Chapter 5 - The Internet And Its Uses

Question 1

Internet

Answer 1

World-wide interconnection of networks. Makes use of transmission control protocols and internet protocols. Stems from INTERconnected NETwork and is more of a concept that relies on physical infrastructure that allows individual devices and networks to connect to others.

Question 2

WWW

Answer 2

World Wide Web
Massive collection of webpages based on hypertext transfer protocols (HTTP/HTTPS). A part of the internet that can be accessed by users through web browser software and used to access information using the internet.

Question 3

Differences between the internet (4) and WWW (5)

Answer 3

INTERNET:
allows for emails to be sent and recieved
Online messaging (text/audio/video)
Makes use of TCP and IP
World wide collection of interconnected networks and devices
WWW:
Web sources accessed by web browsers
Collection of multimedia and other information on websites
https is written using HTML (hypertext markup language)
URLs are used to specify the location of web pages
Uses the internet to access information from websources

Question 4

Web browser

Answer 4

Software that connects to the Domain Name Server to locate IP addresses. Interperets HTML pages sent to a users computer so that they can read documents and access multi-media. Allows user to access and display web servers on their screen. Show the translations of HTML

Question 5

URL

Answer 5

Uniform Resource Locators
Text based addresses for websites/used to access websites

Question 6

Format of URL

Answer 6

Protocol://website address/path/file name
(Https://websitename.za/ict)

Question 7

What is the parts of a website address in a URL (4)

Answer 7

Domain host (www)
Domain name(website name)
Domain type(.org.net etc)
Country code(.uk.za)

Question 8

Http

Answer 8

Hyper text transfer protocol
Written with HTML
Set of rules that must be obeyed when transferring files across the internet

Question 9

Https

Answer 9

Hypertext Tranfer protocol secure
Some form of security (SSL/TSL) is being used. Extra security applied meaning a more secure way of sending and receiving data over a network

Question 10

Features of web browsers (10)

Answer 10

Make use of java script
Allow the user to navigate forwards and backwards through previously opened pages
Hyperlinks
Home page
Address bar
Multiple tabs can be open at once
Data stored as cache
Bookmarks (store favourites)
User history
Cookies

Question 11

Hyperlink

Answer 11

Highlighted text or image activated by clicking that links to further text, photos or other webpages/websites

Question 12

Very brief description of websites (2)

Answer 12

Written in HTML
Hosted on a web server with its own IP address

Question 13

What do the DNS and URLs eliminate

Answer 13

The need for users to memorise IP addresses

Question 14

DNS

Answer 14

Domain Name server
Finds IP addresses for domain names given in URL from its large data base in which the URLs have matching IP addresses

Question 15

How is DNS used to locate and retrieve a webpage (5)

Answer 15

1. The user opens their browser and types in a URL code, and the browser requests the DNS find the IP address of the website.
2. DNS server 1 checks its data base and its cache, if it can’t find the URL it sends a request to DNS server 2
3. DNS server 2 finds the file and can map it. So the IP address is sent back to DNS server 1 which puts the IP address and associated URL into its data base and cache
4. IP address is sent to users computer
5. The computer sets up communication with the website server and the required pages are downloaded. HTML files are sent from the website and are interpreted by the browser which displays the content on the users screen

Question 16

Cookies

Answer 16

Small files of text/code sent by a web server to a browser and stored on the users computer. Small lookup tablets containing (key,data) pairs that are used to track data such as IP addresses and browsing activity to maintain user preferences based on their previous activity. Can also be used to customise the webpage for the user

Question 17

Cookie without an expiry date associated with it

Answer 17

Session cookie

Question 18

Types of cookies

Answer 18

Session cookies
Persistent/permanent cookie

Question 19

User preferences

Answer 19

Setting/options stored in cookies that can remember customised webpages/indicate browsing history to target adverts

Question 20

Session cookie

Answer 20

Cookie that is temporarily stored on users computer and is deleted when the browser is closed or the session ends. Used for online shopping to store things in the users virtual shopping basket. Stored in temporary memory and dont collect any information from users computer nor personally identifies users.

