Cyber Security Flashcards
What is cyber security?
It can be defined as the set of measures taken to protect a computer from harm to its data and software. It also includes the protection of computer networks from unauthorised access.
What is a cyber attack?
It is an attempt to gain unauthorised access to, or control of, a computer and the network to which it is connected to
Reasons for network security:
Prevention of data theft Legal obligations To keep confidential data Prevention of data changes Prevention of data loss
What is a penetration test?
An authorised, simulated attack on a computer system, network or website. The aim of the test is to identify any potential vulnerabilities
What is white box testing?
The tester is provided with all the technical details for the system before they begin the test. The point of this is to simulate an attack by an insider (or ex employee) who might have access to the data.
What is black box testing?
The tester is not given any technical details about the system. The tester uses the same skills and techniques that a real hacker would employ. This enables flaws and weaknesses in the system to be identified, and then hopefully, fixed
What is social engineering?
Manipulating or tricking people to divulge confidential information about a computer system
What is a hacker?
A person who uses computers to gain unauthorised access to networks and data
What is phishing?
This is where cyber criminals pose as trustworthy organisations in an attempt to trick people into giving away sensitive information.
What is blagging?
This is using false pretenses to obtain personal information which can be later used for identity theft
What is shouldering?
This is where someone stands nearby so that they can look over a person’s shoulder whilst they are entering data into a device.
What is malware?
Malicious software, intended to attack a user’s computer
What is a virus?
A piece of code that copies itself whenever it is run, often deleting or corrupting data
What is a Trojan?
An apparently harmless application that performs harmful operations in the background while running
What is a worm?
A piece of code that massively copies itself, using up system resources
What is spyware?
Malware designed to spy on the user. Records keystrokes and takes screenshots
What is adware?
Malware that forces a browser to display unwanted advertisements
What is pharming?
Malware that redirects browsers to fake versions of websites designed to steal information
What is ransomware?
Malware that encrypts critical files and data and demands a payment to unlock them
What is an antivirus?
Software designed to protect a computer against malicious code by detecting and removing malware
Examples of main threats to cyber security:
Weak passwords Unpatched software Malware attacks Social engineering attacks Use of removable media e.g. USB sticks
What is authentication?
The process of verifying the identify of a user
What is biometric authentication?
Biometric authentication uses the unique physical characteristics of a person to verify their identity.
Examples of biometric authentication:
Fingerprints
Retinal scans
Voice recognition
Face scans
Advantages of biometric authentication:
Convenient as the user will always have their body with them
Easy to use - no need to remember passwords
Secure - quite hard to fake biometric data
Disadvantages of biometric authentication:
Privacy concerns - some people are sceptical of having their biometric data stored on a database
Biometric data may change due to age, surgery or an accident
The hardware for biometric authentication is expensive to purchase
What is a password?
A set of alpha numeric characters that are used to verify the identity of a user when they attempt to gain access to a network, a device, a software application or web service
Characteristics of a strong password:
Mixture of lowercase and uppercase letters
Mixture of letters and numbers
Special characters e.g. @, %, £
Should not contain any personal information
8 or more characters long
What is CAPTCHA?
A CAPTCHA is a very short test designed to identify the difference between humans and bots
Disadvantages of CAPTCHA:
Difficult for anyone with a visual impairment
There can be a letter in the image which is difficult to decipher
Until you correctly complete the CAPTCHA, you cannot proceed
What is two factor authentication?
An additional security check which takes place after the username and password have been entered.
It may take the form of an email with a link to be clicked or a code sent as an SMS message
What is a software patch?
A patch is an update which corrects problems or vulnerabilities in applications.