Chapter 5 (5.3 B) Auth and Verification

Question 1

What are access levels

Answer 1

system allowing a hierarchy of access levels depending on
user’s level of security

Question 2

2 Anti-malware softwares

Answer 2

Anti-virus
Anti-spyware

Question 3

What is an anti-spyware software

how does it identify

Answer 3

software that detects and removes spyware programs installed on a system; Identifies spyware based on typical spyware rules or known file structures

Question 4

General features of anti-spyware

name 4

Answer 4

» detect and remove spyware already installed on a device
» prevent a user from downloading spyware
» encrypt files to make the data more secure in case it is ‘spied’ on
» encryption of keyboard strokes to help remove the risk posed by the keylogging aspects of some spyware
» blocks access to a user’s webcam and microphone (the software stops the spyware taking over the control of a user’s webcam and microphone which can be used to collect information without the user’s knowledge)
» scans for signs that the user’s personal information has been stolen and warns the user if this has happened.

Question 5

What is Authentication

the 3 questions

Answer 5

the process of proving a user’s identity by using:
>something they know
>something they have
>something unique to them

Question 6

Char of a strong password

Answer 6

use special characters
use numbers
use upper and lowercase

Question 7

What are biometrics

Answer 7

type of authentication that uses a unique human characteristic, such as fingerprints, voice or retina blood vessel pattern

Question 8

Adv and disadv of fingerprint

Answer 8

Adv:
Easy to use
Relatively small storage requirements

Disadv:
Can be intrusive since its related to criminal identification
Inaccurate if skin is dirty or damaged

Question 9

Adv and disadv of retina

Answer 9

Adv:
very high accuracy
no known way to replicate a person’s retina

disadv:
very intrusive
expensive to install and set up

Question 10

Adv and disadv of face recog

Answer 10

Adv:
non-intrusive method
relatively inexpensive tech

Disadv:
Can be affected by changes in lighting, wearing glasses or a mask etc

Question 11

Adv and disadv of Voice recognition

Answer 11

Adv:
Non-intrusive method
Verification takes less than 5 seconds (is quick)
relatively inexpensive tech

Disadv:
Low accuracy
Recordings of the person’s voice can be played to bypass

Question 12

What is two factor auth

Answer 12

a type of authentication that requires two methods of verification to prove the identity of a user

Question 13

What are patches

Answer 13

an update for software that is developed to improve the software and/or to remove any bugs

Question 14

What all do you check in an email

Answer 14

Spellings
Tone of the email - shldnt be rushing
email address
misspelled domain names
suspicious links

Question 15

what is typo squatting

Answer 15

Subtle spelling errors in website addresses used to trick users into visiting their fake websites

Question 16

What is a firewall

Answer 16

software or hardware that sits between a computer and an external network and monitors and filters all incoming and outgoing traffic

Question 17

Functions of firewall

name 4

Answer 17

examine the ‘traffic’ between user’s computer

checks whether incoming or outgoing data meets a given set of criteria

Firewall blocks any traffic that fails to meet the criteria

Log all incoming and outgoing traffic

can prevent viruses or hackers from entering

Question 18

What can a firewall not control

Answer 18

Can’t prevent individuals on internal networks using their own devices from bypassing the firewall

can’t stop a user from disabling the firewall, leaving their computer susceptible to harmful traffic on the internet.

Question 19

What is a proxy server

what does it make use of to do what

Answer 19

a server that acts as an intermediary server through which internet requests are processed

it often makes use of cache memory to speed up web page access

Question 20

Features of a proxy server

Answer 20

Internet can be filtered
Helps prevents DOS since if an attack is launched it hits the proxy server
Can act as firewalls
Webserver is allowed or denied if traffic is valid or invalid

Question 21

What are privacy settings

Answer 21

Controls that allow users to limit who can access their profile or what they are allowed to see on social networking sites.

Question 22

Privacy settings features

Answer 22

‘do not track’ setting; the intention here is to stop websites collecting and using browsing data which leads to improved security

website advertising opt-outs;

safer browsing; an alert is given when the browser encounters a potentially dangerous website

Question 23

What is SSL

Answer 23

secure sockets layer (SSL) – a security protocol used when sending data over a network

Question 24

Steps of SSL

Answer 24

The user’s browser sends a message so that it can connect with the required website which is secured by SSL

Browser asks the web server to identify itself

Web server responds with its SSL certificate

Browser authenticates this certificate, a message is sent to the server to allow communication

After the message is received, the web server acknowledges the web browser and SSL-encrypted 2-way data transfer begins.

Question 25

What is an SSL certificate

Answer 25

a form of digital certificate which is used to authenticate a website; Once the SSL certificate is auth, data exchange between browser and server are secure.

Question 26

3 examples of where ssl are used

Answer 26

» online banking and all online financial transactions
» online shopping/commerce
» when sending software out to a restricted list of users
» sending and receiving emails
» using cloud storage facilities
» intranets and extranets (as well as the internet)
» Voice over Internet Protocols (VoIP) when carrying out video chatting and/or
audio chatting over the internet
» used in instant messaging
» when making use of a social networking site.

Question 27

How to ensure passwords are protected

Answer 27

run anti-spyware software to make sure that your passwords aren’t being relayed back to whoever put the spyware on your computer

change passwords on a regular basis

Use strong passwords