Question 21

Virtual shopping basket

Answer 21

Area of memory on a website that temporarily stores item a user wishes to purchase until a payment is made or the session expires.

Question 22

Advantage of persistent/permanent cookies

Answer 22

Remove the need for users to type in login details every time a certain website is visited

Question 23

Why do persistant cookies remember a users login details

Answer 23

So that they can authenticate a users browser

Question 24

Persistant/permanent cookies

Answer 24

Cookies stored an users hard drive that are only deleted when the expiry date is reached or the user deletes it (or deactivated after 6 months due to countries laws). Effective way of carring data between website sessions and eliminating the need for large amounts of data to be stored on the server itself as well as the typing in of login details each time the website is visited. May only store personal information and user preferences if given consent by the user and legitamate websites will encrypt the personal information stored in a cookie.

Question 25

Uses of persistant cookies (10)

Answer 25

Target users with adverts based on their previous activities
Save items in virtual shopping basket
Save things such as passwords and emails so that the user doesnt have to re enter them whenever they use a certain website
Serve as a memory allowing websites to recognise users
Track internet habits and histories for favourites/bookmarks
Stores user preferences
Online financial transactions
Stores Progress in games/quizzes
Automatically allows different languages on the webpages when the user logs on
Social networking sites can recognise certain preferences + browsing historiy

Question 26

What happens the first time a user logs onto a website

Answer 26

Users browser requests webpage from website
Web server replies and sends cookies to the users browser
Persistent cookies are stored on the users hard drive, session cookies stored in temporary memory
When the web browser/session is closed, persistent cookies remains stored and session cookies are deleted from memory

Question 27

What happens when a user logs into a website again

Answer 27

User logs in
Web server checks and identifies cookies stored on the users computer
User preferences, history and other details are recognised.

Question 28

Types of currency

Answer 28

Digital
Conventional Fiat-latin word meaning let it be done. Backed by government and banks instead of gold+silver reserves

Question 29

Digital currency

Answer 29

Currency that exists only in electronic form, no physical form, It essentially data on a data base.
Has made it possible for online banking. Relies on a central banking system.

Question 30

Problem and solution to centralisation

Answer 30

Problems maintaining confidentiality and security
Cryptocurrency (introduces decentrilisation)

Question 31

Features of crypto currency (4)

Answer 31

Uses cryptography to track transactions
Not regulated by government or banks, all rules are set by the cryptocurrency community
Transactions are publically availible thus allowing them to be tracked and for the money in the system to be monitored
Works by being within a blockchain network meaning it is much more secure

Question 32

Blockchains/blockchaining

Answer 32

Blockchaimn is a decentralised database where all transactions of networked members are stored. It consists of a number of interconnected computers that are not connected to a central server. All the transaction data is stored on all the computers meaning it cannot be altered without the consent from all the network members and each networked computer gets a copy of the transaction. It results in reduced security issues such as hacking

Question 33

Uses of blockchaining (5)

Answer 33

Politics
eductation
Cryptocurrency transactions
Smart contracts
Pharmaceutical research

Question 34

What does a blockchain block consist of

Answer 34

Data
Hash value (includes a time stamp)
Previous hash value

Question 35

What is the first block in a blockchain called

Answer 35

Genesis block

Question 36

Time stamp

Answer 36

Digital record of the time and date a block was created in a blockchain, proving that the event actually took place

Question 37

Why it is so hard to hack/tamper blockchain

Answer 37

It would be neccessary to attack every single block at once. When a new block is created it is sent to every computer in the network to check for correctness.
Proof-of-work makes sure it takes 10 minutes for the proof of work to be checked on each block befotre it can be added to the chain. This process is monitored by miners who get a commision for each new block created.

