cyber security

Question 1

brute force attacks

Answer 1

• a ‘trial and error’ method used by cybercriminals to crack passwords by finding all possible combinations of letters, numbers and symbols until the password is found
• logical steps:
  - common passwords (12345, 11111)
  - word list: a text file containing a collection of words used in a brute force attack

Question 2

data interception

Answer 2

• an attempt to eavesdrop on a wired or
  wireless network transmission
• compromise privacy or to obtain
  confidential information.
• is carried out by a packet sniffer

Question 3

packet sniffing

Answer 3

• data interception: wired networks
• a method used by a cybercriminal to
  examine data packets being sent over a network and to find the contents of a data packet, which are sent back to the cybercriminal

Question 4

wardriving

Answer 4

• also called access point mapping
• using a laptop, antenna, GPS device and
  software to intercept Wi-Fi signals and illegally obtain data

Question 5

methods of preventing data interception

Answer 5

– wired equivalency privacy (WEP) encryption protocol
security: an algorithm for wireless networks to protect
them against data interception
- use complex passwords
- do not connect to random public wireless network (wifi)

Question 6

Denial of Service (DoS) attacks

Answer 6

• a cyberattack in which
  cybercriminals seek to disrupt the normal operation of a website by flooding it with requests;
• flood the network with useless spam traffic.
• when a user enters a website’s URL in their browser, a request is sent to the web server that contains the website or web page, since can only handle a number of requests, it becomes overloaded by an attacker
  sending out thousands of requests, it won’t be able to service a user’s legitimate
  request.
• prevents users from:
  1. accessing their emails
  2. accessing websites/web pages
  3. accessing online services (such as banking).

Question 7

spam

Answer 7

unsolicited emails sent to a user’s mailbox

Question 8

Distributed Denial of Service (DDoS) attacks

Answer 8

• distributed denial of service (DDoS) attack – a denial of service (DoS) attack in which the fake requests come from many different computers, which makes it harder to stop

Question 9

methods of preventing Dos and DDos

Answer 9

• using an up-to-date malware checker
• setting up a firewall to restrict traffic to and from the web server or user’s computer
• applying email filters to filter out unwanted traffic (for example, spam).

Question 10

signs of Dos and DDos

Answer 10

• slow network performance (opening files or accessing certain websites)
• inability to access certain websites
• large amounts of spam email reaching the user’s email account.

Question 11

hacking

Answer 11

• the act of gaining illegal access to a computer
  system without the owner’s permission
• can lead to identity theft or the gaining of
  personal information; data can be deleted, passed on, changed or corrupted.

Question 12

methods of preventing hacking

Answer 12

• use of firewalls,
• user names
• frequently changed strong passwords.
• anti-hacking software
• intrusion-detection software also exists in the fight against hacking.

Question 13

ethical hacking

Answer 13

• when companies authorise paid hackers to check
  out their security measures and test how robust their computer systems are to hacking attacks.

Question 14

malware

Answer 14

– programs (such as viruses, worms and Trojan
horses) installed on a user’s computer with the aim of
deleting, corrupting or manipulating data illegally

Question 15

virus

Answer 15

• a program or program code that replicates itself
  with the intention of deleting or corrupting files or by
  causing the computer system to malfunction
• needs an active host
• often sent as email attachments

Question 16

active host

Answer 16

– functioning software that a virus can affect by
attaching itself to the code or by altering the code to allow the virus to carry out its attack

Question 17

methods of preventing a virus

Answer 17

• don’t open emails from unknown sources
• don’t install non-original software
• always run an up-to-date virus scanner

Question 18

worms

Answer 18

• a stand-alone type of malware that can self-
  replicate
• do not need an active host: they can spread throughout a network without the need for
  any action by an end-user
• they rely on security failures within networks to permit them to spread
  unhindered
• arrive as message attachments and only one user opening a worm-infested email could end up infecting the whole network.

