Chapter 7 (abigail) Flashcards
What is cybercrime?
Cybercrime is defined as using a computer to commit a crime. People involved in cyber crime are regarded as cyber criminals. Apart from planting viruses, cyber crime also incudes theft of personal information, stealing money from credit cards & theft of company data that could be sold to competitors.
Describe hacking as a threat to cyber security:
A hacker is a person who gains unauthorised access to a computer with the intention of corrupting data stored on a hard drive/file server or to steal data.
Describe pornography as a threat to cyber security:
Pornography is often used as a means of hiding malware. When an employee downloads adult content they are increasing the risk of organisation data being corrupted by a virus or stolen by an unauthorised user.
Describe cyber stalking as a threat to cyber security:
Where individuals se technology to harass others, eg by sending inappropriate emails or making inappropriate comments on social media
Describe data theft as a threat to cyber security:
The theft of customer records to obtain personal details which are then used o commit identity fraud such as credit card or passport applications.
Describe denial of service as a threat to cyber security:
A malicious attack on a network, eg disrupting connections to a web sever preventing users from logging on to access their data or email accounts because access to the internet is denied.
Describe digital forgery as a threat to cyber security:
Intentionally and false letting digital content, eg pictures and documents. For example changing a passport photograph and/or names to sell on to a criminal who wishes to enter a country.
Describe cyber defamation as a threat to cyber security:
Using the internet with the intention to damage the reputation if a person or organisation by posting slanderous messages using mediums like electronic forums or bulletin boards
Describe spamming as a threat to cyber security:
Sending bulk junk emails such as adverts for products. Consequently, the users email inbox becomes overloaded, as the spam emails take up a large portion of the bandwidth. Time is also wasted opening & reading such emails.
Describe phishing as a threat to cyber security:
Sending emails that appear to be from a reliable source. These emails often ask the user to update their personal information by clicking a hyperlink to a webpage. This information will hence be used by hackers for the purpose of identity theft.
What is malware?
Malicious software that is downloaded onto a computer unintentionally via the internet, email attachments or even by connecting a portable storage device eg a USB . Malware can be annoying & can also threaten the computer’s security. Computer systems are under constant threat from malware.
Name 5 types of malware:
Viruses, Trojan Horses, Worm, Key Logger, Spyware
Describe viruses:
-Can enter through the network by browsing the internet, opening email attachment nets, via a USB storage device, etc.
-Can store itself automatically on a computer hard drive as a hidden file.
-Can be activated when a certain program is opened or a predetermined condition is met, eg a certain date.
Describe Trojan horses:
-Gains entry to a user’s computer ‘in disguise’
-Tricks the user by encouraging them to open& download a software program that they require.
-Once installed, some Trojans and do serious damage eg deleting files
Describe worms:
-Spreads around a computer system by replicating itself.
-Spreads around a network without the need to be attached to any document or program.
-Requires bandwidth, which could result in slower data transmission speeds.
Describe a key logger:
-A program that is designed to record keyboard activities performed by users (keystrokes).
-These are saved as a log file & sent to the person who created the program.
-Main purpose is to steal personal information from users (eg bank details).
Describe spyware:
-Software that is secretly installed in a user’s computer from the internet.
-Trolls user activities, gathering useful information like credit car & password details used on net sites.
Describe data encryption:
-Encryption uses special software to encode or ‘scramble’ data before it’s transmitted.
-Makes the data illegible and meaningless if intercepted.
-Users with the encryption key software can unscramble the data when it arrives at its destination.
Describe usernames & passwords:
-Users on a network are allocated a unique user ID and a randomly generated password.
-Users are required to change passwords regularly by the network software to enhance security.
-Each time a user logs on, the system checks their user ID and password against a database of user details.
-Network software can disable the user ID for a period of time after unsuccessful log on attempts.
Describe access levels:
-Users are allocated different levels of access to files (eg in a school or office).
-Access rights can be classified as ‘read only’, ‘read & copy’ or ‘read & write’.
-Access rights are stored in a table linked to the user ID & password.
Describe back up:
-If data is lost or becomes corrupted, the network should have a method of recovering the data.
-A file backup ensures that a copy of the data can be loaded or restored onto the system if the original is lost or corrupted (eg in the event of a fire).
-Network backups are usually automatically scheduled to run at certain times (eg at the end of the day)
Describe firewalls:
-Computers on a network must be able to communicate with each other to allow data to be sent and received.
-In simple terms, they must be able to ‘speak the same langauge’.
-A communications protocol is an agreed standard set of rules for sending or receiving data in a network which allows computers to do this.
-Therefore if a computer receives data in a network, it must support the communications protocol of the sending computer.
-There are many different types of communications protocol (give examples where necessary) which are defined by organisations who manufacture network hardware and develop software.
Describe the role of a protocol in data transfer:
-Computers on a network must be able to communicate with each other to allow data to be sent and received.
-In simple terms, they must be able to ‘speak the same langauge’.
-A communications protocol is an agreed standard set of rules for sending or receiving data in a network which allows computers to
What is TCP/IP?
-Transmission Control Protocol/ Internet Protocol
-Uses the router to ensure that data travels in the correct network path to arrive at the correct computer.
What is FTP?
-File Transfer Porotcol
-Widely used and allows user to send and receive files on the internet.
- Also used to send software updates to network devices (examples where necessary)
-To ensure data is sent in a secure way, data is encrypted and usernames and passwords are used ti prevent unauthorised access ti the file server.
What is HTTP?
-Hypertext transfer protocol
-Used by the WWW to identify and transfer webpages using the internet.
-When a user enters a URL into the browser, this protocol sends a command to the web server to request the required webpage.
-If the page cannot be located (maybe it has been deleted or the user inputted the address incorrectly) the HTTP will report an error back to the user.
-These error messages are referred to as ‘status codes’ eg ‘404, file not found’
What is HTTPS?
-Hypertext Transfer Protocol Secure
-Similar to HTTP but uses a SSL (secure socket layer) to ensure data is transmitted securely.
-Designed to allow access to a secure web server for secure data communication.
-Uses encryption for sending data and decryption for receiving it.
-Its main use is financial application such as e-commerce where payment transactions are managed on the WWW.
-Exolain differences between HTTPS & HTTP where necessary.
What is the difference between HTTP and HTTPS?
-While using HTTP, it is possible to intercept data; an individual could gain access to a customer’s personal bank details eg credit card number.
-When using HTTPS, an individual could still gain access to the personal data.
-However, it would be scrambled and therefore meaningless due to the encryption and the usage of a SSL (secure socket layer).
-Web browsers display a padlock icon on screen to indicate the webpage currently in use is secure.
What does SSL mean? What is it used for?
Secure socket layer. Encryption by HTTPS.
Which data protocol encrypts data when sending it and decrypts it when receiving it?
HTTPS
Which protocol is responsible for the command sent to request a webpage when a user enters a URL?
HTTP
Which protocol allows users to send and receive files in the internet?
FTP
Which protocol sends software updates to network devices?
FTP