Question 38

How blockchain works

Answer 38

When a transaction takes place a new block with a hash value is created
When a chain of blocks is created and one is altered, the hash value of the block is changed and invalidates the rest of the chain (breaks it)

Question 39

Cyber security threats (8)

Answer 39

Brute force attacks
Phishing
Pharming
DDoS attacks
Malware
Social engineering
Data interception
Hacking

Question 40

Brute force attack

Answer 40

Hacker systematically trying all the combinations of letters, symbols and numbers until your password is found

Question 41

Word list

Answer 41

List of millions of words that could be used in a brute force attack

Question 42

Data interception

Answer 42

Form of stealing data by tapping into a wired/wireless connection communication link to comprimise privacy and obtain confidential data

Question 43

Packet sniffer

Answer 43

Form of data interception that examines data over a wired network and sends it back to the hacker

Question 44

Wardiving (def+alternative name)

Answer 44

Access point mapping
Form of data interception using a laptop or smart phone, GPS, antenna and other software outside a building or someones house to intercept wifi signals to illegally obtain data. The intercepted wifi signal reveals personal information to the hacker without the user knowing its happening

Question 45

Ways to prevent data interception (3)

Answer 45

Dont use wireless connectivity in public - there is no encryption
Protect the use if wireless connectivity with complex passwords
WEP- Wired Equivalency Privacy encryption protocol and a firewall to protect and encrypt your data

Question 46

DDoS

Answer 46

Distributed denial of services
Prevents users from accessing their emails, certain websites and online services by flooding the network with spam traffic from multiple computers to make it hard to block. This over floods the server so that it cannot service the users legitimate request thus denying them service.

Question 47

How to protect against DDos (3)

Answer 47

Use up-to-date malware checker
Set up a firewall to restrict traffict to and from web servers/computer
Apply email filters

Question 48

How to identify that you were a victim of a DDoS attack (3)

Answer 48

Slow network processing
Cant access certain websites
Large amount of spam emails

Question 49

Hacking

Answer 49

Malicious hacking is the act of gaining illegal access to a computer system without the owners permission
Leads to identity theft etc. And can be prevented through complex passwords, firewalls, anit hacking and intrusion detecting software.
Ethical hacking also exhists where companies authorise paid hackers to check their websites security

Question 50

Phishing

Answer 50

The sending out of legitimate looking emails that try to trick users into giving up personal data

Question 51

How to prevent against phishing attacks (7)

Answer 51

Check for green padlock
Dont click on strange links
Be aware of phishing scams
Run anti-phishing toolbars on browsers
Be aware of popups, click the “x”, not “cancel”
Run an up to date browser with a combination of desktop firewall (software) and network firewall(hardware)
Regularly check your online accounts and maintain your passwords

Question 52

Spear phishing

Answer 52

Targeted phishing of specific individuals or organisations

Question 53

Difference between phishing and pharming

Answer 53

Phishing requires the user to take an action for it to be initiated.

Question 54

Pharming

Answer 54

Malicious code installed on a users computer or an infected website. Redirects user to a fake website without their knowledge where they give away personal data

Question 55

Threats of pharming to data security

Answer 55

DNS cache poisoning - the changing of a websites real IP address to the fake one, meaning the users URL will redirect them to the fake website. This makes it much harder to mitigate risks.

Question 56

How to prevent phishing (4)

Answer 56

Check for https or green padlock in address bar
Use a modern browser-they alert
Anti-virus software
Check spelling of web addresses

Question 57

Viruses

Answer 57

Type of malware
Programs installed on a users computer that replicate and spread with the intent of deleting or corrupting files by causing the computer system to malfunction

Question 58

Malware

Answer 58

Programs installed on a users computer with the aim to delete, corrupt or manipulate data illegally.

