Chapter 5: The internet and its uses Flashcards
Definition of internet
the world-wide interconnection of networks; the internet makes use of TCP and IP protocols
Definition of World Wide Web
a massive collection of web pages and is based on hypertext transfer protocols (http and https)
Definition of (web) browser
software that connects to a domain name server (DNS) to locate IP addresses; a browser interprets HTML web pages sent to a user’s computer so that the user can read documents and watch multimedia
Definition of hypertext mark-up language (HTML)
the language used to design, display and format web pages, and to write http(s) protocols
Definition of uniform resource locator (URL)
a text-based address for a web page
Definition of hypertext transfer protocol secure (https)
http with extra security (such as SSL) applied
Definition of hyperlink
highlighted text or an image that is activated by clicking and links to further text, images, a web page or a website
Definition of domain name server (DNS)
a server that looks up domain names for websites in order to find the IP addresses that a computer needs to locate the web servers
Definition of cookie
a text file sent from a website to a user’s browser; it is used to remember user preferences each time they visit the website
Definition of user preferences
settings or options stored in cookies that can remember customised web pages or indicate browsing history to target adverts
Definition of session cookie
a cookie that is stored temporarily on a computer; it is deleted when the browser is closed or the website session ends
Definition of persistent cookies
a cookie that is stored on the user’s hard drive and only deleted when the expiry date is reached or the cookie is deleted by the user
Definition of virtual shopping basket
an area of memory in a website where items a user wishes to purchase are temporarily stored; items remain in the basket until payment is made or the session has ended
Definition of digital currency
currency (a system of money) that exists in electronic form only; it has no physical form and is essentially data on a database
Definition of cryptocurrency
a form of digital currency that uses a chain of decentralised computers to control and monitor transactions
Definition of cryptography
the protection of data/information by use of coding; it usually involves encryption and decryption
Definition of blockchain
a decentralised database where all transactions are stored; is consists of a number of interconnected computers but not a central server
Definition of timestamp
a digital record of the date and time that a data block is created in blockchain networks
Definition of proof-of-work
the algorithm used in blockchain networks to confirm a transaction and to produce new blocks to add to the chain; special users called miners complete and monitor transactions on the network for a reward
Definition of brute force attack
a ‘trial and error’ method used by cybercriminals to crack passwords by finding all possible combinations of letters, numbers and symbols until the password is found
Definition of word list
a text file containing a collection of words used in a brute force attack
Definition of data interception
an attempt to eavesdrop on a wired or wireless network transmission; cybercriminals often use packet sniffing or access point mapping / wardriving to intercept data
Definition of packet sniffing
a method used by a cybercriminal to examine data packets being sent over a network and to find the contents of a data packet, which are sent back to the cybercriminal
Definition of wardriving
using a laptop, antenna, GPS device and software to intercept Wi-Fi signals and illegally obtain data; sometimes called Access Point Mapping
Definition of wired equivalent privacy (WEP) encryption protocol security
an algorithm for wireless networks to protect them against data interception
Definition of denial of service (DoS) attack
a cyberattack in which cybercriminals seek to disrupt the normal operation of a website by flooding it with requests; also used to clog up a user’s mailbox by sending out thousands of spam emails
Definition of spam
unsolicited emails sent to a user’s mailbox
Definition of hacking
the act of gaining illegal access to a computer system without the owner’s permission
Definition of malware
programs (such as viruses, worms and Trojan horses) installed on a user’s computer with the aim of deleting, corrupting or manipulating data illegally
Definition of virus
a program or program code that replicates itself with the intention of deleting or corrupting files or by causing the computer system to malfunction
Definition of active host
functioning software that a virus can affect by attaching itself to the code or by altering the code to allow the virus to carry out its attack
Definition of worm
a stand-alone type of malware that can self-replicate; unlike viruses, worms don’t need an active host; they can spread throughout a network without the need for any action by an end-user
Definition of Trojan horse
a type of malware that is designed to look like legitimate software but contains malicious code that can cause damage to a computer system
