Cybersecurity

Question 1

What are the main threats to cybersecurity?

Answer 1

• Malware
• Viruses
• Worms
• Keyloggers
• Trojans
• Spyware
• Hacking

Question 2

What does malware do and how do we prevent it?

Answer 2

A piece of software made to disrupt or damage a computer system.

Prevention- Install antivirus software on a file server to scan all files regularly for possible infection,

Question 3

What does a virus do and how do we prevent it?

What is the difference between a worm and a virus?

Answer 3

A type of malware that is installed without the users knowledge (usually via email) and will repeatedly copy and embed itself in programs and data files to infect and corrupt them.
Worms work independently without human action where viruses need human assistance.

Prevention- Install an antivirus on email servers.

Question 4

What does a key logger do and how do we prevent it?

Answer 4

A program that copies and stores all keystrokes for fraudulent access to passwords and confidential information.

Prevention- Using a Bluetooth keyboard that encrypts strokes and prevents the installation of device drivers.

Question 5

What does a trojan do and how do we prevent it?

Answer 5

Software that breaches access by disguising itself as a harmless software and will access user’s data (e.g. banking details)
Prevention- Encrypt all sensitive data

Question 6

What does spyware do and how do we prevent it?

Answer 6

Software that accesses and transmits data from another computer’s hard drive
Prevention- Using encryption keys that allow access only to authorised users and placing a firewall on servers to check/block network traffic.

Question 7

What does hacking do and how do we prevent it?

Answer 7

When a user gains unauthorised access to a computer system.

Prevention- Set up firewalls on network servers and encrypt important data.

Question 8

What are the 5 types of technical weaknesses?

Answer 8

SQL Injection 
DoS (Denial of Service) Attack 
IP Address spoofing 
Social Engineering 
Phishing

Question 9

What is SQL injection?

Answer 9

When a hacker uses SQL (Structure Query Language) code to gain access to a data base and steal valuable information.

Question 10

What is a DoS Attack?

Answer 10

When a network/ website is flooded with data traffic to bring it to a halt. (Usually asking for a ransom to boot the network/ website back up)

Question 11

What is IP Address Spoofing?

Answer 11

When a hacker changes the IP address of a site so that visitors are taken to a fraudulent web page.

Question 12

What is social Engineering?

Answer 12

When cyber criminals personally manipulate/trick employees into giving them access to a network by pretending to be a contact of their company

Question 13

What is Phishing?

Answer 13

When an attacker uses emails or text messages to impersonate an organisation and trick employees into give them confidential data which allows them to access accounts/ networks.

Question 14

What is the difference between foot printing, ethical hacking and penetration testing?

Answer 14

Foot printing

• When a penetration tester determines how much detail a potential hacker could find out ABOUT THE SYSTEM
• This allows an organisation to limit the technical information about a system that is publicly available

Ethical Hacking

• Is carried out with the permission of the system owner to cover all computer attack techniques
• They attempt to bypass system security and search for any weak points that could be exploited by a hacker.
• They know how to reinforce the security.

Penetration testing

• A broader penetration test carried out by the companies IT team
• It can be carried out automatically
• External (Hacker getting in) and Internal (Malicious employee) testing