has to enter username and password
-8 digit pin is sent to user via email/ phone no. which they can enter to get access

Question 12

automatic software updates

Answer 12

-softwares on device are updated
-done overnight or when device is of
-may contain patches

Question 13

what do patches do

Answer 13

update software security/ improve performance

Question 14

bad of automatic software updates

Answer 14

-disrupts device after n=installation, losing existing data

Question 15

what to do when checking spelling and tone

Answer 15

check;
-spelling and grammar
-tone and language
-URL links
-for secure protocol

Question 16

Firewalls

Answer 16

-software or hardware and protects system by filtering traffic
-between user’s computer and internet
-blocks internet if user’s criteria is not met
-prevents hacking, malware, phishing, pharming
-can’t prevent user’s in internal network to bypass firewall or diasble firewall

Question 17

proxy servers

Answer 17

-provides a layer of security between user and internet
-filters and blocks traffic
-keeps user’s IP private
prevents direct access to server
-is hit first when an attack is launched on computer
-faster access to website data using proxy server cache
-act as firewalls

Question 18

privacy settings

Answer 18

-controls on website or network that limits data access to public
-stops websites from collecting and using browsing data
-check to see payments method have been saved
-gives alert when browser is in a dangerous website
-web browsers have privacy options

Question 19

Secure Socket Layer (SSL)

Answer 19

-security protocol that encrypts data between user and server
-SSL certificates used to authenticate websites
-SSL is applied when there is green pad lock symbol
eg. online banking, online shopping, receiving emails

Question 20

3 differences between proxy server and firewall

Answer 20

1. proxy hides user’s Ip, not firewall
   2.Proxy protects server, firewall protects user’s computer
   3.proxy allows faster access to web page, not firewall

Question 21

2 similarities between proxy server and firewall

Answer 21

-both can be either hardware or software
-both block unauthorised access

Question 22

how does SSL ensure data is safe

Answer 22

-transmitted data is encrypted to prevent unauthorized access & data integrity
-establishes a secure & encrypted link between the server & the client
-ensures the server is authentic & the intended one

Question 23

difference btw phishing & pharming

Answer 23

-phishing tricks people to provide info through fake emails/ websites but pharming redirect users to fake websites without their knowledge
-phishing needs user to interact but pharming exploit vulnerabilities to redirect users