Definition of spyware
a type of malware that gathers information by monitoring a user’s activities on a computer and sends the gathered information back to the cybercriminal who sent out the spyware
Definition of adware
a type of malware that attempts to flood the end-user with unwanted advertising
Definition of ransomware
a type of malware that encrypts data on a user’s computer and ‘holds the data hostage’ until a ransom is paid
Definition of phishing
sending out legitimate-looking emails designed to trick the recipients into giving their personal details to the sender of the email
Definition of spear phishing
similar to phishing but targeting specific people or organisations rather than carrying out a blanket attack
Definition of pharming
redirecting a user to a fake website in order to illegally obtain personal data about the user without their knowledge; unlike phishing, pharming is initiated without needing any action by the user
Definition of DNS cache poisoning
altering IP addresses on a domain name server (DNS) with the intention of redirecting a user’s browser to a fake website; carried out by a pharmer or hacker
Definition of social engineering
manipulating people into breaking normal security procedures (such as giving away their password) in order to gain illegal access to computer systems or to place malware on their computer
Definition of access levels
different levels of access in a computer system allowing a hierarchy of access levels depending on user’s level of security
Definition of anti-spyware
software that detects and removes spyware programs installed on a system; the software is based on typical spyware rules or known file structures
Definition of authentication
the process of proving a user’s identity by using something they know, something they have or something unique to them
Definition of biometrics
type of authentication that uses a unique human characteristic, such as fingerprints, voice or retina blood vessel pattern
Definition of two-step verification
a type of authentication that requires two methods of verification to prove the identity of a user
Definition of patch
an update for software that is developed to improve the software and/or to remove any bugs
Definition of typo squatting
the use by cybercriminals of subtle spelling errors in website addresses used to trick users into visiting their fake websites
Definition of firewall
software or hardware that sits between a computer and an external network (for example, the internet); the firewall monitors and filters all incoming and outgoing traffic
Definition of proxy server
a server that acts as an intermediary server through which internet requests are processed; it often makes use of cache memory to speed up web page access
Definition of privacy settings
controls available on social networking and other websites which allow users to limit who can access their profile or what they are allowed to see
Definition of secure sockets layer (SSL)
a security protocol used when sending data over a network (such as the internet)
Definition of SSL certificate
a form of digital certificate which is used to authenticate a website; providing the SSL certificate can be authenticated, any communication or data exchange between browser and website is secure
Differences between the internet and the World Wide Web
Internet:
- users can send and receive emails
- allows online chatting (via text, audio and video)
- makes use of transmission protocols (TCP) and internet protocol (IP)
- it is a worldwide collection of interconnected networks and devices
World Wide Web (WWW)
- it is a collection of multimedia web pages and other information on websites
- http(s) protocols are written using hypertext mark-up language (HTML)
- uniform resource locators (URLs) are used to specify the location of web pages
- web resources are accessed by web browsers
- uses the internet to access information from web servers
What does the website address consist of?
- domain host (www)
- domain name (website name)
- domain type (.com, .org, .net, .gov, for example)
- and sometimes country code (.uk, .de, .cy, for example)
What is the path?
The path is the web page, but is often omitted and it then becomes the root directory of the website
What is the file name?
The file name is the item on the web page
What are common features of browsers?
- they have a home page
- they can store a user’s favourite websites/web pages (referred to as bookmarks)
- they keep a history of websites visited by the user (user history)
- the have the ability to allow the user to navigate forwards and backwards through websites/web pages already opened
- many web pages can be open at the same time by using multiple tabs
- they make use of cookies
- they make use of hyperlinks that allow navigation between websites and web pages
- data is stored as a cache
- make use of JavaScript
- use an address bar
In what way can hyperlinks be opened?
- open in a new tab by using <ctrl> + <click></click></ctrl>
- open in the same tab by simply clicking on the link
How is DNS used to locate and retrieve a web page?
