Cyber Security Flashcards
What is cyber security?
Cyber security is the prevention of cyber attacks, and stopping unauthorised access to personal information stored on online and on our devices.
What is accidental damage?
Accidental damage is any damage or loss of data which is not intentional
What are examples of accidental damage?
Human error
Accidental data file deletion
Software corruption
Hardware malfunction
Natural disasters
Power failure
What is malicious damage?
Actions that are intended to cause harm to data
What are examples of malicious damage?
Malware
Phishing and social engineering
DDoS attacks
SQL injection
Insider threats
Ransomware
What are the risks with online marketing communications?
Spam and unwanted emails
Phishing and scam attempts
Privacy concerns
Ad fraud
Brand safety
Misinformation
What are the problems that can arise during online updating of files?
Unauthorised access
Man-in-the-middle attacks
Malicious software
Incomplete updates
Denial of service
Rollback attacks
What are examples of malicious software?
Virus
Trojan
Worm
Ransomware
Adware
Spyware
Rootkit
What is malware’s intended use?
Data theft
System disruption
Spamming
Cryptojacking
Extortion
What is human error?
Day to day operations involves a lot of data manipulation through typing editing updating and deleting which susceptible to human mistake
What is accidental data file deletion?
This is the result of a file or folder being accidentally deleted without an available backup leading to the permanent loss of data
What is software corruption?
I here software fails and crashes leading to data loss or corruption during data manipulation
What is hardware malfunction?
Hardware can degrade from damage done to it or mechanical failure, when hardware malfunctions it can cause permanent data loss
What are power failures?
When power is disrupted during data manipulation causing for data to be lost
What is malware?
Malicious software that infects and damages computer systems and disrupts network operation
What is phishing and social engineering?
The use of deception to trick individuals into revealing sensitive information or installing malware
What are DDoS attacks
DDoS is distributed denial of service,
It is where networks or websites are flooded with traffic to overload them, causing them to be disabled
What is SQL injection?
Attackers executing malicious code on servers by injecting it into web applications
What are insider threats?
The intentional harm of stealing sensitive information by employees or insiders
What is ad fraud?
Online advertisement is vulnerable to to being botted which leads to a wasted marketing budget and loss of credibility
What is brand safety?
The safety of the brand’s reputation which can be damaged though ads appearing on inappropriate and offensive sites
What is misinformation?
The spread of false information which leads to confusion and mistrust and potential harm
What is unauthorised access?
An attacker that doesn’t have permission gains access to the update server
What are man in the Middle attacks?
Attackers intercepts and alters update files during transmission
What are incomplete updates?
Attackers cause the updates to fail leaving systems in an insecure state making them vulnerable
What are rollback attacks?
Where attackers use old versions of files to carry out attacks
What are viruses?
Self-replicating programmes that attach themselves to other files and spread to other devices
What are Trojans?
A hidden programmes that appears legitimate but performs malicious actions
What is a worm?
A self replicating program that spreads through networks and causes damage to computer systems
What is Ransomware?
A type of malware that encrypts a users files and demands payment for the decryption key
What is adware?
A type of software that displays unwanted advertisement
What is spyware?
A program that collects and sends personal information from a users device without their knowledge
What is rootkit?
A type of malware that is designed to hide its presence and gives full control of the infected device to the attacker
What is data theft?
Stealing personal information or confidential data
What is system disruption?
Disrupting the normal functioning of a device or network
What is spamming?
Sending unsolicited emails or messages?
What is crypto jacking?
Secretly using a victim’s device to mine crypto currency
What is extortion?
Demanding payment in exchange for not carrying out malicious actions
How can the risks of online marketing organisations be reduced?
Implementing strong security protocols
Adhering to privacy regulations
And verifying sources and accuracy of information
How can risks of online updating of files be reduced?
Use secure protocols likes HTTPS or SFTP transmission
Implement digital signatures and hash functions to verify file integrity
Develop a robust incident response plan
Conduct a regular security assessments for system maintenance and updates
What are media access control (MAC) addresses? And what are they used for?
MAC addresses are unique identifiers assigned to Network Interface controllers (NICs), and are used as network addresses for communication within a network
What is MAC address spoofing? And what’s it used for?
