Cyber security Flashcards
Define Social engineering
Social engineering attacks use deception and manipulation to trick users into revealing sensitive information or making mistakes that compromise the security of their devices.
What are the types of social engineering techniques
Phishing
Vishing
Baiting
Email hacking
Pre-texting
Quid pro quo scams
Active digital footprints
Passive digital footprints
Define Phishing
Fraudulent e-mails, text messages or websites that appear to be from trustworthy sources are used to trick victims into revealing sensitive information
Define Vishing
Voice phishing uses voice calls, voicemails or interactive voice response (IVR) systems to trick individuals into revealing sensitive information
Define Baiting
When an attacker leaves a physical item, such as a USB drive or CD, in a public place with the intention of tricking someone into taking it and using it on their computer.
Define Active digital footprints
Information that is actively shared online (e.g. through social media) that can be used to build a more successful cyber-attack.
Define Email hacking
The unauthorised access or manipulation of someone else’s e-mail account or e-mail messages.
Define Pre-texting
A false scenario or cover story is used to manipulate someone into revealing sensitive information or performing a certain action
Define Quid pro quo scams
When an attacker offers something desirable or valuable to a victim in exchange for sensitive information or access to their computer
Define Passive digital footprints
Data or information left behind as a result of online activities, such as browsing history or IP addresses, that can be used to create more convincing social engineering attacks.
What are the different sectors social engineering is used in
- commerce
- personal finance and home banking
- process control.
What are the different laws in place to protect against social engineering
The Computer Misuse Act 1990: This Act makes it a criminal offence to gain unauthorised access to computer systems through hacking, viruses and other forms of cyber-attacks.
The Fraud Act 2006: This Act makes it a criminal offence to carry out deception with the intention of making a gain or causing a loss.
The General Data Protection Regulation (GDPR): This regulation, requires organisations to protect the personal data of individuals and to report data breaches to the ICO within 72 hours.
The Privacy and Electronic Communications Regulations 2003: This regulation regulates the use of electronic communication services, including e-mail, voice calls and text messages. It requires organisations to obtain consent from individuals
Define Resilience Controls
Cyber resilience is the ability of an organisation to withstand and quickly recover from cyber-attacks, system failures and other security incidents.
What are the consequences of a cyber-attack
- Financial loss
- Reputational damage
- Legal liability
- Intellectual property theft
- System downtime
- Long-term damage
What are the effects of a website being unavailable
- Loss of reputation
- Loss of competitive advantage
- Legal and social implications
- Financial loss
What is the impact of damaged software
- System crashes
- Loss of data
- Security vulnerabilities
- Inefficient performance
- Compatibility issues
What are the legal and professional responsibilities
- General Data Protection Regulation (GDPR)
- Network and Information Systems Regulations (NISR)
- Adherence to professional standards, such as ISO 2700
- Responsibility for the protection of personal data
- Duty of care to ensure the continuity of critical business functions
- Ensuring the security and confidentiality of sensitive information
Explain how information is temporarily lost
The loss of access to information due to technical issues such as power outages and system crashes.
Can usually be restored from backups or through other recovery processes.
Explain how information is permanently lost
The complete and permanent destruction of information that cannot be restored.
Can occur due to physical damage to storage devices, deliberate destruction, or the permanent failure of storage devices.
What are the ways to prevent a cyber-attack in a business
Boundary firewall and Internet gateway
Staff training
Secure system configuration
Patch management
Malware protection
Access control
What are some methods of resilience controls for recovery from a cyber attack
What if scenarios
Regular backups of data
Planning alternative premises, communication methods and facilities
What are what if scenarios
Allows for preparation and mitigation of a cyber-attack. Hypothetical scenarios allow organisations to plan how they would respond to a cyber-attack and identify vulnerabilities
What are Regular backups of data
Used in disaster recovery and BCP.
Backups ensure that critical data can be restored in the event of a data loss, minimising the impact on the organisation
What is Planning alternative premises, communication methods and facilities
Used in Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) to ensure that critical business operations can continue in the event of a cyber-attack
What is required to prevent a malicous attack
Requires a multi-layered approach that includes security awareness training, regular security updates, penetration testing and incident response planning.
Define Black hat hacking
A hacker gains unauthorised access to computer systems, networks or data with malicious intent. This type of hacking is illegal and unethical
Define Grey hat hacking
A grey hat hacker is a computer security expert who may sometimes violate laws or typical ethical standards, but usually does not have the malicious intent.
Define White hat hacking
White hat hackers are security professionals who identify vulnerabilities and weaknesses in computer systems and networks and report them to the relevant organisations.