- The user opens their browser and types in the URL and the browser asks the DNS server (1) for the IP address of the website
- In this case, let’s assume the DNS server can’t find the URL in its database or its cache, so it sends out a request to a DNS server (2)
- The DNS server (2) finds the URL and can map it; this IP address is sent back to the DNS server (1) which now puts this IP address and associated URL into its cache/database
- This IP address is then sent back to the user’s computer
- The computer now sets up a communication with the website server and the required pages are downloaded. HTML files are sent from the website server to the computer. The browser interprets the HTML, which is used to structure content, and then displays the information on the user’s computer
(NB: in this case, the IP address was found on the second DNS server)
What are the two types of cookie?
- session cookie
- persistent (or permanent) cookie
Uses of (persistent) cookies
- allow the website to remember users’ passwords, email addresses and invoice details, so they won’t have to insert all of this information every time they visit or every time they purchase something from that website
- serve as a memory, enabling the website to recognise users every time they visit it
- save users’ items in a virtual shopping basket/cart
- track internet habits and users’ website histories or favourites/bookmarks
- target users with advertising that matches their previous buying or surfing habits
- store users’ preferences (e.g. recognise customised web pages)
- are used in online financial transactions
- allow progress in online games and quizzes to be stored
- allow social networking sites to recognise certain preferences and browsing histories
- allow different languages to be used on the web pages automatically as soon as users log on
How does cryptocurrency use decentralisation?
- Cryptocurrency uses cryptography to track transactions; it was created to address the problems associated with the centralisation of digital currency
- Traditional digital currencies are regulated by central banks and governments (in much the same way as fiat currencies). This means all transactions and exchange rates are determined by these two bodies. Cryptocurrency has no state control and all the rules are set by the cryptocurrency community itself
- Unlike existing digital currencies, cryptocurrency transactions are publicly available and therefore all transactions can be tracked and the amount of money in the system is monitored
- The cryptocurrency system works by being within a blockchain network which means it is much more secure
What areas is blockchain used in?
- cryptocurrency (digital currency) exchanges
- smart contracts
- research (particularly within pharmaceutical companies)
- politics
- education
In a denial of service attack, what may the attacker be able to prevent the user from doing?
- accessing their emails
- accessing websites/web pages
- accessing online services (such as banking)
How could a website guard against a DDoS?
- using an up-to-date malware checker
- setting up a firewall to restrict traffic to and from the web server or user’s computer
- applying email filters to filter out unwanted traffic (for example, spam)
What are signs a user can look out for to see if they have become a victim of a DDoS attack?
- slow network performance (opening files or accessing certain websites)
- inability to access certain websites
- large amounts of spam email reaching the user’s email account
What are some examples of malware?
- Viruses
- Ransomware
- Adware
- Spyware
- Trojan horse
- Worms
What can adware do?
- highlight weaknesses in a user’s security defences
- be hard to remove - it defeats most anti-malware software since it can be difficult to determine whether or not it is harmful
- hijack a browser and create its own default search requests
What are ways to prevent phishing attacks?
- users need to be aware of new phishing scams; those people in industry or commerce should undergo frequent security awareness training to become aware of how to identify phishing (and pharming) scams
- it is important not to click on any emails links unless totally certain that it is safe to do so; fake emails can often be identified by ‘Dear Customer …’ or ‘Dear email person@gmail.com …’ and so on
- it is important to run anti-phishing toolbars on browsers (this includes tablets and mobile phones) since these will alert the user to malicious websites contained in an email
- always look out for https or the green padlock symbol in the address bar
- regular checks of online accounts are also advisable as well as maintaining passwords on a regular basis
- ensure an up-to-date browser is running on the computer device (which contains all of the latest security upgrades) and run a good firewall in the background at all times; a combination of a desktop firewall (usually software) and a network firewall (usually hardware) considerably reduces the risk of hacking, pharming and phishing on network computers
- be very wary of pop-ups and use the browser to block them; if pop-ups get through your defences, don’t click on ‘cancel’ since this can ultimately lead to phishing or pharming sites- the best option is to select the small x in the top right-hand corner of the pop-up window which closes it down
Why does pharming pose a threat to data security?
