Cybersecurity Flashcards

1
Q

Snooping

A

A technique used to secretively discover private information about a person, company, or other entity. This is often an insider threat within organizations.

For example, an employee may look at emails when a computer is left logged in and unattended. Another example is an IT employee who has administrative access looking in confidential employee files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Wiretapping

A

Wiretapping is a form of eavesdropping that uses programs such as packet sniffers to capture data being transmitted over a network.

With the proper tools, unauthorized people can intercept data on either a wired or a wireless network. One of the best ways to protect against wiretapping threats is to use data encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Social engineering

A

Social engineering is the act of exploiting human weaknesses to gain access to personal information and protected systems. Social engineering relies on manipulating individuals rather than hacking computer systems to penetrate a target’s account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Reconnaissance

A

A type of social engineering exploit that passively gathers information about a potential victim. The goal is to get the information needed to further exploit the victim. Common reconnaissance techniques include the following:

Shoulder surfing
Observe a user through a window.
Eavesdropping
Dumpster diving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Pretexting

A

Pretexting is use of a fabricated story, or pretext, to gain a victim’s trust and trick or manipulate them into sharing sensitive information, downloading malware, sending money to criminals, or otherwise harming themselves or the organization they work for.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Email attacks

A

A form of social engineering that attempt to exploit a victim using email messages. Email attacks may come in the following forms:

Phishing emails are crafted to appear as though they were sent from a legitimate organisation, such as a bank or an e-commerce website. These emails convince the user to click a link that opens a malicious website where the user is then tricked into providing sensitive information.

Spear phishing is phishing but targeted at certain individuals

Whaling - Exactly like spear phishing but targeted at High level employees. e.g. C-Level, CEO, COO, Etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Browser attacks

A

Browser attacks are a type of social engineering. The attacker tries to convince the victim that revealing sensitive information or installing malware on the computer is a legitimate task. Browser-based attacks can take many forms including the following:

Pharming redirects web traffic intended for a legitimate site to a malicious site that looks identical to the legitimate website. Once there, the victim is tricked into supplying sensitive information, such as usernames, passwords, bank account numbers, or credit card numbers.

Rogue anti-virus attacks employ a pop-up browser window that tells the user the computer is infected with a virus and to click a link to clean it. Sometimes this exploit merely tricks users into paying for worthless software they don’t need. However, it is also frequently used to install malware on the victim’s computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

On-path (Man in the middle) attack

A

A hacker places themselves between two devices (often a web browser and a web server) and intercept or modify communications between the two. The attackers can then collect information as well as impersonate either of the two agents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Replay attacks

A

A replay attack is a type of network attack in which an attacker captures a valid network transmission and then retransmit it later. The main objective is to trick the system into accepting the retransmission of the data as a legitimate one. Additionally, replay attacks are hazardous because it’s challenging to detect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Impersonation

A

The term impersonation usually refers to a social engineering tactic where a hacker pretends to be a member of senior management who is authorized to gain access to a system. In hacking technology, it can also refer to hijacking a networking session and masquerading as another identity.

For example, in a TCP session hijacking, the attacker gains access to a host on the network and logically disconnects the client; the hacker then pretends to be the client. The concept of session hijacking can also be used with an HTTP session. For example, the hacker could hijack cookies from a web browser. To the web server, the hacker appears to be the original web client and takes over the original HTTP session that’s already been initiated.

If an attacker captures a user’s username and password through social engineering or other means, the attacker could impersonate the user by logging into the user’s account with the captured authentication credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Unauthorized changes

A

On-path attacks, replay attacks, and session hijacking are often used to gain unauthorized access to a system. With system access, hackers can steal even more confidential information. They can also alter or corrupt data. Cyber criminals often launch destructive malware attacks that compromise data integrity and disrupt communication networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Denial of service (DOS)

A

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Power outage

A

We all know that without electricity, computer systems won’t work. A bigger concern is that when a computer system loses power abruptly, it can corrupt and lose data.