The practice of changing a device’s MAC Address to impersonate another device on a network, it’s used to bypass security measures or evade network monitoring and detection
What are the risks of MAC spoofing?
As it allows users to bypass security measures, attackers can gain unauthorised access violating privacy.
It can also impact the performance of a network as it confuses devices leading to data loss or duplication.
How can MAC spoofing risks be avoided?
Implementation of strong security measures
Regularly monitoring network traffic
Utilising MAC authentication to require valid MAC addresses for network access
What is blockchain?
A decentralised, digital ledger for recording tamper-proof transactiond
How does blockchain work?
It uses cryptography to secure and validate transactions across a network of computers
How is blockchain used in cyber security?
Decentralised identity management
Secure record keeping
Supply chain security
Cyber threat intelligence sharing
Data privacy
Cyber insurance
What are the threats of data mining?
Data breaches
Unauthorised data sharing
Discrimination
Profiling
Lack of control
Inaccurate data
Data breaches?
Occurs when sensitive information is illegally obtained
Unauthorised data sharing?
Companies sharing personal data without an individual’s consent
Discrimination and profiling?
Data mining algorithms unfairly discriminate against specific groups, or profile individuals potentially making them targets to advertisements or discriminatory decision making
Lack of control and inaccurate data?
Users have limited control over their personal information collection and use, which can cause data mining algorithms to produce inaccurate results impacting individuals negatively
How can the threats of data mining be reduced?
Organisations implement strong data protection policies and technologies
Individuals are cautious online
Why are large data sets important?
It is critical for an originations efficiency and competitiveness in todays digital age
Health sector and large data sets
Electronic health record hold comprehensive patient data and medical history allowing for better decision in healthcare improving the patient care
Finance sector and large data sets
Utilises transaction data, credit history and market data for investment decision, fraud identification and risk management.
Retail sector and large data sets
Use of customer data, sales data and supply chain data to improve marketing, sales and supply chain operations
what are the legal and professional responsibilities in cybersecurity?
Preventing damage caused by malicious attacks, by having security awareness training, regular updates, penetration testing and incident response planning
What is attacking vulnerabilities?
identifying and exploiting weaknesses within a system or network for malicious gain
What are methods of attacking vulnerabilities?
Brute Force Attacks
SQL Injection
Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF)
Buffer Overflow
Remote Code Execution (RCE)
Directory Traversal
Man-in-the-Middle (MitM) Attacks
Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks
Social Engineering
What is defending from threats?
Measures taken to prevent, detect, and respond to attacks on a system or network.
What are methods of defending from threats?
Firewalls
Encryption
Access Control
Antivirus Software
Patches and Updates
Backups
User Education and Awareness Training
Network Segmentation
Intrusion Detection and Prevention Systems
Virtual Private Network (VPN) Technology
What is encryption?
A security measure which uses a mathematical algorithm to convert plaintext into unreadable ciphertext.
It protects data from unauthorised access
What is a firewall?
Security measure regulating incoming and outgoing network traffic based on rules and policies.
It acts as a barrier between trusted internal networks and untrusted external networks.
What are the types of firewalls?
Hardware based
Software based
How do firewalls work?
Packet-Filtering: Examines packet headers based on source, destination, IP address, and port number.
Stateful Inspection: Tracks conversation or “state” of connections for informed traffic decisions.
Application-Level Gateways: Inspects data at the application layer, understanding specific application-level protocols.
What is an antivirus software?
A security measure that detects, prevents and removes malware, it is installed onto a users devices and constantly monitors the device.
What techniques are used in an Antivirus Software?
Signature-Based Detection: Compares code to a database of known malware signatures.
Heuristic-Based Detection: Looks for patterns or behaviors typical of malware.
Behavioral-Based Detection: Monitors program behavior to identify malicious activity.
What happens once malware is detected?
Quarantine: Isolates malware to prevent further system damage.
Deletion: Removes malware entirely from the system.
Repair: Attempts to reverse damage caused by the malware.
What is hierarchal-access levels?
Divides system or network access into different tiers with distinct privileges and restrictions. This limits the damage done by unauthorised access.
What is cryptography?
Securing communication and data through mathematical algorithms.