Question 59

Examples of malware (6)

Answer 59

Viruses
Worms
Trojan horse
Spyware
Adware
Ransom ware

Question 60

Where viruses are found and how to prevent them

Answer 60

On email attachments, infected software or websites.
Dont download unoriginal software, click on unknown links and run up-to-date virus checkers.

Question 61

Difference between worms and viruses

Answer 61

Viruses require active hosts and for each end user to initiate the virus, worms dont

Question 62

Worms

Answer 62

Type of stand-alone viruses that self replicate and dont require an active host. Remain inside applications allowing them to travel through networks. Rely on security failures within networks to spread and if one person open the infected message the whole network is infected.

Question 63

How to prevent worms (1)

Answer 63

Run up-to-date anti-virus programs.

Question 64

Trojan horse

Answer 64

Malicious code disguised as legitimate software that requires requires user interaction to activate and cause harm to the computer system. Come from emails attachments or downloaded from infected websites.

Question 65

How to prevent trojan horse

Answer 65

Very hard as it involves user tricking, so even firewalls and anti virus software can be useless

Question 66

Spyware

Answer 66

Malware that gathers information by monitoring users activities carried out on their computer and sends it back to the cybercriminal that sent it. Can be prevented with anti-spyware software

Question 67

Adware

Answer 67

Type of malware that attempts to flood the user with unwanted adverts. It can highlight the users security defense weaknesses, hijack the browser and create its own default search requests and is very hard to remove.

Question 68

Ransomware

Answer 68

Programs installed via trojan horse or social engineering that encrypt the users data until a ransom is paid.

Question 69

Social engineering

Answer 69

The manipulating of people into breaking normal security procedures in order to gain illegal acces to computers/place malicious software on the computers. Its based on the expoitation of fear, curiosity, trust and empathy

Question 70

Common types of social engineering (5)

Answer 70

Instant messaging
Baiting - leaving a malware infected stick somewhere that a poor curious soul plugs into their computer
Phising/emails
Phonecalls
Scareware - done using a pop up message claiming a computer is infected

Question 71

Stages in social engineering scam (4)

Answer 71

1. Identifying and research of victiom done, method of attack decided
2. Victim is targeted
3. Attack is excecuted and cybercrimminal obtains the information or causes the interuption
4. Cybercrimminal removes all traces of malware to cover their tracks

Question 72

Access levels in social media

Answer 72

1. Public access
2. Friends
3. Custom
4. Data owner

Privacy settings are used to determine these

Question 73

Types of anti-malware (2)

Answer 73

Anti-virus -
Anti-malware - detects + removes spyware programs installed on a system, based on rules or known file structures

Question 74

Methods of anti malware (2)

Answer 74

Rules: software looks for typical features associated with spyware
File structures: certain file structures are associated with spyware which allows the software to identify them

Question 75

General features of anti-spyware (7)

Answer 75

Detect and remove already istalled spyware
Block access to users camera and microphone
Scans for signs of stolen personal information and warns the user
Prevent user from downloading spyware
Encrypt files to secure data even if spied on
Encrypt keystrokes to prevent key logging

Question 76

OSK

Answer 76

On Screen Keyboard

Question 77

Authentication

Answer 77

Process of proving users identity by using something they know, have or is unique to them

Question 78

How can authentication be done (3)

Answer 78

Passwords and user names
Biometrics - retina,fingerprints,face recognition,voice recognition
Two step verification

Question 79

When are passwords used (3)

Answer 79

When accessing email accounts
Social networking sites
Banking/shopping

Question 80

How to protect passwords (3)

Answer 80

Use strong passwords that arent easy to crack
Regularly change passwords
Run anti spyware to ensure your passwords arent being relayed back to someone spying on your computer

Question 81

Advantages of fingerprints (5)

Answer 81

Most developed
Cant be misplaced or stolen
Unique
Easy to use
Relatively small storage requirements for biometric data created

Question 82

Disadvantages of fingerprints(2)

Answer 82

Intrusive - used for criminal identification
Doesnt work is skin is dirtu or damaged

