cybersecurity

Question 1

define cybersecurity

Answer 1

the process or practices of protecting , systems, networks and programs from digital attacks

Question 2

define network security

Answer 2

Any activity designed to protect the usability and integrity of a network and its data by managing access to the network.

Question 3

what is social engineering

Answer 3

Social engineering is a set of methods used by cybercriminals to deceive individuals into handing over information that they can use for fraudulent purposes.

Question 4

what is blagging

Answer 4

Blagging (also known as pretexting) is an attack where the perpetrator invents a scenario in order to convince the victim to give them data or money.
It often requires the attacker to maintain a conversation with the victim until they are persuaded to give up whatever the attacker asked for.

Question 5

what is phishing ?

Answer 5

Phishing isthe practice of sending fraudulent communications that appear to come from a legitimate and reputable source, usually through email and text messaging. The attacker’s goal is to steal money, gain access to sensitive data and login information, or to install malware on the victim’s device.

Question 6

what is shouldering

Answer 6

Shouldering is observing a person’s private information over their shoulder eg cashpoint machine PIN numbers.

Question 7

what is pharming

Answer 7

Pharming is a cyber attack intended to redirect a website’s traffic to a fake website.

Question 8

what is malware

Answer 8

Malware (malicious software) is software that is designed to gain access to your computer with malicious intent.

Question 9

what is a computer virus

Answer 9

Viruses are a malicious form of self-replicating software.

Once on a computer or network, a virus will replicate itself by maliciously modifying other computer programs and inserting code.

Question 10

what is a trojan

Answer 10

A trojan is a piece of software that appears to perform a useful function (such as a game). However, unbeknown to the user, it also performs malicious actions.

Question 11

what is a worm

Answer 11

Worms replicate themselves, but do not attach themselves to files like viruses.

Instead, worms spread through the network and use the system’s resources.

Most worms cause problems by using up network bandwidth and therefore slowing down the network significantly.

Question 12

what is spyware

Answer 12

Spyware is unwanted software that monitors and gathers information on a person and how they use their computer.

This can include monitoring your internet usage to send you harmless but annoying adverts.

More sinister spyware will include keyloggers that record every keystroke made by a user.

Question 13

what is ransomware

Answer 13

Specifically, ransomware locks a computer, encrypts files, and therefore prevents the user from being able to access the data.

The attacker will demand that a ransom be paid before they decrypt the files and unlock the computer.

Question 14

what is adware

Answer 14

Adware refers to software that has advertisements embedded in the application. It is not always a bad thing and is considered a legitimate alternative that can be offered to consumers who do not wish to pay for software.

Question 15

what is encryption

Answer 15

Encryption is the process of encoding data or a message so that it cannot be understood by anyone other than its intended recipient.

The data or message is encrypted using an encryption algorithm. The opposite of encryption is decryption.

Encrypted data is called cipher text and unencrypted data is plain text

Question 16

what is symetric encryption and asymetric encryption

Answer 16

Symmetric encryption uses just one key to hide and read a message.

Both parties must know the key.

If that key becomes public, all messages can be read.

Asymmetric encryption has a public key and a private key.

The public key can be used to encrypt but CAN’T decrypt the data

Only the private key can decrypt the data

Question 17

what are features of a good password

Answer 17

At least eight characters

Includes upper case characters

Includes lower case characters

Includes special characters

Includes numbers

Three random words combined

Relates to an acronym

Does not include a name, company name, or username

Question 18

what is a data breach

Answer 18

A data breach is a security incident in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, or used by an individual who is not authorised to do so. It is also known as data interception.

Question 19

what is a denial of service attack

Answer 19

This is a cyberattack in which the criminal makes a network resource unavailable to its intended users.

This is done by flooding the targeted machine or website with lots of requests in an attempt to overload the system.

Question 20

what is a brute force attack

Answer 20

This is a form of attack that makes multiple attempts to discover something (such as a password).

Question 21

what is a firewall

Answer 21

A firewall sits between a local network or computer and another network to control the incoming and outgoing network traffic.

The firewall’s rules determine which traffic is and is not allowed through the network.

A firewall blocks unexpected connections coming into the network. Most operating systems include a firewall.

Question 22

what is a network policy

Answer 22

Network policy is a set of digital rules that govern what is and is not authorised on the network.

A firewall will have a set of rules that it follows to help it determine what traffic to authorise.

Question 23

what is anti-malware

Answer 23

Anti-malware is software that scans any file that is able to execute code.

The anti-malware will have a list of definitions of sequences of code that they are aware are malicious.

If the code in your files matches the definitions, the files are quarantined.

Question 24

what is a disaster recover policy

Answer 24

A disaster recovery policy is a plan to recover your network and IT infrastructure following a major incident such as

Natural disaster (earthquake)

Cyberattack

Fire or flood

Terrorism or war

Loss of electricity or electrical surge

Question 25

what is mac adress filtering

Answer 25

MAC address filtering

A device’s media access control (MAC) address is unique, the network manager makes a more secure network by using this address to limit the devices on the network.

Question 26

what is penetration testing

Answer 26

Penetration testing is a type of security testing that is used to test for insecure areas of a system or application.

Penetration testing is the process of attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access.

Question 27

what are biometric checks

Answer 27

term for body measurements and calculations
(fingerprints and retinal scans, facial recognition).

Question 28

what is CAPTCHA

Answer 28

used to determine if a user is a machine or not

Question 29

what is the importance of automatic software updates.

Answer 29

makes sure a product is kept up to date and security flaws are fixed as soon as possible without need for manual intervention

Question 30

what are the types of penetration testing

Answer 30

when the person or team testing the system has knowledge of and possibly basic credentials for the target system, simulating an attack from inside the system (a malicious insider)

when the person or team testing the system has no knowledge of any credentials for the target system, simulating an attack from outside the system (an external attack).

Question 31

what is sql injection

Answer 31

SQL injection occurs when malicious SQL statements are inserted into an entry field for execution.