This is why critical systems such as database servers and web servers should be equipped with an uninterruptible power supply (UPS). These systems provide a temporary power source during an outage that gives the system enough time to shut down cleanly without data loss or corruption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Hardware failure

A

Hardware failures can occur for many reasons, such as power surges, power spikes, overheating, and dust accumulation. While some of these causes can be prevented, computer components such as hard disks will eventually fail.

To maintain access to data on critical systems, most businesses maintain redundant copies of data on separate disks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Data destruction

A

System administrators are often responsible for the disposal and destruction of sensitive data stored on old hard disks. This is particularly important when storage devices leave an organization.

However, data destruction can also occur for malicious or accidental reasons. Natural disasters, acts of terrorism, and accidental coffee spills can all harm computer components and destroy data. To prepare for these events, businesses should store regular backups of data in different locations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Service outage

A

As businesses rely more and more on cloud hosting solutions for their products and services, their productivity depends on the reliability and quality of their internet connection. However, even if the internet is up and running, employees may not be able to access their files when the cloud service is down.

Google, Amazon, Microsoft, and other cloud hosting businesses work hard to avoid any downtime, but there will always be short periods of hardware or software failure. For this reason, businesses should keep offline copies of any critically important files or applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Marketing metadata

A

Metadata (information about information) can include where and when you use the service, the language you use, the sites you access, keywords from your posts and messages, the kind of device you’re using, etc. These companies analyse the data and use it for marketing and advertising. They can also sell their metadata to other companies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

brute force attack

A

A brute force attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys. It is a simple yet reliable tactic for gaining unauthorized access to individual accounts and organizations’ systems and networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

dictionary attack

A

A dictionary attack uses a preselected library of words and phrases to guess possible passwords. It operates under the assumption that users tend to pull from a basic list of passwords, such as “password,” “123abc” and “123456.”

20
Q

Traffic-interruption attack

A

A traffic-interruption attack uses software to interrupt network traffic and intercept passwords as they’re passed between computers. This is easier to steal if the information isn’t encrypted.

21
Q

keylogger attack

A

During a keylogger attack, a hacker manages to install software on another person’s computer to record that person’s keystrokes. The next time someone enters their password, the hacker will have a record of which keys they pressed.

22
Q

UPS

A

An uninterruptible power supply or uninterruptible power source is a type of continual power system that provides automated backup electric power to a load when the input power source or mains power fails.

23
Q

Authentication

A

You are who you say you are

Authentication is a term that refers to the process of proving that some fact or some document is genuine. In computer science, this term is typically associated with proving a user’s identity.

There are three authentication factors that can be used: something you know, something you have, and something you are. Something you know would be a password, a PIN, or some other personal information.

24
Q

SSO (Single Sign On)

A

Single sign-on is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. True single sign-on allows the user to log in once and access services without re-entering authentication factors.

24
Q

Type 1 authentication

A

Something you know:
Password
Pin
Passphrase

24
Q

Type 2 authentication

A

Something you have:
Keys
Hardware tokens, FOB, electric chip, smart cards.
Software tokens
OTP (One time password) - Sends an email/text with code.

24
Q

Type 3 authentication

A

Something you are:
Biometrics - Finger print, face ID

25
Q

Multifactor authentication

A

This means you must authenticate yourself two or more times to gain access to a system. A common example is to require a type 1 password and a type 2 smart card.

26
Q

Authorisation

A

Authorisation or authorisation is the function of specifying access rights/privileges to resources, which is related to general information security and computer security, and to access control in particular. More formally, “to authorize” is to define an access policy.

27
Q

Role-based access control (RBAC)

A

Role-based access control (RBAC) is a method of restricting access based on the roles of individual users within an enterprise. Organizations use RBAC – also called role-based security – to parse levels of access based on an employee’s roles and responsibilities.

