cyber security

Question 1

what is cyber security

Answer 1

consists of the processes, practices and technologies designed to protect networks, computers, programs and data from attack, damage or unauthorised access.

Question 2

what is malware

Answer 2

a form of malicious code designed to cause harm or gain unauthorised access to a computer system.

Question 3

how can malware get onto a device

Answer 3

• a download from an email attachment
• hidden on removable media ( USB drive /SD card )

Question 4

what are the typical actions of malware

Answer 4

• deleting/modifying files
  -locking files ( ransomware encrypts all the files on a computer , the user receives a message demanding for large sum of money to be paid in exchange for decryption key )
• displaying unwanted adverts
• monitoring the user - spyware secretly tracks the users eg key presses and sends info back to the hacker who may use the info to gain access to passwords or bank details
• altering permissions - rootkits can give hackers administrator access to devices

Question 5

how can malware be spread between devices

Answer 5

as viruses - attach to certain files - users spread them by copying infected files and activate them by opening them
as worms - self replicate without user help and can spread very quickly , they exploit weaknesses in network security
as trojans - malware disguised as legitimate software , users install them without knowing the true intent

Question 6

what is pharming

Answer 6

the user is directed to a fake version of the intended website that looks like the real thing , when user inputs all their details onto the website they are actually giving the information to the hackers who can then use the info to gain access to the real account

Question 7

what are some preventions from pharming

Answer 7

anti - malware software must be up to date help prevent malware attacks by scanning all incoming data to prevent malware from being installed and infecting a computer.

Question 8

what is phishing

Answer 8

when criminals send emails/ messages to a user claiming to be from a well known business , the emails then leads to the user being sent to an fake website

Question 9

what is social engineering

Answer 9

art of manipulating people so they give up confidential information

Question 10

what is shouldering

Answer 10

observing persons private info over their shoulder – eg pin number prevent – cover pin number / screen guards over devices

Question 11

what is blagging

Answer 11

methods used to obtain info convincingly – act of creating / using invented scenarios that manipulates targeted victims

Question 12

what is penetration testing

Answer 12

attempting to gain access to resources without konwledge of usernames , passwords and any other means of access

Question 13

explain the difference between the two types of penetration testing

Question 14

what is authentication

Question 15

what is encryption

Question 16

what is trojan

Question 17

what is virus

Question 18

what is spyware

Question 19

what is adware

Question 20

what are ways to reduce risks from malware

Question 21

why is the LEN function more flexible?

Question 22

explain what outdated software

Question 23

explain what are misconfigured access rights

Question 24

why is biometric authentication better than password authentication

Question 25

what are advantages and disadvantages of cloud storage

Question 26

Explain three different electronic methods that could then be used to confirm user identity.

Question 27

what are some methods to detect and prevent cyber security threats

Question 28

how does the DNS work

Question 29

what are the password policies

Answer 29

• minimum length of characters
• includes at least one lowercase letter
• includes at least one upper case letter
• includes at least one symbol

Question 30

what is removable media

Answer 30

is any storage device that can be inserted and removed from a computer

Question 31

why does an operating system have to be updated

Answer 31

as the operating system has full control of the computer or server so if the operating system is infected the entire appliance will be dangerous to the user

Question 32

why does the antivirus /antimalware software need to be updated regularly

Answer 32

so that it can detect new malware

Question 33

how does misconfigured access right pose a risk to a computer system

Answer 33

give users too much access which can be misused

Question 34

how does unpatched/outdated software pose a risk to a computer system

Answer 34

leaves security holes open for hackers to take advantage of

Question 35

what should you look out for in an email to make sure phishing isnt occuring

Answer 35

• greeting - the phishers dont know your name so the greeting isnt personalised

-

Question 36

what are some security measures for cyber security

Answer 36

• biometrics - eg finger print scan,retinal scan,voice pattern recognition - very efficient as these are all unique features of a person so great way of authenticating an identity
• CAPTCHA
  -automatic software updates
• email confirmation to confirm users identity
• password systems - can be made even more secure by following these rules :
• minimum length
• upper/lowercase numbers and letters
• must be continually changed
  -cant be based on a name