Pharming redirects internet users to a fake or malicious website set up by, for example, a hacker; redirection from a legitimate website for the fake website can be done using DNS cache poisoning
How is it possible to mitigate against the risk of pharming?
- use of anti-virus software can detect unauthorised alterations to a website address and warn the user of the potential risks
- However, if the DNS server itself has been infected (rather than the user’s computer) it is much more difficult to mitigate the risk
- Many modern browsers can alert users to pharming and phishing attacks
- It is very important to check the spelling of websites to ensure the web address used is correct
- As with phishing, use of https or the green padlock in the address bar is an additional form of defence
What are the five most common types of social engineering threat?
- Instant messaging
- Scareware (e.g. fake anti-virus that looks real)
- Email/phishing scams
- Baiting
- Phone calls
Social engineering: Instant messaging
Malicious links are embedded into instant messages; for example, an important software upgrade (relies on user’s curiosity)
Social engineering: Scareware
This is often done using a pop-up message that claims that the user’s computer is infected with a virus; the user is told they need to download the fake anti-virus immediately (relies on user’s fear)
Social engineering: Emails/phishing scams
The user is tricked by the apparent genuineness of an email and opens a link in the email; this redirects their browser to a fake website (relies on user’s trust of well-known companies)
Social engineering: Baiting
The cybercriminal leaves a malware-infected memory stick somewhere where it can be found; the finder picks up the memory stick and plugs it into their computer (just to see who it belongs to) and wittingly downloads malicious malware (relies on user curiosity)
Social engineering: Phone calls
For example, a so-called IT professional calls the user on their mobile claiming their device has been compromised in some way; the user is advised to download some special software that allows the cybercriminal to take over the user’s device giving them access to personal information (relies on fear)
What are the three most common human emotions to exploit with social engineering?
- Fear
- Curiosity
- Empathy and trust
How is fear exploited with social engineering?
the user is panicked into believing their computer is in immediate danger and isn’t given time to logically decide if the danger is genuine or not; fear is a very powerful emotion that can easily be exploited by a cybercriminal
How is curiosity exploited with social engineering?
the user can be tricked into believing they have won a car or they find an infected memory stick lying around; their curiosity gets the better of them and they give their details willingly to win the car (for example, credit card details to pay for delivery or road tax) or they are curious who the memory stick belongs to; without thinking clearly, their curiosity gets the better of them and the damage is done
How is empathy and trust exploited with social engineering?
a real belief that all genuine-sounding companies can be trusted, therefore emails or phone calls coming from such companies must be safe; a dangerous assumption that the cybercriminal can exploit fully
Stage 1 of a cybercriminal targeting their victim
The victims are identified; information about victim gathered and method of attack decided
Stage 2 of a cybercriminal targeting their victim
At this stage the victim is being targeted (either through email, phone call, Trojan horse and so on; it all depends on who the victim is)
Stage 3 of a cybercriminal targeting their victim
The attack on the victim is now executed allowing the cybercriminal to obtain the information or to cause the disruption decided on at Stage 1
Stage 4 of a cybercriminal targeting their victim
When the cybercriminal has decided they have what they wanted then try to remove all traces of the malware to cover their tracks
What are the four typical access levels in social networks?
- Public access (this refers to the data anyone from the general public can access)
- Friends (only people identified as ‘friends’ by the owner of the data can see certain data)
- Custom (this allows the user to further refine what data can be seen by ‘friends’ allowing them to exclude certain content from selected people)
- Data owner (this is data only the owner of the data can see)
What methods can anti-spyware software be based on?
- rules- in this case, the software looks for typical features which are usually associated with spyware thus identifying any potential security issues
- file structures- in this case, there are certain file structures associated with potential spyware which allows them to be identified by the software
What are the general features of anti-spyware?