What is the purpose of cryptography?
Confidentiality: Encrypts data for authorized party access.
Integrity: Protects data integrity via digital signatures or authentication codes.
Authenticity: Verifies sender identity using digital certificates or public key infrastructure.
What is symmetric key cryptography?
Uses the same secret key for both encryption and decryption.
Both parties require a copy of the secret key for communication.
What is asymmetric key cryptography?
Uses a pair of keys for encryption and decryption.
Keys are not identical; one is public, the other is private.
What is Hash Function cryptography?
Generates unique digital fingerprints for file verification.
Uses algorithms like SHA-256, SHA-512.
What is digital signatures cryptography?
Ensures sender authenticity.
Sender uses private key, recipient verifies with public key.
What is steganography?
Hides messages within other files like images or audio.
Conceals the existence of data.
What is random number generator?
Generates random numbers for security applications.
Utilized in encryption keys and digital signatures.
What is quantum cryptography?
Uses principles of quantum mechanics for secure communication.
Considered more secure than traditional methods.
Compare symmetric and asymmetric key cryptograph
Symmetric: Uses one key for encryption and decryption, faster but requires secure key exchange.
Asymmetric: Uses different keys for encryption/decryption, eliminates need for key sharing, slower and computationally more expensive.
What is biometrics?
Biometrics is the use of unique physiological or behavioural characteristics to identify individuals.
What is fingerprint recognition?
Uses unique fingerprint patterns for identity verification.
What is facial recognition?
Verifies identity using distinct facial characteristics.
What is iris recognition?
Utilizes unique iris patterns for identification.
What is voice recognition?
Identifies individuals based on their unique voice characteristics.
What is signature recognition?
Uses unique signature characteristics for verification.
What is behavioural biometrics?
Identifies individuals based on behavioural traits like typing rhythm or mouse movements.
What is the benefit of biometric authentication?
Provides high security and convenience, reduces fraud and accuracy in authentication
What is the disadvantage of biometric authentication?
Privacy concerns, technical limitations, it is expensive to implement and maintain, and there is the potential of bias and discrimination.
What is black-hat hacking?
Obtaining unauthorised access to systems with malicious intent
What is white-hat hacking?
Improves security by identifying system vulnerabilities, helps prevent cyber-attacks and identifies weaknesses enhancing security.
What is penetration testing?
Used to simulate attacks and is used to
evaluate the security of a system. It identifies security vulnerabilities and weaknesses providing with recommended improvements.
What is tracert (Tracer route)
a network diagnostic tool used to track the
path taken by data packets from a source computer to a destination computer
What is whois protocol?
a protocol and database system that stores
information about registered domain names and the associated organisations and individuals.
What is IP address masking and impersonating?
the process of hiding or changing the real IP address of a device or network to appear as if it originates from a different location or device.
What is cyber resilience?
the ability of to withstand and quickly recover from cyber-attacks, system failures and other security incidents
What are the consequences of a cyber attack to a company?
Financial Loss
Reputational Damage
Legal Liability
Intellectual Property Theft
System Downtime
What are the types of data loss?
Temporary and permanent
What is temporary data loss?
Temporary data loss is where data that is lost can easily be recovered from backups or recovery processes
What is permanent data loss?
Permanent data loss is where data is lost completely and irreversible
How do you avoid permanent data loss?
Implementing proper data backups and disaster recovery procedures
Regular software and system updates
Physical security for storage devices
Regular backups
What can damaged or corrupt software lead to?
System crashes
Data Losses
Security Risks
Inefficiency
Compatibility Issues
In what ways are companies effected by their website being unavailable?
Loss of Reputation
Loss of competitive advantage
Legal and social implications
Financial Issues
Loss of Reputation because of a website being down is caused as there is?
Poor user experience, leading to decreased trust.
Brand image tarnishing.
Penalties in search engine rankings.
Loss of competitive advantage because of a website being down is caused as there is a?
Reduced market share.
Missed business opportunities.
Decreased visibility and brand reputation damage.
The legal and social implications of a website being unavailable are
Legal liabilities and contractual breaches.
Reputational damage and loss of trust.
Increased customer complaints.
The financial loss because of a website being down is due to the
Reduced revenue and increased costs.
