Cyber security Flashcards
Describe what is meant by cybersecurity
protection against the crinimal use of electronic data
What is shouldering?
a type of social engerneering that is used to obtain information such as PINs or passwords, by looking over somebodys shoulder
How can unpatched software affect cyber security
- the software does not have new security features
- the problems in the old software is released usually by companies - this can be exploited
How can misconfigured access rights affect cyber security
-people lower in the system are able to obtain private information that they should not be able to do
How can the use of removiable media affect cyber security
- USB killers can destroy systems
- bots can be downloaded onto a removible media platform, when inserted it may scan for things (spyware)
What is ransomware?
a program which is noramlly downloaded through a trojan horse and encrypts data so the user has to pay money for data
what can stop trojan hourses?
- virus protection
- checking links are authirised
What is adware?
- analysis internet activities
- this can be done by cookies
what are penetration test?
- where white hat hackers hack into the system
- they test to see how easy it is to hack
- what is obtained
- how long it may take
What is the difference between white and black box penetration tests?
Black Box
The internal structure of the system is unknown
The testing is done by a tester
Programming and Implementation knowledge is not required for testing.
Black box testing is external testing
Concentrated on the functionality of the system
The main aim is to check what functionality is performing by system under the test.
White Box
The internal structure is known to the tester
The testing is done by software
Programming and Implementation knowledge is required
White box testing is internal testing.
Concentrated on testing the code of the program
The main aim is to check on how the system is performing.
What is meant by socail engerneering
an attack that heavily relies on human interatction to obtain data
What is phishing?
-Phishing emails are used to try to get the user to disclose information. They often claim to be from a bank or other financial institution
What is blagging?
- Blagging / pretexting is the act of knowingly or recklessly obtaining or disclosing personal data or information without the consent of the controller (owner of the data)
- Persuading someone (such as a colleague) to disclose their password would be an example of this
- Companies should provide clear policies and training to limit this risk
What is biometric checking
- fingerprints
- face ID
What is Captcha?
- a prevention to stop cyber attacks.
- tasks only humans can complete
