errors , threats Flashcards

1
Q

arithmetic issues

A

rounding,truncating,overflow,fixed no. of bits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

data transmission errors

A

data doesn’t reach destination intact - data corruption by
atmospheric conditions (cable heat too much,moisture- unable to carry data)
distance limits (attenuation)
interference +causing devices (motors, fluorescent lighting, cables running by electric cables)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

programming errors

A

bugs- can lead to catastrophic failure of system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

data verification

A

systematic process for evaluating performance + compliance of data set when compared to standards in project documentation to ascertain its completeness, correctness + consistency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

RFID

A

radio frequency identification
makes use of radio signals to transfer data from tag attached to an object
tag contain identification data sensed by receiving device

uses electromagnetic fields to automatically identify and track tags attached to objects.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

sql injection + fix

A

gives access to hackers - reveals all data in table

use GUI components to restrict data, remove INSERT, UPDATE, + DELETE rights to any website
validate user input to check for possible sql injections

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

fix hardware failure

A

RAID 1 (mirroring) + RAID 5 (striping) to provide one or more hard drives in case of hard drive failure
if there is complete failure, the backup could be used to recover a prev version of the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

psu

A

power supply unit
converts alternating current to direct current

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

trojan horse

A

seemingly harmless program that when activated causes harm to computer system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

spyware

A

capture info like web browsing, e-mails, usernames + passwords, credit card info
can transmit data to another persons computer over internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

pharming

A

attack intended to redirect websites traffic to another bogus site by changing host file on victims computer or by exploitation of vulnerability in DNS server software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

ransomware

A

prevents user from accessing their computer until ransom is paid

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

DoS attacks

A

denial of services attacks
attempts to make server/network resource unavailable to users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

DDosS attacks

A

distributed denial of service attack that uses more than one computer distributed worldwide to put heavy burden on service
infected w malicious program that makes server go wrong
harder to withstand than DoS attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

open ports

A

can be exploited through code vulnerabilities or malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

botnets

A

aka zombie army
several internet computers set up to forward transmissions (including spam + viruses) to other computers on internet w/o knowledge of owners
computer is infected + controlled by author remotely on net - serve in botnet
zombie created by internet port that has been left open - small trojan program installed for future activation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

wifi vulnerabilities

A

to encrypt wifi- pre Shared key or certificate must be proved by client
open networks don’t use encryption – all data traffic visible to malicious actor, who wants to see any online communication of people nearby. When insecure apps/sites accessed on an unencrypted connection, data becomes a risk of data leak: unauthorised/unintentional transfer of sensitive information from mobile device to Internet service

Captive portal, pages – open guest networks will display captive Portal page, asking for personal information to access Wi-Fi connection. Look like standard web page so people hand over info placing their info at risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

RAID

A

redundant array of inexpensive disks
protection against hard drive failure
- improves performance + provides protection of data
uses 2 or more hard disks so if 1 fails, other will contain copy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

RAID 1

A

protection of data creates
duplicate of other disk-mirroring- won’t improve performance but offers data protection
data stored on 2 hard disks simultaneously- but only accessed from 1 (second is backup)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

RAID 0

A

performance based- no data protection-if one disk crashes , data lost

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

RAID 5

A

RAID 5 is an improved version of RAID 0 and offers both data protection and improved performance .It requires a minimum of 3 disks and utilises parity and striping
In RAID 5, the data is written in stripes across 3 hard drives and utilises an extra 8 bytes of data as parity that will kick in if one disk fails.

Disk striping with RAID provides data redundancy and reliability. Parity data is commonly calculated by using the binary exclusive function stored on a physical drive in the RAID set. If a storage drive in the striped RAID set fails, the data is recoverable from the remaining drives and the parity stripe.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

UPS

A

power supply for proper shut down of the sytem
emergency power supply when power source fails

23
Q

importance of strong passwords

A

Strong passwords are necessary as they reduce the risk of the user’s account being compromised. weaker passwords can be easily guessed and are vulnerable to attacks

24
Q

given the current setup of 2 servers , how would implementing RAID 1 ensure data redundancy
impact on storage capacity?

A

RAID 1 offers better data protection, but reduces the total storage capacity as everything is duplicated.

25
Q

how is RAID 5 beneficial as company expands from 2-5 servers

A

Use RAID 5 since there’s more than 3 servers. RAID 5 offers both improved data protection and improved performance. RAID 5 is unlike RAID 1 in the sense that it only uses the space of one server for redundancy which makes it more efficient.

26
Q

compare read + write performance of RAID 1 and RAID 5

A

The read performance of RAID 1 is high. As the data is mirrored, the operations can be distributed between the 2 drives. RAID 1 has twice the read rate and an equal write rate of single disks. The read performance of RAID 5 is high as the data is striped across all drives and allows for multiple read operations to occur in parallel, leading to faster speeds.i
It has a slow write time as the parity information must be written to the disks alongside the actual data.

