Chapter 10: Cybersecurity Flashcards

1
Q

What is accurate data?

A

Data that is true to the source. How close the data is to its true or accepted value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is correct data?

A

If the data is free from error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

If data is precise, what does this mean?

A

How close the data is to other sets of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is authentic data?

A

If the data is from a trusted source

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

If data is reasonable, what does this mean?

A

The data meets the expected range, values

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is data mining?

A

Process of extracting and discovering patterns in large sets of data, to come to conclusions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Give examples of accidental threats

A

1) Deletion of files without having a backup
2) Files saved in the wrong format, causing it to be lost or corrupt
3) Physical loss of hardware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are Event-based threats, give examples

A

Particular events that occur where the user has NO CONTROL over them, such as:

1) Failure of hardware, power failure, Software freezing all cause a file to be corrupt
2) Natural disasters -> significant loss of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are deliberate threats?

A

Where unauthorised people try to gain access to an organisations information, and can be both from the inside and outside of an organisation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is internet security?

A

Application of security measures based on a cost/benefit analysis, for instance a company can have a large range of security measures placed on it, but the cost of it will be very large

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Define protection

A

What can be done to prevent malicious attacks on the data within the organisation, AKA “front door”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Define User Authentication

A

Process where a person who wishes to gain access to an information system provides satisfactory credentials to allow them to be confirmed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the 3 categories of user authentication?

A

1) Ownership factors (what the user has)
- ID Card
- Phone

2) Knowledge factors (something the user knows)
- Password
- PIN
- Answer to a specific question

3) Inherence factors
- fingerprint
- biometrics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is defined as a “complex” password?

A

Consisting of:

1) At least 8 characters
2) A mix of numbers, letters and special case characters
3) Upper and Lowercase

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is password entropy?

A

How easily a password can be “cracked”, which is why the length of a password is important.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a dictionary attack?

A

Trying all the strings in a pre-arranged list, think “Dictionary”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

How can you prevent a dictionary attack?

A

By choosing a password that is not simple and common and isn’t found in any dictionary

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

How do you encrypt data using hashing?

A

When a user enters their username and password, both are hashed using a key to produce a hashed value of each that is SIGNIFICANTLY different from the original.
This hashed value can be compared to the hashed valuethat is stored in the database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is the benefit of encrypting data using hashing, and how can hashing be bypassed?

A

The main benefit is the database only contains hashed values, however, if a hacker obtains the hashed database, they can take their time and brute force all the different hash table keys, or by using a rainbow table.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What are rainbow tables?

A

List of all possible permutations of encrypted passwords, which are specific to a given hash table

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

How do rainbow tables work?

A

Once a hacker gains access the password database, they can compare the rainbow table’s PRECOMPILED list of potential hashes to the hashed passwordsin the database

(Reverse engineering of the hash is applied to the username and password basically)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is salt and how does it prevent the use of rainbow tables?

A

Process of adding random data to each username and password before it is hashed, for instance making them longer means that they have a larger hashed value.

Rainbow tables have difficulties with salted hashes as they first need to figure out what was used + what salt was added

23
Q

What is honeypot intrusion detection?

A

A form of trap that is used to detect hacking attacks or collect information on malware that can be used to protect the information system against future attacks.

It can also collect evidence that can be used in any potential prosecution if the intruder is caught.

A honeypot is a server on the network which often doesn’t have much protection to lure the intruder to the network, thus a (trap)

24
Q

What are firewalls?

A

They are either software or hardware security devices that filter traffic (both incoming and outgoing) within a network based off a specific configuration (or a set of rules)

25
Q

How do firewalls work?

A

When the traffic passes through a firewall, it is inspected to see if it meets certain criteria.

1) if it does -> it is allowed through
2) if it doesn’t-> it is blocked

How is traffic filtered?

1) the type of network traffic
2) source address
3) attributes of the address

26
Q

Difference between client and network firewalls

A

Client firewalls are softwares that run on an end user’s computer, and only protect the computer on which it is running

Whereas network firewalls are installed ont he boundary between 2 networks and protect the whole organisation

27
Q

What is Malware?

A

Malicious Software. Basically desinged to steal data and cause damage to computers and computer systems, eg networks and servers.

28
Q

What are computer viruses?

A

A program which is designed to replicate itself and is often transmitted via unremovable secondary storage devices such as USB Thumb drives, and portable hard drives

29
Q

How do computer viruses operate?

A

When a file is executed, they will find other files to attach themselves on and infect before passing control to the original file

Some computer viruses attach themselves into RAM, so when the files are loaded, they get infected

30
Q

How do computer viruses avoid detection?