Decreased ad revenue and search rankings.
Loss of customers and market share.
The resilience controls to prevent cyber attacks are?
Boundary firewalls and Internet gateways
Secure system configuration
Access control
Malware Protection
Patch Management
Staff Training
How does Boundary firewalls and Internet gateways prevent cyber-attacks?
Boundary firewall monitors and controls network traffic.
Prevents unauthorised access, malware infections and hacking attempts.
Internet gateway aids in secure data exchange and prevents cyber-attacks using firewalls, intrusion detection systems, and VPNs.
How does Secure system configuration prevent cyber-attacks?
Admin account access controls and audit trails.
Account management and regular backups.
Provides multiple layers of protection, reducing the attack surface and increasing visibility to respond to security incidents.
How does Access control prevent cyber-attacks?
Limits individuals accessing sensitive data and systems.
Reduces the attack surface, minimises the risk of unauthorised access, theft and manipulation.
Strengthens security posture and reduces the likelihood of successful cyber-attacks.
How does Malware protection prevent cyber-attacks?
Detects and blocks malicious software
Prevents harm, data theft, and unauthorised access.
Utilises antimalware software, firewalls, and other security measures to reduce the risk of malware-based cyber-attacks.
How does Patch management prevent cyber-attacks?
Regularly updates software to close security vulnerabilities.
Protects against new threats and maintains compliance with industry regulations.
Identifies, acquires, tests, and installs patches to prevent cyber-attacks.
How does Staff training prevent cyber-attacks?
Raises employee awareness of cyber threats.
Teaches safe computing practices and ensures compliance with security policies.
Facilitates early detection of potential cyber-attacks through informed employees.
The resilience controls to recover from cyber-attacks are?
Alternative Facilities
What-If Scenarios
Regular Backups of data
How do alternative facilities recover from cyber-attacks?
Provides options if primary locations are affected by cyber-attacks.
How do What-if scenarios recover from cyber-attacks?
Identifies attack vectors, evaluates impact, and prioritizes response efforts.
How do Regular Backups recover from cyber-attacks?
Helps restore lost data, minimizing operational impact.
What are the Legal and Professional Responsibilities for Resilience Controls
Compliance with laws (GDPR, NISR) and standards (ISO 27001, Cyber Essentials).
Responsible for protecting personal data and preventing unauthorized access.
Duty to ensure continuity of critical business functions through business continuity planning and disaster recovery strategies.
Ensuring security and confidentiality of sensitive information like financial data and intellectual property.
What is social engineering?
Social engineering attacks use deception and manipulation to trick users into revealing sensitive information or making mistakes that compromise the security of their devices.
What is phishing?
Cyber-attack seeking sensitive data through deceptive emails, texts, or websites impersonating trusted entities.
What is vishing?
Voice Phishing, Social engineering attack using voice calls, voicemails, or IVR systems to extract sensitive information.
What is baiting?
A social engineering attack involving leaving a physical item (USB, CD) in public spaces to entice victims into using it on their devices.
What is email hacking?
The unauthorised access or manipulation of someone else’s e-mail account or e-mail messages.
What is pretexting?
A method where false scenarios or cover stories are used to manipulate individuals into disclosing sensitive information or performing actions.
What is quid pro quo scams?
A social engineering attack where an attacker offers something valuable to a victim in exchange for sensitive information or computer access.
What is passive digital footprints?
Passive digital footprints are data or information inadvertently left behind due to online activities, like browsing history, social media posts, or IP addresses.
What is active digital footprints?
Active digital footprints result from actively sharing information online via social media, email, or messaging.
How can your digital footprint be exploited?
In a cyber-attack campaign, attackers leverage passive and active digital footprints to access systems and steal sensitive information.
Social engineering and the legal requirement in the UK
Computer Misuse Act 1990: Criminalizes unauthorized system access via hacking or cyber-attacks.
Fraud Act 2006: Criminalizes deception causing gain or loss, encompassing social engineering scams like phishing and vishing.
GDPR: Enforces personal data protection, mandates timely data breach reporting to the ICO.
Privacy and Electronic Communications Regulations 2003: Regulates electronic communication services, requiring consent for marketing messages and opt-out options for individuals.
