Chapter 4 - Security

Question 1

Asymmetric key encryption

Answer 1

Encryption system in which 2 keys are used: a public key to encrypt data and a private key to decrypt it.

Question 2

Backdoor

Answer 2

Method of bypassing security in a system, built in by the system designers.

Question 3

Biometric Enrolment

Answer 3

Process of registering users for biometric systems by taking initial samples.

Question 4

Biometric Template

Answer 4

Measurements taken from a biometric sample.

Question 5

Botnet

Answer 5

Group of zombie computers under the control of a criminal.

Question 6

Brute Force Attack

Answer 6

Attempt to break a password by trying all possible combinations of letters, numbers and symbols.

Question 7

Certificate Authority

Answer 7

Organisation that issues digital certificates to individuals and companies.

Question 8

Ciphertext

Answer 8

Result of encrypting plaintext

Question 9

Computer Misuse Act

Answer 9

UK law governing criminal offences committed using a computer.

Question 10

Dictionary Attack

Answer 10

Attempt of breaking in by trying all possible words.

Question 11

DDoS

Answer 11

Distributed Denial of Service Attack

Denial of service attack committed using dozens of computers, usually zombie computers on a bonnet.

Question 12

DNS poisoning

Answer 12

Technique used by criminals to alter DNS records and drive users to fake sites, to commit phishing.

Question 13

EV SSL

Answer 13

Extended Validation SSL. Digital certificate validation technique used on the World Wide Web.

Question 14

Key escrow

Answer 14

Idea of having encryption keys stored by third party companies so that the government can access them if needed.

Question 15

Key pair

Answer 15

A public and private key that work together in a public encryption system.

Question 16

Macro virus

Answer 16

Virus that takes advantage of the macro programming languages built into some software.

Question 17

Packet Sniffer

Answer 17

Software or hardware used to collect data travelling over a network.

Question 18

Pharming

Answer 18

Technique used by criminals to alter DNS records and drive users to fake sites, to commit phishing.

Question 19

Rootkit

Answer 19

Type of malware that infiltrates the OS and attempts to hide itself from view.

Question 20

Secret Key Encryption

Answer 20

Encryption system in which a single key is used for both encryption and decryption.

Question 21

Security Token

Answer 21

Hardware device that must be present during login to authenticate a user.

Question 22

Smishing

Answer 22

Phishing attacks using SMS.

Question 23

Social Engineering

Answer 23

Tricking a user into revealing their password or other sensitive data.

Question 24

Spam bot

Answer 24

Program that scans webpages for email addresses in order to send spam.