- detect and remove spyware already installed on a device
- prevent a user from downloading spyware
- encrypt files to make the data more secure in case it is ‘spied’ on
- encryption of keyboard strokes to help remove the risk posed by the keylogging aspects of some spyware
- blocks access to a user’s webcam and microphone (the software stops the spyware taking over the control of a user’s webcam and microphone which can by used to collect information without the user’s knowledge)
- scans for signs that the user’s personal information has been stolen and warns the user if this has happened
What are three common factors used in authentication?
- something you know (e.g. a password or PIN code)
- something you have (e.g. a mobile phone or tablet)
- something which is unique to you (e.g. biometrics)
When are passwords frequently used?
- when accessing email accounts
- when carrying out online banking or shopping
- accessing social networking sites
How can passwords be protected?
- run anti-spyware software to make sure that your passwords aren’t being relayed back to whoever put spyware on your computer
- change passwords on a regular basis in case they have come into the possession of another user, illegally or accidentally
- passwords should be difficult to crack; passwords are grouped as either strong (hard to crack or guess) or weak (relatively easy to crack or guess)
What should strong passwords contain?
- at least one capital letter
- at least one numerical value
- at least one other keyboard character
What are examples of biometrics?
- fingerprint scans
- retina scans
- face recognition
- voice recognition
Benefits of fingerprint scans
- it is one of the most developed biometric techniques
- very easy to use
- relatively small storage requirements for the biometric data created
Drawbacks of fingerprint scanning
- for some people it is very intrusive, since it is still related to criminal identification
- it can make mistakes if the skin is dirty or damaged (e.g. cuts)
- relatively expensive to install and set up
Benefits of retina scans
- very high accuracy
- there is no known way to replicate a person’s retina
Drawbacks of retina scans
- it is very intrusive
- it can be relatively slow to verify retina scan with stored scans
- very expensive to install and set up
Benefits of face recognition
- non-intrusive method
- relatively inexpensive technology
Drawbacks of face recognition
- it can be affected by changes in lighting, the person’s hair, change in age, and if the person is wearing glasses
Benefits of voice recognition
- non-intrusive method
- verification takes less than 5 seconds
- relatively inexpensive technology
Drawbacks of voice recognition
- a person’s voice can be easily recorded and used for unauthorised access
- low accuracy
- an illness such as a cold can change a person’s voice, making absolute identification difficult or impossible
What actions should you take before opening an email or activating any link in it?
- Check out the spellings in the email and in the links; professional, genuine organisations will not send out emails which contain spelling or major grammatical errors
- Carefully check the tone used in the email message; if it is rushing you into doing something or if the language used seems inappropriate or incorrect, then it could be a phishing email or worse
What are five things to look out for in an email to ensure it is safe and genuine?
- The email address itself; no legitimate company will use an email address such as @gmail.com
- The tone of the email and spelling
- Misspelling of domain names - beware of typo squatting
- Suspicious links
- Plain spelling mistakes
What are the main tasks carried out by a firewall?
- examines the ‘traffic’ between user’s computer (or internal network) and a public network (e.g. the internet)
- checks whether incoming or outgoing data meets a given set of criteria
- if the data fails the criteria, the firewall will block the ‘traffic’ and give the user (/ network manager) a warning that there may be a security issue
- firewall can be used to log all incoming and outgoing ‘traffic’ to allow later interrogation by the user (/ network manager)
- criteria can be set so that the firewall prevents access to certain undesirable sites; the firewall can keep a list of all undesirable IP addresses
- it is possible for firewalls to help prevent viruses or hackers entering the user’s computer (or internal network)
- the user is warned if some software on their system is trying to access an external data source (for example, automatic software upgrade); the user is given the option of allowing it to go ahead or request that such access is denied
What are some circumstances where the firewall can’t prevent potential harmful ‘traffic’?