Question 19

methods of preventing worms

Answer 19

• up-to-date anti-virus program

Question 20

trojan horse

Answer 20

• trojan horse will give cyber criminals
  access to personal information on your computers, such as IP addresses, passwords and other personal data.
• often disguised as legitimate software but
  with malicious instructions embedded within it.
  replaces all or
• part of the legitimate software with the intent of carrying out some harm to the user’s computer system.
• need to be executed by the end-user
• email attachment or are downloaded from an infected website

Question 21

Spyware

Answer 21

• They are primarily designed to
  monitor and capture web browsing and other activities and capture personal data

Question 22

Adware

Answer 22

-its least dangerous it will attempt to flood
an end-user with unwanted advertising.
-highlight weaknesses in a user’s security defences
- be hard to remove – it defeats most anti-malware software since it can be
difficult to determine whether or not it is harmful
- hijack a browser and create its own default search requests.

Question 23

Ransomware

Answer 23

-‘hold the data hostage’
-it either encrypts files straightaway or it waits for
a while to determine how much of a ransom the victim can afford.

Question 24

Phishing

Answer 24

-occurs when a cybercriminal sends out legitimate-looking emails to
users.
-There are numerous ways to help prevent phishing attacks:
» users need to be aware of new phishing scams;
» it is important not to click on any emails links unless totally certain that it is
safe to do so;
» ensure an up-to-date browser is running on the computer device
» be very wary of pop-ups and use the browser to block them;

Question 25

Pharming

Answer 25

The creator of the malicious code can gain personal
data, such as bank details, from the user. Often the website appears to come
from a trusted source and can lead to fraud and identity theft.
-It is possible to mitigate against the risk of pharming:(refer the points)

Question 26

Social engineering

Answer 26

occurs when a cybercriminal creates a social situation that
can lead to a potential victim dropping their guard.
-Instant messaging:Malicious links are embedded into instant messages;
-Scareware:This is often done using a pop-up message that claims that the user’s
computer is infected with a virus;
-Emails/phishing scams:The user is tricked by the apparent genuineness of an email and opens
a link in the email;
-Baiting:The cybercriminal leaves a malware-infected memory stick somewhere
where it can be found;
-Phone calls:the user is
advised to download some special software that allows the cybercriminal to take over the user’s device giving them access to personal information

Question 27

Access levels

Answer 27

user accounts control a user’s rights. This often
involves having different levels of access for different people.
1 public access
2 friends
3 custom
4 data owner

Question 28

Anti-malware

Answer 28

The two most common types of anti-malware are anti-virus and anti-spyware.
-Anti-spyware software detects and removes spyware programs installed illegally
on a user’s computer system. The software is based on one of the following
methods:
» rules
» file structures
-The general features of anti-spyware are:
» detect and remove spyware already installed on a device
» prevent a user from downloading spyware
» encrypt files to make the data more secure in case it is ‘spied’ on
» encryption of keyboard strokes to help remove the risk posed by the
keylogging aspects of some spyware

Question 29

Authentication

Answer 29

refers to the ability of a user to prove who they are. There are
three common factors used in authentication:
» something you know (for example, a password or PIN code)
» something you have (for example, a mobile phone or tablet)
» something which is unique to you (for example, biometrics).

Question 30

Biometrics

Answer 30

It can be used in much the same way as passwords as a way of identifying a user. Biometrics relies on certain unique characteristics of human
beings; examples include:
» fingerprint scans
» retina scans
» face recognition
» voice recognition.

Question 31

Fingerprint scans

Answer 31

-Images of fingerprints are compared against previously scanned fingerprint
images stored in a database;
-The system compares patterns of ‘ridges’ and ‘valleys’ that are
unique.
Fingerprint scanning
techniques have the following benefits as a form of security:
» fingerprints are unique,
» other security devices
» it would be impossible to ‘sign in’ for somebody else since the fingerprints would match with only one person on the database
» fingerprints can’t be misplaced
-What are the drawbacks of fingerprint scanning?
» it is relatively expensive to install and set up
» if a person’s fingers are damaged through an injury, this can have an effect on
the scanning accuracy
» some people may regard any biometric device as an infringement of civil
liberties.

Question 32

Retina scans

Answer 32

it is a rather unpleasant technique requiring
a person to sit totally still for 10 to 15 seconds while the scan takes place;
(study the table)

Question 33

spyware

Answer 33

• spyware can be detected and removed by anti-spyware software.