Define Penetration testing
Also known as pen testing, this is a security testing technique used to evaluate the security of a system by simulating an attack. It identifies security vulnerabilities and weaknesses
What are the 4 types of security measures
- Encryption
- Firewalls
- Antivirus software
- Hierarchical access levels
Define Biometrics
The use of unique physiological or behavioural characteristics to identify individuals to provide a reliable means of identification and authentication that is difficult to imitate.
What are some examples of biometrics
- fingerprint recognition
- facial recognition
- iris recognition
- voice recognition
- signature recognition
- behavioural biometrics.
Evaluate biometrics
+
Increased security
Convenience
Reduced fraud
Increased accuracy
-
Privacy concerns
Technical limitations
Cost
Bias and discrimination
Define Cryptography
The practice of securing communication and data through the use of mathematical algorithms. The purpose of cryptography is to protect the confidentiality, integrity and authenticity of data.
What are the techniques of cryptography
- Symmetric key cryptography
- Asymmetric key cryptography
- Hash functions
- Digital signatures
- Steganography
- Random number generation
- Quantum cryptography
What are some mechanisms to defend against threats and vulnerabilities
- Firewalls
- Encryption
- Access control
- Antivirus software
- Patches and updates
- Backups
- User education and awareness training
- Network segmentation
- Intrusion detection and prevention systems
- Virtual Private Network (VPN) technology
What are some range of mechanisms for attacking vulnerabilities
- Brute force attacks
- SQL injection
- Cross-Site Scripting (XSS)
- Remote Code Execution (RCE)
- Man-in-the-middle (MitM) attacks
- Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
- Social engineering
Define cyber security
How individuals and organisations reduce the risk of cyberattacks, and how to prevent unauthorised access to the personal information we store on our devices and online.
What are the risks with online marketing communications
- Spam and unwanted e-mail
- Phishing and scam attempts
- Privacy concerns
- Ad fraud
- Brand safety
- Misinformation
Define accidental damage
Accidental damage is any damage or loss of data that is not intentional. Actions that are intended to cause harm to data are classed as malicious damage.
What are the types of accidental damage
Human error
Accidental data file deletion
Software corruption
Hardware malfunction
Natural disasters
Power failure
What are the types of deliberate damage
Malware
Phishing and social engineering
DDoS attacks
SQL injection
Ransomware
Insider threats
What are the threats to the privacy of the individual from the use of data mining
- Data breaches
- Unauthorised data sharing
- Discrimination
- Profiling
- Lack of control
- Inaccurate data
What are the types of malware
- Virus
- Trojan
- Worm
- Ransomware
- Adware
- Spyware
- Rootkit
What are the operations of malware
- Data theft
- System disruption
- Spamming
- Crypto jacking
- Extortion
What is the importance of large data sets to the health sector
Electronic health records (EHRs), patient data and clinical trial data are used to improve patient care, support medical research and streamline operations.
What is the importance of large data sets to Finance sector
Transaction data, credit history and market data are used to make informed investment decisions, identify fraud and improve risk management strategies.
What is the importance of large data sets to Retail sector
Customer data, sales data and supply chain data are used to improve marketing and sales campaigns, optimise supply chain operations and provide personalised customer experiences
What are the security problems during online file updates
- Unauthorised access
- Incomplete updates
- Man-in-the-middle attacks
- Denial of service
- Malicious software
- Rollback attacks
What are the risks of the use of a unique MAC address
- MAC spoofing
- Privacy concerns
- Network security
- Network performance
Define MAC address
The Media Access Control (MAC) address is a unique identifier assigned to a Network Interface Controller (NIC) for use as a network address in communications within a network segment.
Define Blockchain
Blockchain is a decentralised, digital ledger that records transactions across a network of computers. It uses cryptography to secure and validate transactions, ensuring that the ledger is tamper-proof
How is blockchain technology used in cyber security
- Decentralised identity management
- Cyber threat intelligence sharing
- Secure record keeping
- Data privacy
- Chain security
- Cyber insurance
How does anti-virus software detect malware
- signature-based detection, which compares the code of a file or program to a database of known malware signatures in order to identify a match
- heuristic-based detection, which looks for patterns or behaviour that are typical of malware in order to identify new or unknown threats
- behavioural-based detection monitors the behaviour of a program or process in order to identify malicious activity
What is the main purpose of cryptography
- confidentiality: Cryptography is used to protect the confidentiality of data by encrypting it so that it can only be read by authorised parties who possess the proper decryption key.
- integrity: Cryptography is used to protect the integrity of data by creating a digital signature or a message authentication code, which can be used to detect any unauthorised changes to the data
- authenticity: Cryptography is used to ensure the authenticity of data by verifying the identity of the sender through the use of digital certificates or public key infrastructure.
Define steganography
This technique is used to hide a message or other data within another file, such as an image or audio file, in order to conceal its existence
