Cyber Security Flashcards
What is cyber security?
The processes, practices and technologies designed to protect networks, computers, data and programs from attack, damage or unauthorised access.
What are some cyber security threats?
Social engineering techniques (including pharming)
Malware
Weak and default passwords
Misconfigured access rights
Removable media
Unpatched and/or outdated software
What is penetration testing?
When an organisation deliberately breaches their system’s security measures, using the same tools and techniques that a professional hacker might, to test ensure that it’s secure enough.
(AQA def.; attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access)
What is social engineering?
The art of manipulating people so they give up confidential information.
How can you protect against social engineering?
Blagging - training people to spot blagging attempts and ensure they ask the right questions.
Phishing - not addressed personally, not secure sites, generic, poor grammar, unusual email sender.
Shouldering - cover PIN number, use screen guards.
Explain some examples of social engineering
Blagging - The act of creating an invented scenario to engage a targeted victim in a manner that increases the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances.
Phishing - Sending emails which are supposedly meant to be from reputable companies to induce people to reveal personal information.
Shouldering - Observation of a person’s private information over their shoulder e.g. cashpoint machine PIN numbers.
What is malware?
Malicious code - An umbrella term for any type computer code that has been written with the intent to cause damage, disruption or inconvenience.
How can you protect against malware?
Improve code quality - ensure code is robust
Regular updates/ antivirus software - can protect users against the latest viruses.
Educate users.
Explain some types of malware
Virus - A piece of code that is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data.
Trojan - A program that appears harmless but is malicious. They will install a backdoor into the system, allowing an external hacker to bypass your computer security.
Spyware - Software that enables the user to obtain convert information about another’s computer activities by transmitting data covertly from their hard drive.
What are some methods you can use to protect against cyber security threats
Biometric measures
Password systems
CAPTCHA
Email confirmations
Automatic software updates
‘Any steps, actions or measures taken as a precaution against computer/ data related theft, espionage, sabotage etc.’
What are biometrics and how do they make your device more secure?
Technical term for body measurements and calculations - metrics related to human characteristics, which are universally unique. Often used as a form of identification and gaining access control. e.g. fingerprint scans, retinal scan.
How do password systems make your device more secure?
Not changing a default password or using a weak one is a security threat too.
A common method of preventing unauthorised access and strengthened by implementing password rules e.g. min length, change it every so often etc. etc.
How does CAPTCHA make your device more secure?
Used to determine whether a user is a machine or not
How does using an email confirmation make your device more secure?
A measure used to determine whether someone is using a valid email address or not. It provides some confidence that the user is real and is using a real email address.
How do automatic software updates make your device more secure?
The concept of keeping software up to date by installing updates/ patches. Enabling automatic software updates ensures that a product is kept up to date and security flaws are fixed as soon as possible.
