cyber security

Question 1

what is malware?

Answer 1

malicous/harmful software, that is designed to cause harm or gain unauthorised access computer system

An umbrella term used to refer to a variety of forms of hostile or instructive software.

Question 2

What are some threats to a computer system

Answer 2

• social engineering
• malware

Question 3

What is social engineering ?

Answer 3

a way of gaining illegal access to data or networks by influencing people (normally employees or large companies)

The art of manipulating people so that they give up confidential information

Question 4

what are some forms of social engineering?

Answer 4

• blagging
• pharming
• phishing
• shouldering

Question 5

what are some typical actions of malware?

Answer 5

• deleting or modifying files
• locking files (ransomware encrypting all the files)
• unwanted adverts
• mo

Question 6

What is Pharming?

Answer 6

redirects the user from a websites’s traffic to a fake website , in hope to gain personal information , to access their genuine account

Question 7

How could you prevent pharming?

Answer 7

• anti-malware software , up to date
• internet browsers using web filters
  *not clicking or links or attachments from unknown users

Question 8

What Phishing?

Answer 8

A technique if fraudulently obtaining private information, often using email or SMS

emails are sent to the user claiming to be from well known business, asking for bank details

Question 9

How to prevent phishing?

Answer 9

• emails have anti-phishing features
• you can spot bad grammar , or will ask to redirect to a link

Question 10

What is shouldering?

Answer 10

looking over someone’s shoulder and watching and observing their activity /private information (pin details)

Question 11

how can you reduce the risk of shouldering?

Answer 11

being discrete (covering the keypad when you enter the pin)
some softwares output astreiks instead of the symbol typed , on the screen

Question 12

What is Blagging ? (Pretexting)

Answer 12

The act of creating and using an inverted scenario to engage a targeted victim in a manner that will increase the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances.

Question 13

how could you prevent blagging?

Answer 13

reduce the risk by using using security measures that cannot be given away,
eg: biometrics

Question 14

what is penetration testing?

Answer 14

organisations employing specialists to stimulate potential attacks to their system, allowing them to identify their weaknesses in cyber security

The process of attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access.

Question 15

What is the difference between white and black penentration testing ?

Answer 15

white: when the person or team testing the system has knowledge of possibly basic credentials for the target system, stimulating an attack from inside the system (a malicious insider)

black: when the person of team testing the system has no knowledge of any credentials for the target system, stimulating an attack from outside the system (an external attack)

Question 16

what are the different types of malware?

Answer 16

• trojan
• worms
• spyware
• ransomeware
• viruses
• adware

Question 17

what is a trojan?

Answer 17

appears to be a piece of harmless software, often given away for free, that contains malicious code hidden inside. This only appears once the gifted software is installed.

Question 18

what is spyware?

Answer 18

collects the data from one computer system and then sends the details to another person without the user being aware.

data being sent could be thing the user typed, or the sites that are visited, or even where the user is clicking on their screen. Spyware that records what is being typed is known as a keylogger. Keyloggers attempt to find out usernames and passwords by collecting everything that is entered into the system, which allows the hacker to search for personal data.

Question 19

What are viruses?

Answer 19

Opening the links activates the virus allowing it to infect a computer and then replicate to affect other devices on the network.

Question 20

What is an anti-virus software?

Answer 20

a database of viruses. When opening a file or installing a program .If the virus is similar to the one in the database, it will warn the user.

Question 21

What is adware?

Answer 21

legal, in extreme cases ad pop ups that do not go away. (can be solved with ani-virus software)

Question 22

What is ransomeware ?

Answer 22

when files will be encrypted and in order to recieve a decrypting key, the hackr will demand a certain amount of money.
probably from suscpitious attachtments.

Question 23

How can removable hardware also a cyber threat?

Answer 23

if attcahed to a computer on a network ,all the the comuters could get the virus

Question 24

How is unpatched software a cyber secrutity threat?

Answer 24

unpatched sotware= not up to date software and so is more sucesptible to cyber attacks.
‘patching’ updates or fixes a problem or adds new features

reduces vunerability
More outadated software is more easily exploited

Question 25

How do orgainsations keep their networks safe from threats?

Answer 25

• encryption, to prevent wire tapping or packet sniffing
• anti-malware software
• firewalls
• user access levels, stops attacks from within the organisation
• automatic software updates
• MAC Address filtering
  *penetration testing (white & black) to find weaknesses and correct
  *strong, regularly changed passwords, against automated software.

Question 26

Describe encryption

Answer 26

data translated into cipher text, with the correct key to decipher, data can now be sent over a network securly

Question 27

Describe Firewalls

Answer 27

examines all the data leaving and enetring the netwoek, can be software or hardware

Question 28

Describe user access levels, prevnting threats

Answer 28

pwople with higher access levels have more access to senetive data , the UAL limits the amount of people who have accesss to the sensitive information.
*Helps prevent attacks from within the organisation

Question 29

Describe MAC filtering

Answer 29

makes sure that the only people on the network are trusted employees.
It checks the unique MAC address of each devices that tries to connect to the network, and only allows certain devices to join.

Question 30

What are some types of security measures ?

Answer 30

• email confirmation
• biometrics
• CAPTCHA
• passwords
  *automatic software updates

Question 31

Biometrics

Answer 31

✓secure (cannot be given away or manipualted)
✓convienient(don’t have to remeber
X more expensive, needs special hardware

Question 32

CAPTCHA

completly automated public turning ( to tell) computers and humans apart

Answer 32

✓prevents programs from automatically doing things (creating user accounts)

Question 33

Whats wrong with putting many security measures in at a time?

Answer 33

prevents normal users from being able to use the network easily

Question 34

What is ‘cyber security’?

Answer 34

The processes , practices and technologies designed to protect networks, computers, programs and data from attack, damage or unauthorised access

Question 35

Describe the main purposes of cyber security