Cyber Security

Question 1

Cybersecurity

Answer 1

The practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.

Question 2

Network security

Answer 2

Any activity designed to protect the usability and integrity of network and data. It includes both hardware and software technologies. Effective network security manages access to a network. It targets a variety of threats and stops them from entering or spreading on a network.

Question 3

Hackers

Answer 3

Individuals who will violate computer security for malicious or financial reasons; they may also be known as crackers.

Question 4

Planting the flag

Answer 4

Individuals who may seek financial reward for finding vulnerability, but are more interested in finding vulnerabilities than gaining something for themselves.

Question 5

Ethical hackers

Answer 5

Individuals whose activities are designed to test and enhance computer security; they may also be known as ethical hackers.

Question 6

Hacktivists

Answer 6

Individuals who use technology to announce a social, ideological, religious, or political message.

Question 7

Social engineering

Answer 7

The psychological manipulation of people into performing actions or divulging confidential information.

Question 8

Keylogging

Answer 8

Software designed to record and store every keystroke made on a computer. Criminals often attempt to install keylogging software onto a computer remotely.

Question 9

Tailgating

Answer 9

Tailgating is a physical security breach in which an unauthorised person follows an authorised individual to enter secured premises.

Question 10

Pharming

Answer 10

Pharming redirects victims to a bogus site even if the victim has typed the correct web address. This type of scam is often applied to the websites of banks or e-commerce sites

Question 11

Phishing

Answer 11

Phishing is the act of trying to obtain confidential records such as passwords. Emails that look as if they are from a legitimate, respected organisation are sent, but they contain links to fake websites that ‘phish’ data from unsuspecting victims

Question 12

Digital devices

Answer 12

Devices that can be used for eavesdropping on live conversations or voicemails.

Question 13

Baiting

Answer 13

Similarly to phishing attacks, the scammer promises items or goods to entice their victims.

Question 14

Malware

Answer 14

Short for malicious software, this is programming or code that is used to disrupt computers by:
● Gathering sensitive information
● Gaining access to private computer systems
● Displaying unwanted advertising
● Distributing the performance of a computer or network

Question 15

Trojan

Answer 15

A malicious computer program that tricks users into willingly running it is called a ‘Trojan horse’ or simply a ‘Trojan’. They can be delivered via internet downloads, infected USBs, or email attachments.

Question 16

Data breach/data interception

Answer 16

A data breach is a security incident in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, or used by an individual who is not authorised to do so.

Question 17

Brute force attack

Answer 17

This type of attack can occur when an attacker systematically submits guessed passwords with the hope of eventually guessing correctly.

Question 18

DoS

Answer 18

A denial of service attack (DoS attack) is a cyberattack in which a criminal makes a network resource unavailable to its intended users by flooding the targeted machine or website with lots of requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.

Question 19

DDoS

Answer 19

In a distributed denial of service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This makes it impossible to stop the attack simply by blocking a single source.

Question 20

SQL injection

Answer 20

SQL injection occurs when malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

Question 21

Virus

Answer 21

Malware that usually embeds itself into existing software on a device and then, once that software is run, spreads to other executable files.

Question 22

Worm

Answer 22

While also self-replicating, a worm does not need to infect an existing program. Worms are able to spread very rapidly, infecting large numbers of machines.

Question 23

Ransomware

Answer 23

This type of Trojan can modify data on a computer or device so that it doesn’t run correctly or so that users can no longer use specific data.
The criminal will only restore the computer’s performance, or unblock data, after the victim has paid them the ransom money they demand.

Question 24

Spyware

Answer 24

Programs that can spy on how a user makes use of their computer or device, for example by tracking the data entered via a keyboard, taking screenshots, or getting a list of running applications.

Question 25

Adware

Answer 25

Software that contains advertisements embedded in the application. It is not always a bad thing and is considered a legitimate alternative offered to consumers who do not wish to pay for software.

Question 26

Exploit

Answer 26

Code that takes advantage of a security vulnerability in an operating system, application, or any other software code, including application plug-ins or software libraries.

Question 27

Encryption

Answer 27

Encryption is the process of encoding data or a message so that it cannot be understood by anyone other than its intended recipient.

Question 28

Encryption key

Answer 28

An encryption key is a piece of information, usually random characters, used by a software algorithm to encrypt data or a message into a form that is unreadable (encryption) and allow the data or message to be made readable again (decryption).

Question 29

Firewall

Answer 29

A firewall sits between a local network or computer and another network, controlling the incoming and outgoing network traffic.

Question 30

Antivirus software

Answer 30

Software that is designed to detect and block attacks from malware. Some operating systems have their own inbuilt antivirus software.

Question 31

Network policy

Answer 31

Usually contains both an archiving policy and an acceptable use policy.

Question 32

Physical security

Answer 32

Describes security measures that are designed to deny unauthorised access to facilities, equipment, and resources and to protect personnel and property from damage or harm, e.g. the use of passcards and biometric checks (fingerprints, retinal scans).

Question 33

Cookies

Answer 33

Data downloaded from a website that allows the website to identify the computer in future.

Question 34

Archiving

Answer 34

The process of storing data that is not in current use for security, legal or historical reasons.