Chapter 5 Flashcards
(21 cards)
World Wide Web:
A collection of all the websites and web pages made available. Accessed using the internet.
How does the web browser obtain the IP address of the web server a URL is stored in?
User opens web browser and types URL in address bar. Web browser sends URL to DNS. DNS searches for the IP address in its data base. If it doesn’t find it, it sends it to the next DNS. This will continue until it is found. If it is not found, a message is sent to the web browser informing it that it wasn’t found. When the domain name is found, it sends the equivalent IP address back to the web browser, the IP address of the web server that stores the website
Web server:
Network component where a webpages from a website are stored
Three components of a URL:
Protocol (set of rules for transmitting data) , domain name (unique name for web server) and web page/file name
Web browser requests for a web page and renders the HTML and CSS process:
Web browser uses the IP address to send a request to web server to obtain data for a web page. Web server sends data including HTML CSS and active script to web browser. Web browser renders HTML and CSS and runs the active script to display the web page.
Explain how you can obtain the S in the HTTPS
It involves the use of digital certificates. This is a certificate that the owners of a website need to apple for from a certificate authority (organization that checks whether a website is authentic and trustworthy). If the certificate authority believe the website is authentic, they will issue them a digital certificate.
What is the difference between HTTP and HTTPS?
HTTPS has an additional layer of security that encrypts data when transmitted called the TLS
How is a digital certificate used In HTTPS?
Web browser asks web server to send digital certificate
Web server sends digital certificate
Web browser authenticates the certificate. If authenticated, encrypted data transmission.
Main purpose of web browser:
Displays web pages by rendering HTML
Uses of a web browser:
Allows user to access information available on the World Wide Web
Provides address bar
Keeps track of user history
Let’s you bookmark and favorite pages
Let’s you open multiple tabs at a time
Let’s you navigate between web pages
Stores and manages cookies
Displays web pages
Cookie:
Small text file used to store data, by a web browser, like username, password, bank card details and products in a virtual shopping cart
Difference between session cookie and persistent cookie
A session cookie is deleted when the web browser is closed. Stored in RAM.
A persistent cookie is stored in the hard drive by the web browser until deleted by the user or expires.
Define digital currency, cryptocurrency, digital ledger and block chain
Digital currency: currency that exists electronically
Cryptocurrency: digital currency that uses encryption
Blockchain: list of all records made with cryptocurrency
Digital ledger: data base of blockchain. Contents can’t be changed.
Brute-force attack:
Multiple guesses are made at your password to steal personal data. Can be prevented by having a biometric password, strong password, limited password attempts and two step verification
Data interception:
Data packets are intercepted through the use of software like packet sniffers to steal your personal data. Can be prevented by visually checking a website uses HTTPS protocol or encryption
DDoS attack:
Malware is sent to many computers to turn them into bots to create a bot net. The perpetrator uses the bot not to send many requests to the web server at the same time to make it crash. You can scan your computer with anti malware.
Hacking:
A hacker gains unauthorized access to your information to steal or corrupt your data by exploiting a vulnerability like an outdated OS or open port. You can use firewall (cyber security method used to examine incoming and outgoing traffic) , automatic software updates, biometric password and two step verification.
Malware:
Malicious software; spyware, Trojan horse, ransomware, adware, virus, worm
They are downloaded into your computer to gain access to your data. You can use antimalware software, back up data and firewall.
Pharming:
Malicious software is downloaded to your hard drive that will redirect you to a fake web page when you enter the genuine URL to gain access to your data. Use antimalware software, download data only from trusted sources and visually check the web page for errors.
Phishing:
A fake email that looks genuine is sent to the user to encourage the user to enter personal information by clicking a link to a fake website or responding to the email. Check that the spelling and tone are correct, and if the website looks like it usually does.
Social engineering:
Involves manipulating or deceiving the user into providing conditional or confidential information. Use access level (amount of direct access a user is given to data and resources) and awareness of how social engineering is conducted.