cyber security Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

cyber security

A

the process and technologies that protect from attack, damage or unauthorised access
(protects networks, computers programs and data)
companies can be fined for not protecting your data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

password policy

A
  • upper case
  • lower case
  • special characters
  • numbers
  • over 8 characters
  • change it often
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

misconfigured access rights

A

rights are assigned to the wrong person so they can access things they shouldnt be able to - security breach
- eg a student can see the grades of all other students - data leak

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

pharming attack

A

a cyber attack that redirects a user to a fake website

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

pharming attack process

A
  • when your device requests a website it asks a DNS server for the IP address
  • DNS gives the IP
    -your device sends a HTTP address to that IP address
  • a hacker can change the entry on the DNS and make it point to their fake website - DNS is poisoned
  • fake website appears real but collects personal data eg bank login
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

DNS server

A

Domain Name System server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

removable media

A

a storage device that can be inserted/removed eg USB/SD card
- can be used to introduce malware/steal data/files
- malware can be present on the comp and infect the media
OR - a hacker can leave an infected USB which someone puts in a comp

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

unpatched software

A
  • updates fix know security issues
  • comps not updated are an easy target for hackers that know about a vulnerability
  • software needs to be patched/updates to protect against this weakness
    most important to update
  • OS - has full control over comp
  • anti-virus software - detect new malware
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

social engineering

A

the ability to obtain confidential info by manipulating people for it - give info willingly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

phising

A

using an email/SMS (with links in) to obtain info
send an email pretending to be from bank etc to try and get info
- not personalised/ wrong sender address/ fake link/ request personal info/ poor spelling/ urgency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

blagging/pretexting

A

use an invented personal scenario to target someone
- know personal details eg name/friends
- from social media/hacked email/official records/dumpster diving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

shouldering

A

observe info as its entered (camera, over shoulder, reflection, overhearing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

advice to avoid social engineering

A
  • be wary of links
  • check its httpS
  • cover pins/passwords
  • dont give out personal info
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

trojan horse

A
  • program presents itself as something the user wants
  • the user downloads it thinking its helpful
  • gives OS permission to instal what is actually malware
  • the program causes damage/ takes control/provides access to a computer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

malicious code vs social engineering

A

malicious code takes info
in social engineering people give it willingly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

malware

A

malicious software
- executable programs that run on a comp
- viruses/trojan horse/ spyware/ransomeware/ worms/ backdoors

17
Q

virus

A

A virus is a piece of malware that infects a computer, and then replicates itself to be passed onto another computer.

18
Q

ransomware

A

Ransomware hijacks the data on a computer system by encrypting it and demanding that the owners pay money for it to be decrypted.

19
Q

spyware

A

collects the activity on a computer system and sends the data it collects to another person without the owner being aware.

If a computer has been infected by spyware, it could be sending back everything that is typed, or the sites that are visited, or even where the user is clicking on their screen.

20
Q

key logger

A

Spyware that records what is being typed

21
Q

adware

A

causes pop-ups or windows that will not close. Generally, the pop-ups or windows display advertisements

22
Q

worm

A

targets computers on the internet
automatically replicates itself
slows a network

23
Q

anti-malware software

A
  • a virus or new malware is detected and sent to the anti-virus company
  • verify its malwate then create a signature of the virus
  • add it to their dataabase and tell computers to run an update
    -If a program that is installing, or file that is being opened, appears to be similar to something on its database, it will warn the user
24
Q

biometrics

A

measure physical characteristics to verify identity
eg fingerprint, face, eye, voice

25
Q

CAPTCHA

A

to make sure you arent a bot sent by hackers to bring down a network
- images that are easy for humans to interpret but not robots eg a line through characters

26
Q

penetration testing

A

deliberately trying to find security holes in your system to identify targets, possible entry points + report these back
white or black box

27
Q

white box

A

simulates a malicious insider with knowledge of the system - have certain credentials to target a system

28
Q

black box

A

simulates an external hacker with no knowledge of the system

29
Q

email authentification

A

sending an email to the user’s email address to ask them to confirm they are who they say they are and they want to do something eg a payment online

30
Q

CAPTCHA rules

A
  • rotate characters
  • coloured background
  • background with lines/patterns
  • blur letters
  • have horizontal lines across characters
  • skew the word (not straight)
31
Q

method to crack a weak password

A

brute force

32
Q

default password

A

standard password given for an account or device set by the organisation/ manufacturer
if unchanged is a security risk as multiple accounts will have the same password so its know

33
Q

3 precautions to protect data on a device

A
  • anti malware software
  • strong password
  • update regularly