Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

P3 Risk Management > Chp 8: Cybersecurity threats > Flashcards

Chp 8: Cybersecurity threats Flashcards

1
Q

What is the AIC triad?

A

Key cybersecurity objectives:
- Availability
- Integrity (of data and processing)
- Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is malware?

A

Short for malicious software

Attempts to gain unauthorised access to organisations to steal information or cause damage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a virus?

A

Malware that attaches to existing programmes and spreads as the programme is used

Usually require a target or host to ‘activate’ it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a worm?

A

Similar to a virus but is it’s own standalone software

Also don’t require ‘activation’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are trojans?

A

Doesn’t spread once infiltrated but can operate a number of functions, including giving another user access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a bot?

A

An automated oricess that can act in a number of ways, including acting as keyloggers, recording a users passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a Malvertising?

A

An online advert that contains hidden malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are six system defences against malware?

A
  1. Perimeter defences - firewalls
  2. Monitoring actions of emails
  3. Segmentation
  4. Gatekeeping controls - reCAPTCHA
  5. Software updates
  6. Back-up copies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the following forms of cyberattacks?
- Spear Phishing
- Smishing
- Vishing
- DDoS

A
  • Spear Phishing - phishing a single target thorugh email
  • Smishing - phishing using text messages
  • Vishing - phishing using phone calls
  • DDoS - Distributed denial of service attacks attempt to flood a system with more activity than it can cope with
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the following forms of cyberattacks?
- Structured Query Languge Injection (SQL)
- XSS attacks
- Buffer overflow attacks

A
  • Structured Query Languge Injection (SQL) - software that gains access through data entry, like an online sale
  • XSS attacks - Cross-site scripting attacks, that embed malware in an innocent webiste which attacks an organisation when it goes on the website
  • Buffer overflow attacks - a form of DDoS that is relatively simple
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the following terms?
- Ethical Hacker
- Unethical Hacker
- Social Engineering
- Grey-Hat Hacker
- Bug Bounty

A
  • Ethical Hacker - finds weaknesses for their employer
  • Unethical Hacker - malicious hackers
  • Social Engineering - exploiting someones trust to gain access/data
  • Grey-Hat Hacker - don’t work for an organisation but will find weaknesses and fix them for a fee
  • Bug Bounty - a reward for anyone who finds a vulnerability in it’s system
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What six ways did Robert Cialdini suggest people are influenced?

A
  1. Reciprocation
  2. Commitment and consistency - avoiding being a hypocrite
  3. Social proof - mimicking the behaviour of others around us
  4. Liking - copying those we like
  5. Authority - trusting authority
  6. Scarcity - shortages can increase somethings value
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

P3 Risk Management (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions