Cyber Security Flashcards
What is hacking?
Automated or manual attempts to gain unauthorised access to programs or data
How to protect against hacking?
Firewall to block access by unauthorised devices
What is a brute force attack?
Automated or manual attempts to gain unauthorised access to secure areas by trying all possible password/key combinations
How to protect against brute force attacks?
Strong passwords
Limited attempts allowed
What is data interception and theft?
Data may be intercepted during transmission, but physical theft can occur where storage devices or data files are left insecurely
How to protect against data interception and theft?
Encryption
Passwords
Physical locks
What is spyware?
Software that hides on your computer and records your activities to send back to a third-party for analysis
How to protect against spyware?
Anti-malware
Anti-spyware software
What is phishing?
Phishing emails redirect a user to a fake website where they trick the reader into divulging confidential information such as passwords that can be used fraudulently
How to protect against phishing?
Network policy
Firewall
User awareness of phishing ‘clues’
What is pharming?
Sends the user to a fake website that looks like the real thing. The user types in a legitimate address and is redirected to a fake website
How to protect against pharming?
Checking the URL
Making sure the site says HTTPS, not HTTP
What is malware?
Malicious software written to cause inconvenience or damage to programs or data
What is a virus?
A program that is installed on a computer without the user’s knowledge or permission with the intent of doing harm.
It includes instructions to replicate automatically on a computer
What is a worm?
A program that is similar to a virus, except it cannot self-replicate
What does anti-virus software do?
Software that runs on a computer checking all files for known viruses
It must be updated regularly
What is a Trojan horse?
A program that masquerades as having one legitimate purpose, but it actually has another
How does a Trojan horse work?
A link is spread by email
The user is invited to click on a link for an everyday purpose
This link then executes a program which gives the controller unauthorised access to the computer
What is ransomware?
A form of malware that encrypts a victim’s files.
How does ransomware work?
A ransom is demanded from the attacker in return for instructions on how to decrypt the files
What is adware?
A malware that displays onscreen advertisements. It is not always dangerous, but could redirect the browser to an unsafe site
What does DDoS stand for?
Distributed Denial of Service
What is a DDoS attack?
A malicious attempt to disrupt the normal traffic of a targeted server with a flood of Internet requests
How does a DDoS attack work?
Multiple interconnected devices in different locations establish a botnet
The attacker is then able to direct the attack by sending remote instructions to the bots to send requests to the target’s IP address
The server becomes overwhelmed, and genuine requests cannot be handled
The server fails or times out
How can you protect against DDoS attacks?
A firewall can filter through requests to separate the genuine and fradulent requests
What are biometrics?
Pre-recorded characteristics to authenticate authorised users of a system/device
What are some examples of biometric authentication?
Facial recognition
Iris and retina scanners
Fingerprint recognition
Voice recognition
What is two-step verification?
Two authentication methods performed one after the other to prove someone’s identity
What are automatic software updates?
These updates will keep applications and the OS up-to-date. This enables bugs and security flaws in the software to be fixed with a patch
What does SSL stand for?
Secure Socket Layer
What does SSL stand for?
Provides a secure channel between two computers or device operating over the internet
What is SSL used for?
SSL is used to secure communication between a web browser and a web server.
It will then use an HTTPS address for the website
Similar to asymmetric encryption
What can privacy settings allow a person to do?
Control what information about them is shared on a social media platform. A user can control who has access to what they post, and who can see their full profile
What could be counted as a proxy server?
Any machine that checks and forwards traffic between networks or protocols.
What does a proxy server do?
It’s an intermediary server that separates end-user clients from their destination site. It can provide varying levels of functionality, security and privacy.