- it cannot prevent individuals, on internal networks, using their own hardware devices (e.g. modems, smartphones) to bypass the firewall
- employee misconduct or carelessness cannot be controlled by firewalls (for example, control of passwords or user accounts)
- users on stand-alone computers can choose to disable the firewall, leaving their computer open to harmful ‘traffic’ from the internet
Features of proxy servers
- allows internet traffic to be filtered; it is possible to block access to a website if necessary
- keeps users’ IP addresses secret which improves security
- if the internet traffic is valid, access to the web server is allowed
- if the internet traffic is invalid, access to the web server is denied
- it is possible to block requests from certain IP addresses
- prevents direct access to a web server by sitting between the user and the web server
- if an attack is launched, it hits the proxy server instead - this helps to prevent hacking, DoS, and so on
- used to direct invalid traffic away from web servers which gives additional protection
- by using the feature known as a cache, it is possible to speed up access to information/data from a website; when the website is first visited, the home page is stored on the proxy server; when the user next visits the website, it now comes from the proxy server cache instead, giving much faster access
- can also act as firewalls
What can privacy settings refer to?
- a ‘do not track’ setting; the intention here is to stop websites collecting and using browsing data which leads to improved security
- a check to see if payment methods have been saved on websites; this is a useful safety feature which prevents to need to type in payment details again (every time you type in financial details, there will be a risk of data interception)
- safer browsing- an alert is given when the browser encounters a potentially dangerous website (undesirable website will be in a ‘blacklist’ stored on user’s computer)
- web browser privacy options (e.g. storing browsing history, storing cookies)
- website advertising opt-outs; a website may be tracked by any number of third parties who gather information about your browsing behaviour for advertising purposes
- apps; for instance, the sharing of location data in map apps can be switched off
What are examples of where SSL would be used?
- online banking and all online financial transactions
- online shopping/commerce
- when sending software out of a restricted list of users
- sending and receiving emails
- using cloud storage facilities
- intranets and extranets (as well as the internet)
- Voice over Internet Protocols (VoIP) when carrying out video chatting and/or audio chatting over the internet
- used in instant messaging
- when making use of a social networking site
Features of the internet
- Users can send and receive emails
- allows online chatting (via text, audio and video)
- makes use of transmission protocols (TCP) and internet protocols (IP)
- a worldwide collection of interconnected networks and devices
Features of the World Wide Web (WWW)
- a collection of multimedia web pages and other information on websites
- http(s) protocols are written using hypertext mark-up language (HTML)
- uniform resource locators (URLs) are used to specify the location of web pages
- web resources are accessed by web browsers
- uses the internet to access information from web servers
What does HTML stand for?
hypertext mark-up language
What does URL stand for?
Uniform resource locators
What does http stand for
hypertext transfer protocol
What does the s stand for in https
secure
What does DNS stand for
Domain Name Server
What are the two types of cookie
session cookie
persistent (or permanent) cookie
Types of malware
Viruses
Worms
Ransomware
Adware
Spyware
Trojan horse
Types of social engineering
instant messaging
scareware
emails/phishing scams
baiting
phone calls
What are the 4 stages in a typical social engineering scam?
- The victims are identified; information about victim gathered and method of attack decided
- At this stage the victim is being targeted (either through email, phone call, Trojan horse and so on; it all depends on who the victim is)
- The attack on the victim is now executed allowing the cybercriminal to obtain the information or to cause the disruption decided on at State 1
- When the cybercriminal has decided that they have what they wanted they try to remove all traces of the malware to cover their tracks
Describe three of the features of web browsers
Three from:
- They have a home page
- Can store a user’s favourite websites (used as a bookmark)
- Keep a user history
- Have the ability to allow the user to navigate forwards and backwards through websites/web pages already opened; many webpages can be open at the same time (navigation)
- Make use of hyperlinks
- Make use of cookies
- Data is stored as a cache
- They translate HTML and display the result of the translation on the user’s device
- They make use of JavaScript
- They use an address bar
Explain what is meant by a session cookie
A cookie that is stored temporarily on a computer
Explain what is meant by a persistent cookie
A cookie that is only deleted when its expiry date is reached or it is deleted by the user
Give three uses of cookies
Three from:
- They allow a website to remember a user’s details
- They allow a website to recognise a user every time they visit the website
- They can save a user’s items in a virtual shopping basket
- They can track a user’s internet habits and their browsing history or favourites (bookmarks)
- They can target users with advertising which matches previous buying/surfing habits
- They can store user preferences
- They allow different languages to be used on the webpage automatically as soon as a user logs onto the website
- They allow progress in online games/quizzes to be stored
True or false: All digital currency systems use blockchaining
False
True or False: Blockchaining uses a decentralised database
True
True or False: The last block in a blockchain is known as the ‘genesis block’
False
True or false: New hash values are only generated when data in a block is altered
False
True or false: Tampering of data in a block by a hacker would cause the hash value to change
True
True or false: Blocks are ‘policed’ by network users called ‘miners’
True
When a new transaction in cryptocurrency takes place, a new block is created.
Name three values that would be created for this new block.
- data (e.g. name of sender/recipient)
- hash value (a unique ‘fingerprint’)
- previous hash value (pointing backt o previous block in the chain)
Explain the difference between digital currency and cryptocurrency
- Cryptocurrency uses cryptography to track transactions
- Digital currency uses a central banking system; whereas cryptocurrency is decentralised
- Cryptocurrency uses block chaining
- Cryptocurrency transactions are publicly available and therefore all transactions
Give three of the features of typical anti-spyware software
Three from:
- it detects and removes spyware already installed on a device
- it prevents a user from downloading spyware
- it encrypts files to make the data more secure in case it is ‘spied’ on
- it encrypts keyboard strokes to help remove the risk posed by the keylogging aspects of some spyware
- it blocks access to a user’s webcam and microphone (the software stops the spyware from taking over the control of a user’s webcam and microphone which can be used to collect information without the user’s knowledge)
- it scans for signs that the user’s personal information has been stolen and warns the user if this has happened
Explain the benefits to a user of allowing automatic updates to software on, for example, a smartphone
- They contain ‘patches’ that contain software improvements, for example, removing glitches or adding new features
- Updates may contain security fixes, such as improved antimalware routines
One of the ways of checking the authenticity of emails and website links is to look out for spelling mistakes in the URL. Describe four other ways that can be used to identify potential fake emails and URL links. Include examples wherever possible in your answer.
Four from:
- email address gives clues, for example, no company will use an email such as ‘…@gmail.com’
- email address should contain the company name
- tone of email is a clear indication of a scam
- not only spelling mistakes, but the language used and the way the target victim is addressed, for example ‘Dear User’
- typo squatting
- suspicious links; the destination address should match the rest of the email
- some links (such as, How To Contact Us) don’t work
- look at the domain; for example, large companies would use .com rather than .co or .org
Explain what is meant by SSL
A type of protocol that:
- allow data to be sent and received securely over a network
- encrypts data
- is active when the connection protocol is https or if there is a small green padlock by the website address
Give three examples of where SSL would be used
Three from:
- online banking and financial transactions
- online shopping/commerce
- when sending out software to a restricted list of users
- sending/receiving emails
- using cloud storage facilities
- using VoIP
- when using instant messaging
- when using social networking sites
Explain why firewalls are used
- They can filter information in and out of a computer
- They are the primary defence of any computer system to prevent it from hacking, malware, phishing and pharming
- They can be hardware or software
Give four of the tasks carried out by a firewall.
Four from:
- It is used to examine the ‘traffic’ between a user’s computer (or internal network) and a public network (e.g. the internet)
- It checks whether incoming or outgoing data meets a given set of criteria, and if the data fails the criteria, the firewall will block the ‘traffic’ and give the user (or network manager) a warning that there may be a security issue
- The firewall can be used to log all incoming and outgoing ‘traffic’ to allow later interrogation by the user (or network manager)
- Criteria can be set so that the firewall prevents access to certain undesirable sites; the firewall can keep a list of all undesirable IP addresses
- Alternatively, the firewall can be set to only allow access to known and trusted IP addresses
- It is therefore possible for firewalls to help prevent viruses or hackers from entering the user’s computer (or internal network)
- The user is warned if some software on their system is trying to access an external data source (e.g. automatic software upgrade); the user is given the option of allowing it to go ahead or request that such access is denied