A

Some of the viruses include code that encrypts the virus so that the “signature” of the virus is different

31
Q

What are worms?

A

Unlike computer viruses, worms are programs that replicate itself for the sole purpose of consuming bandwith, which is the rate of transfer of data

32
Q

What are trojans?

A

They are viruses that are disguised as another software package that performs a different purpose

33
Q

What are the functions of a trojan?, and what does it not do well?

A
  • It can install a “spambot”
  • it can install software that allows the user of the trojan to get access to the infected computer
  • install pop-up advertisements
  • can turn computer into a zombie
  • can delete files the same way a virus does

A trojan does not replicate itself well, as it relies on the user to download or distribute the program.

34
Q

What is a Distributed Denial of Service (DDOS) Attack?

A

A malicious attempt to disrupt the normal traffic of a targeted server/network by flooding it with an overload of traffic.

35
Q

How does a DDOS attack work?

A

Malware can establish zombies which can be used to send spam and are apart of a ‘botnet’. These zombies are instructed to send Internet protocol (IP) requests to a targeted web server. The sheer amount of requests is too much to handle.

36
Q

How can organisations stop a DDOS attack?

A

The only way is by changing your IP, which takes time. However, When you change ur IP, the hacker can just redirect the attack to the new IP Address.

37
Q

What is Spyware?

A

Type of malware which is concerned witht eh collection of information, often delivered as a payload, alongside a worm or a trojan

38
Q

What is Adware?

A

Subset of spyware, will display popup ads frequently, and these ads are a source of income for the owner

39
Q

What is a SQL?

A

Structured Query Language, designed to extract, add, delete or edit records in a database

40
Q

How does an SQL Injection work?

A

In a login system taking direct input from the user and placing it in a SQL command can be a concern, as the user has the ability to INJECT their own code into the query.

They can simply add an “or” statement, which makes the whole statement ALWAYS TRUE, such as fkrmgkmgrkw, “or” 1=1”.

This gives the user access to the entire database

41
Q

How do you protect from an SQL Injection?

A

Simply by validating the user input prior to inserting them into the SQL string as parameters, which prevents the users to directly write code into the input

42
Q

What is a Man in the middle attack?

A

Gaining access to a user’s data by inserting themselves in the middle of the communication that the user is having with the information system they are connected with (EAVESDROPPING)

43
Q

What is packet sniffing?

A

Gathering or collecting data that passes through a network by intercepting and reading it.

44
Q

How are unsecured public wireless connections a threat?

A

Public unsecured “open” connections may be sourced via a router which is protected by a firewall, you are not protected from the people closeby to you. Because data sent over an unsecured network is NOT ENCRYPTED, any data that you send or receive can be packet sniffed, or intercepted.

45
Q

How can you protect yourself from a Man in the middle attack?

A

1) Network discovery, by turning network discovery off, meaning that your computer will not be seen on the network

2) Disabling all means of sharing files and resources which are usually open by default

3) Using https instead of http when entering sensitive informationin sites, as https use an established encrypted connection to protect the data

4) Using ur own personal firewall

5) Connecting to a Virtual Private Network (VPN), as it is encrypted.

46
Q

Define Encryption?

A

Decoding information so that it is unreadable

47
Q

What is Symmetric Key Encryption?

A

The “plaintext” version of the data is encrypted using a “secret” key and then sent to the recipient who then needs to decrypt it using the same key. The problem with this is sending the secret key to the recipient without it being intercepted easily (securely)

48
Q

What is the benefit of using symmetric key encryption?

A

Good for sending a large amount of information

49
Q

What is Asymmetric key encryption?

A

Uses 2 keys, 1 public and 1 private key.

The public key can only be used to encrypt information

The private key can only be used to decrypt the information

50
Q

How does Asymmetric key encryption work?

A

1) If someone wants to send information to someone else, they must first request a copy of the public key

2) This enables them to encrypt the information and send it

3) When the information is received, the owner of the both the public and private key is able to decrypt the info using the private key

keep in mind that public keys can be sent to anyone who wishes to send information to you

But only you should have access to your private key

51
Q

What is the disadvantage of Asymmetric key encryption?

A

Works well but is not good for large amounts of information and is slow.

52
Q

What is Security Sockets Layer (SSL)?

A

Technology that keeps an internet connection secure, using encryption to protect the data being sent between 2 systems

Is a common application of ASYMMETRIC key encryption, which establishes a “handshake” between a web server and a web browser, by making sure that any data that is transferred impossible to read. TSL is just the more advanced version of SSL.

53
Q
A
54
Q
A