Question 83

Advantages of retina scans (2)

Answer 83

Very high accuracy, 1 in 10 million
No known way of replicating the little blood vessels at the back of your eye

Question 84

Disadvantages of retina scans (3)

Answer 84

Very intrusive - sit still for 15 seconds with an infra-red light in your eye
Expensive to install and set up
Slow to verify with stored data

Question 85

Advantages and disadvantages of face recognition (2,1)

Answer 85

Non intrusive
Relatively inexpensive technology

Can be affected by changes in hair, age, clothes, lighting and wearing glasses

Question 86

Advantages and disadvantages of voice recognition (6)

Answer 86

Non intrusive
Verification takes less than 5 seconds
Relatively inexpensive technology

Voice can easily be recorded
Low accuracy
Illness can change your voice

Question 87

Most common security systems used on mobile phones

Answer 87

Capacitance fingerprint reader

Question 88

Two step verification

Answer 88

Process of authentication requiring 2 steps of verification to prove the users identity
1. Username and password
2. One Time Pin

Question 89

Automatic software updates

Answer 89

Way of keeping data safe from security threats as it means software will stay up to date. Vital since it contains patches which improve security and software performance. Only downside is they may disrupt your device following intsallation meaning you’ll have to wait for new patches or reverse the clock time on your device.

Question 90

How to keep your data safe from security threats (8)

Answer 90

Check URL and communication tones and spelling
Anti malware
Anti spyware
Authentication
Automatic software updates
Firewalls
Proxy servers
Privacy settings
Secure Socket Layers (SSL/TSL)

Question 91

What to check URL or communication for (security threats)

Answer 91

Tone and spelling
Spelling, .com. Https
Suspicious links
@gmail.com
Typo squatting - close but different to fool you

Question 92

Firewall

Answer 92

Type of hardware or software that stands between the user and external networks. It filters and monitors incoming and outgoing traffic.

Question 93

Main uses of firewalls (7)

Answer 93

Examine traffic between user and public network
Alert user if their software is trying to access external data source and give them an option to allow it (updates)
Checks whether incoming and outgoing data meet set criteria
Alert the user and block it if it doesnt
Allow criteria to be changed to stop access to certain websites/deny IP addresses
Help prevent hackers/viruses infecting the computer/internal network
Logs traffic for later interrogation

Question 94

What can’t firewalls do (3)

Answer 94

Stop users on standalone networks from disabling their firewall
Stop employee misconduct or carelessness
Stop people on internalk network from using their own software to try and disable the firewall

Question 95

Privacy settings

Answer 95

Availible controls on webbrowsers, social networking etc. that limit who can access and see a users personal profile.

Question 96

What privacy settings refer to (6)

Answer 96

Dont track
Ad opt outs
Saved payment methods
App settings (location)
Safer browsing - alert for potentially dangerous website
Web browser privacy options (cookies, browsing history)

Question 97

Proxy servers

Answer 97

Server that acts as an intermediary server between the user and the web server through which internet requests are processed and makes use of cache memory to speed up web page access

Question 98

SSL

Answer 98

Secure Socket Layer
We use TLS now
Security protocol used to securely send data over a network

Question 99

What happens when a user wants to access a secure website and recieve and send data to it (5)

Answer 99

1. Users browser sends a message to connect with the website which is secured by SSL
2. The browser then requests that the web server identifies itself
3. The web server responds by sending a copy of its SSL certificate
4. If the browser can authenticate this certificate it sends a message to allow 2 way communication to begin
5. The web server acknowledges the browser and the SSL secured 2 - way data transfer begins

Question 100

SSL certificate

Answer 100

Form of digital certificate which is used to authenticate a website

Question 101

Where would SSL be used

Answer 101

Online Banking
Online shopping
Sending + receiving emails
Using cloud storage facilities
VoIP voice over internet protocols
Etc pg 210