computing , protecting digitial devices and data Flashcards
what is malware and what are some examples of it?
software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system.
e.g:
virus
worms
trojans
What can you do to protect your computer against malware?
use anti-malware software, resistant shield, scans, update anti-malware software.
what is encryption? and who is the only person that can unscramble it?
Encryption is where data is scrambled so that if it is accessed unlawfully then it will be meaningless to the person viewing it. When encryption is used, only the intended recipient of the data will be able to decipher (unscramble) the data.
what is a Caesar cipher?
A simple method of encryption is the Caesar Cipher. A cipher is an algorithm used to convert a message into encrypted text
what is the problem with free public acess wifi hotspots/ wifi ?
Data that is sent across communication links that is not encrypted could be intercepted and viewed. This is a particular problem with wireless networks.
Most public Wi-Fi hotspots are unencrypted which means that the data that passes through the wireless network can be read by anybody with the right software connected to the same wireless network.
How can wifi be protected?
creating a passkey.
What is HTTPS
Websites that use encryption use the HTTPS(hypertext transfer protocol secure) protocol. This ensures that any personal data such as email address, password, and credit card details are encrypted. This can be seen in the URL’s of links and a lock is shown too.
what is Acceptable Use Policy ? and what will happen if not done properly
An acceptable use policy (AUP)will include safe practices that users of a network will be expected to follow to keep data secure. They will also set out consequences of not following the AUP to deter users from using unsafe practices.
what are usually the weakest link when it comes to network security? and what are some examples?
People are usually the weakest link when it comes to network security. Some common problems caused by users include:
- writing passwords down
- choosing weak passwords
- sharing their password with another user
- not logging off
- not locking their computer
- leaving doors unlocked
- losing laptops / mobile phones / portable storage
- falling victim to social engineering
What rules do the Acceptable Use Policy contain for users?
- type of websites that are not allowed to be visited
- type of activities that computers cannot be used for
- guidance for password management
- how to manage removable storage
- not using somebody else’s user ID
- not accessing data they are not authorised to access
- which devices can or cannot be connected to the network
- appropriate use of email
- how to avoid social engineering scams
what kind of guidance does acceptable use policy include?
- choosing a password that can be remembered but is not obviously linked to you,
such as your child’s name, so that it is not easy to guess. - how to avoid becoming a victim of social engineering. Always be suspicious. If you are in doubt, check with somebody else. You can never get in trouble for being diligent. e.g:If you receive a phone call asking you for information, inform the caller that you will call back using the phone number you find online. Never use the phone number they give to you. Never allow remote access to your computer unless you have started a support call yourself.
- Be careful when opening an email attachment. Check the attachment is what you are expecting to see. Unless you are expecting an executable file such as .exe or .vbs then do not open it.
what kind of email attachment should you not open?
Unless you are expecting an executable file such as .exe or .vbs then do not open it. Similarly, do not open files which contain macros such as .docm or .xlsm unless you are expecting the file. If an attachment is a compressed file such as .zip then be suspicious. Sometimes an attachment will look genuine but when you try to open it, you receive a prompt to run a program. Never run the program. You may find an attachment that looks like it is a picture, for example jammydodger.jpg, but it’s really a program that is malware. Although the extension .jpg looks like a picture, there could be another extension at the end such as .exe. Therefore, always check the icon matches the file type.
What is the guidance on removable media?
One way of preventing malware from infecting a computer using removable media is to have a policy to never use removable media. This can be restrictive though. It is also possible for a computer system to be configured so that removable media cannot be used. This may be necessary in high security organisations like banks to prevent data from being stolen. Where removable media is used then an AUP might only allow the use of encrypted media and will have guidance for users on how to ensure they do not lose the media.
what is a disaster recovery plan ?
Sometimes disasters occur such as a power cut, flood, fire, theft of data, malware, corruption of data, loss of network admin password or loss of the network manager. When this happens it is necessary to recover from the disaster. A disaster recovery plan (DRP) is needed to plan for such events so that recovery can be completed as quickly and effectively as possible, minimising disruption to the organisation
what is good about backups?
Although backups will not prevent an attack, they make it possible to recover from an attack. Having automated backups means that the user does not have to remember to run backups. Data can be backed up to removable media, across a network or to the cloud. Storing a backup off-site or in the cloud means it is safe from a fire, flood or other disaster that could destroy the original data.