27
Q

how can ups systems protect servers during power outage

A

A UPS protects servers during a power outage as it immediately kicks in when the original power source has failed, providing protection from data loss and hardware damage.

28
Q

what can be implemented to protect client data

A

User level security such as access control, backups and data encryption.
login timeout and lockout policies
changing UPS default credentials

29
Q

storage solution combining RAID 1 + RAID 5 that maximises data redundancy and performance

A

combines the mirroring of RAID 1 (speed + performance) with the striping of RAID 5 (inexpensive redundancy + fault tolerance) . data is first mirrored (like RAID 1) and then striped across multiple mirrored pairs (like RAID 5).

30
Q

develop comprehensive security plan that includes UPSs strong passwords and other measures to protect against unauthorised access and data loss

A

restrict the physical access to server rooms to only authorised personal through biometrics and protection of these rooms or controlled measures to ensure constant core temperature.
Establish communication between computers and UPS for your service and storage device. There should be maintenance of UPS system taken in order to ensure system remains up-to-date
Implementation of strong password policies required, implemented a strong and secure password that must be regularly changed, and all the passwords cannot be reused

31
Q

strategy for regular backups and 13 corruption to ensure data, integrity and confidentiality

A

Use httpstransmission protocol.
Data back up with automatic back up scheduled for tonight when system is not in use.
Network security: files, encryption.
use of strong passwords?

32
Q

onsite vs remote backup

A

onsite: quick access to data, low cost, easy installation (hardware) BUT vulnerable to data theft, damage

remote backup
multiples copies of data, security- data encrypted by backup program, unlimited storage capacity BUT costs, speed dependent on internet connection

33
Q

redundant power supply

A

2 power supply units
one power source fails, other immediately kicks
not used concurrently- backup 1 is redundant

34
Q

biometrics superior to passwords

A
  • uses unique data
  • convenient to use
  • supports multi factor authentication
35
Q

authentification

A

validating usernames + passwords inputted by user then allows access to

36
Q

user level security

A

different restrictions based on specific user

37
Q

share-level security

A

protects shared network resources on computer w individually assigned passwords

38
Q

encryption

A

process that uses algorithm to transform data from database into cipher text incomprehensible w/o decrypting

different restrictions based on specific user

39
Q

digital signature

A

vouches for origin and integrity of data

40
Q

key length

A

no. of bits
longer - better security

41
Q

TKIP

A

temporal key integrity protocol.
Encryption protocol included for wireless LANs.
Instead of using one pre - shared key for packages sent on WAN, each data packet encrypted, using 48 bit serial number incremented for each packet

42
Q

TKIP

A

temporal key integrity protocol.
Encryption protocol included for wireless LANs.
Instead of using one preship queue for packages sent on W 18, using 48 bit serial number increment for each packet

43
Q

port filtering

A

firewall monitors ports of network protocol packets that pass through it
allows firewall to block packets based on their content, or block users from using certain points that may provide holes for hackers to get into network

44
Q

audit trails

A

record of who, what and timestamp of change made to computer system

45
Q

fix malware

A

firewall to prevent malware from entering network + block suspicious sites
install anti-malware to detect malware and take appropriate action
keep anti-malware up to date
educate users on network abt social engineering
educate staff abt SPAM, phishing and other sources of malware

46
Q

prevent unauthorised access

A

enforce strong authentication strategies
encrypt sensitive data on network
don’t give admin rights to any user other than network administrators

47
Q

fix open ports

A

use firewall + close any unused ports
do regular port scans to identify any unchecked vulnerabilities on a port
use latest version of software
install anti malware software

48
Q

fix denial of service (DOS) and distributed denial of service (DDOS)

A

monitor traffic to identify counterfeit packets
upgrade security patches on the os

49
Q

fix botnets

A

use latest version of software
protection measures against aDdOS attacks
educate staff about SPAM, phishing + other sources of malware

50
Q

fix wifi vulnerabilities

A

change default wifi network names + passwords
update firmware of wifi enabled devices
consider switching to ethernet
use firewall
use vpn when remotely accessing remote networks
use network monitoring to oversee connected devices + web traffic

51
Q

fix eavesdropping

A

use HTTPS + digital ssl certificates
network segmentation can help prevent eavesdropping by breaking down a larger network into various subnetworks, if any subnetworks are compromised, the others are left untouched because they exist independently of each other

52
Q

broad solutions to problems

A

back up data regularly
install + regularly update antivirus
software
store data on reliable medium
update patches
imstall ssl certificates to stay ahead of threats
upgrade firewalls with access control lists (ACL) , proxy + routers
multi factor authentication

53
Q

human errors

A

inputting incorrect, inaccurate,invalid,wrong data for required input
GIGO- Garbage in, garbage out

54
Q

solutions for errors

A

data verification- systematic process for evaluating performance + compliance of data set when compared to set of standards to ascertain its completeness, correctness and consistency

data validation- extensive number of checks applied to data