28
Q

Mandatory access control (MAC)

A

Uses security clearance levels to specify the users who can access designated resources. It is also a rule-based control system. Mandatory access control is often used by governments and militaries. In this model:

Each resource in a system is given a numeric clearance level, as is each user.

The more sensitive the data, the higher its level.
To access a given resource on the system, a user must have a clearance level equal to or higher than the level of the resource.

Mandatory access control is an example of least privilege. Each user is given only the permissions required for assigned tasks.

29
Q

Discretionary access control (DAC)

A

Discretionary access control (DAC) is a type of security access control that grants or restricts object access via an access policy determined by an object’s owner group and/or subjects.

Is the only person with full access rights to the resource.
Can modify the ACL to allow others to view, edit, or copy.
Can also transfer ownership to another user.

(ACL = Access control List)

30
Q

Logging

A

At its core, accounting is simply the logging of events. To understand this, you must understand two terms: events and logging. An event can be just about anything that happens on a computer. A user signing in or signing out; accessing or modifying a file; and visiting a website are all commonly used as accounting events.

Logging is keeping a detailed list of each event. For example, whenever a user signs into a computer, the log will record the user’s name, the computer the user accessed, the date and time of the login, and how long the user stayed signed in. Another example is the log of websites visited by the user in the web browser’s history ta

30
Q

Accounting

A

Accounting means keeping track of who does what on a computer or network. If something goes wrong, it’s important to find out who was signed in, what files they accessed, and how they used their permissions.

30
Q

Encryption

A

Encryption is used to protect data from being stolen, changed, or compromised and works by scrambling data into a secret code that can only be unlocked with a unique digital key.

31
Q

Non-repudiation

A

Nonrepudiation ensures that no party can deny that it sent or received a message via encryption and/or digital signatures or approved some information. It also cannot deny the authenticity of its signature on a document.

31
Q

Data in transit

A

Data in transit, also known as data in motion, is data that is being transferred between locations over a private network or the Internet. The data is vulnerable while it is being transmitted. Data can be intercepted and compromised as it travels across the network where it is out of a user’s direct control.

31
Q

Data at rest

A

Data at rest is data that is not actively moving from device to device or network to network such as data stored on a hard drive, laptop, flash drive, or archived/stored in some other way.

32
Q

Email encryption

A

Email encryption is an authentication process that prevents messages from being read by an unintended or unauthorized individual. It scrambles the original sent message and converts it into an unreadable or undecipherable format.

33
Q

S/MIME (Secure/Multipurpose Internet Mail Extensions)

A

S/MIME (Secure/Multipurpose Internet Mail Extensions) is a protocol used to encrypt emails. It allows the sender to digitally sign and encrypt emails.

34
Q

HTTPS

A

Hypertext Transfer Protocol Secure is an extension of the Hypertext Transfer Protocol. It uses encryption for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security or, formerly, Secure Sockets Layer.

Information is transferred on the World Wide Web using the HTTP protocol. However, HTTP transfers data as plain text with no encryption. To add encryption, websites use a protocol called SSL. When combined, HTTP and SSL make HTTPS, which both transmits and encrypts data.

35
Q

Asymmetric Encryption

A

Asymmetric encryption, also known as public key encryption, uses a public key-private key pairing: data encrypted with the public key can only be decrypted with the private key. TLS (or SSL), the protocol that makes HTTPS possible, relies partially on asymmetric encryption.

36
Q

Symmetric Encryption

A

Symmetric encryption uses one key to encrypt and decrypt. If you encrypt a zip file, and then decrypt with the same key, you are using symmetric encryption. Symmetric encryption is also called “secret key” encryption, as the key must be kept secret from third parties.

37
Q

Certificates

A

A security certificate is a small data file used to confirm the authenticity, identity, and reliability of a website or web application. The file contains verified information about the company and the domain.

38
Q

SSL

A

SSL stands for Secure Sockets Layer, a security protocol that creates an encrypted link between a web server and a web browser. Companies and organizations need to add SSL certificates to their websites to secure online transactions and keep customer information private and secure.