Cybersecurity

Question 1

Network

security

Answer 1

The range of measures that can
be taken to protect network
data from accidental or
malicious damage.

Question 2

Encryption

Answer 2

Conversion of data, using an
algorithm, into cyphertext
that cannot be understood by
people without the decryption
key.

Question 3

Compression

Answer 3

The process of reducing file
size to allow more data to be
stored on the disk and increase
transfer speeds.

Question 4

Backup

Answer 4

A copy of data that can be used

if the original data is lost.

Question 5

Archiving

Answer 5

The process of storing data that
is not in current use for security,
legal or historical reasons.

Question 6

Cybersecurity

Answer 6

The range of measures that can
be taken to protect computer
systems from cyberattack.

Question 7

Cyberattack

Answer 7

An attempt to expose, alter,
disable, destroy, steal or gain
unauthorized access to data on
a computer system or smart
device.

Question 8

Malware

Answer 8

MALicious softWARE; the term
used for any kind of computer
software written to enable a
cyberattack

Question 9

Vulnerabilities

Answer 9

Software security flaws or holes
that are fixed via the release of
patches

Question 10

Cookies

Answer 10

Data downloaded from a
website that allows the website
to identify the computer in
future.

Question 11

SQL Injection

Answer 11

Injected SQL commands can alter SQL
statements and compromise the security of
information held in a database.

Question 12

Denial of

Service (DoS)

Answer 12

Making a website and servers unavailable to
legitimate users, by swamping a system with
fake requests.

Question 13

Password

attacks

Answer 13

Brute force or dictionary attacks to discover

passwords

Question 14

SQL Injection

Answer 14

Injected SQL commands can alter SQL
statements and compromise the security of
information held in a database.

Question 15

IP Spoofing

Answer 15

Changing the IP address of a site so that a
visitor is taken to a fraudulent or spoofed web
page

Question 16

Social

engineering

Answer 16

Deception such as phishing. Tricking a user

into giving out sensitive information.

Question 17

Protections against malware

Answer 17

Install anti-virus software
• Use a firewall
• Keep the operating system up to date
• Use the latest version of browsers
• Look out for phishing emails.

Question 18

Hackers

Answer 18

Individuals who will violate computer security for malicious or financial reasons; they may also be known as crackers.

Question 19

Planting the flag

Answer 19

Individuals who may seek financial reward for finding vulnerability, but are more interested in finding vulnerabilities than gaining something for themselves.

Question 20

Ethical hackers

Answer 20

Individuals whose activities are designed to test and enhance computer security; they may also be known as ethical hackers.

Question 21

Social engineering

Answer 21

The psychological manipulation of people into performing actions or divulging confidential information.

Question 22

Pharming

Answer 22

Pharming redirects victims to a bogus site even if the victim has typed the correct web address. This type of scam is often applied to the websites of banks or e-commerce sites.

Question 23

Phishing

Answer 23

Phishing is the act of trying to obtain confidential records such as passwords. Emails that look as if they are from a legitimate, respected organisation are sent, but they contain links to fake websites that ‘phish’ data from unsuspecting victims.

Question 24

Shoulder surfing

Answer 24

Looking over another person’s shoulder to view passwords or other data that is being entered.

Question 25

Malware

Answer 25

Short for malicious software, this is programming or code that is used to disrupt computers by: ● Gathering sensitive information ● Gaining access to private computer systems ● Displaying unwanted advertising ● Distributing the performance of a computer or network

Question 26

Brute force attack

Answer 26

This type of attack can occur when an attacker systematically submits guessed passwords with the hope of eventually guessing correctly.

Question 27

DoS

Answer 27

A denial of service attack (DoS attack) is a cyberattack in which a criminal makes a network resource unavailable to its intended users by flooding the targeted machine or website with lots of requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.

Question 28

DDoS

Answer 28

In a distributed denial of service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This makes it impossible to stop the attack simply by blocking a single source.

Question 29

SQL injection

Answer 29

SQL injection occurs when malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

Question 30

Virus

Answer 30

Malware that usually embeds itself into existing software on a device and then, once that software is run, spreads to other executable files.

Question 31

Worm

Answer 31

While also self-replicating, a worm does not need to infect an existing program. Worms are able to spread very rapidly, infecting large numbers of machines.

Question 32

Ransomware

Answer 32

This type of Trojan can modify data on a computer or device so that it doesn’t run correctly or so that users can no longer use specific data. The criminal will only restore the computer’s performance, or unblock data, after the victim has paid them the ransom money they demand.

Question 33

Spyware

Answer 33

Programs that can spy on how a user makes use of their computer or device, for example by tracking the data entered via a keyboard, taking screenshots, or getting a list of running applications.

Question 34

Firewall

Answer 34

A firewall sits between a local network or computer and another network, controlling the incoming and outgoing network traffic.

Question 35

Penetration testing

Answer 35

A type of security testing used to test the insecure areas of a system or application.