errors threats and security Flashcards
what is GIGO?
it stands for “garbage in, Garbage out” and means that if invalid data is entered the resulting output will also be invalid.
describe a rounding error.
when numbers are rounded accuracy is lost on the decimal places after which the rounding took place.
describe a truncating error.
Truncating a real number to an integer loses all decimal values.
describe a fixed number of bits error.
the number of bits available determines the highest and lowerts numbers that can be contained. If a number is outside of that range it cannot e stored
describe overflow error
calculations that result in answers that exceed the maximum value for a data type will still be performed but the answer will be incorrect
how is data sent
in packages from one point to another either using cabled or wireless transmission data doesnt reach its destination
what happens if the data does not reach the destination intact.
there is a high possibility of data corruption
how do you check for succesful data transmission
atmospheric conditions: if cable heats up too much it could lead to damage to the cable and make it unable to carry data. moisture could also damage a cable
Distance limits:
Cables can only carry signals over a limited distance after which attenuation occurs and the signal doesn’t reach its destination
interference-causing devices:
interference can be cause by seemingly harmless things like motors and fluorescent lighting
what are programming errors
errors caused by programmers and these are referred to as “bugs”
what are solutions for errors?
verification and
Validation
what is data verification
a systematic process for evaluating performance and compliance of a set of data when compared to a set of standards to ascertain its completeness, correctness and consistency using the methods and criteria defined in the project documentation.
what is validation ?
data validation is the extensive number of checks applied to data
how does data validation work?
when writing programs a programmer must include validation code using simple conditions and exception handlers to reject incorrect data
what are the step for data validation ?
Presence:the data must exist
Range: the data has a lower and upper bound.
Uniqueness: No duplicates exist for the data
Length :the data must be of a specified length
type:
the data must be of an appropriate type
Format: the data requires an entry in a specific format
Logical : the data is consistent with the scenario
Check digit: a digit with the data must be a certain value
Check sum :verifies the integrity of a file or data transfer
Data Transmission between nodes during network communication: ensures accurate data transmission between nodes during network communication.
what are the techniques for input ?
keyboard input barcode scanner QR codes GUI components RFID(radio frequency identification biometric input optical character Recognition(OCR)
describe key input.
least favourable. Many validation issues are prevalent. inputs using this method should be limited to text that doesn’t need to be validated the more input the more difficult it is to validate.
describe barcode Scanner.
Data can be encoded in a bar code and read by a scanning device the barcode needs to be interpreted as meaningful data.
describe a QR code
it is a two-dimensional version version of the one-dimensional barcode
what does QR stand for?
Quick Response
what advantages do QR codes have over barcodes
QR codes can be scanned like taking a photo on a smart device
QR codes can be pointers to barcordes in a database like barcodes but can also point URLs and navigate to sites or documents
what can GUI do ?
GUI offers components where the user can select options using menus, drop-down boxes , radio buttons and/or check boxes
how does RFID work
it makes use of radio signals to transfer data from a tag attached to an object
how do tags work if they are needed over large distances
the use an embedded power source and emit radio waves
what are RFID tags used for
vehicles and other industrial items
warehouse products
Livestock and pets
define a biometric input device
it is a security identification authentification device which uses automated methods of verifying or recognising the identity of a person based on a physiological of behvaioural charactersitic.including fingerprints, facial images iris and voice recognition
explain OCR
Optical Chracter REcognition is the mechanical or electronic conversion of images of typed, handwritten or printed text into machine-encoded text .
what is OCR commonly used for
the digitising of printed texts so that they can be eletronically edited sreach stored more compactly.
what are the types of database management system integrity
accuracy correctness currency completeness relevance
what is accuracy
the degree to which the stored value measures against the true value
what is correctness
data is correct if it conforms to an approved or conventional standard or agreeing with fact, logic , or known truth
what is currency
data is current if it is up- to-date or not oudated
what is completeness
data is complete if all required data is known.while some fields can be left out other are essential
what is relevance
data is relevant to a a situation or problem scenario and can contribute to providing meaningful informatinon about the situation/ problem
why is SQL so easy to use maliciously?
SQl is a very helpful query tool and can be used with malicious intent to gain access to confidential data and even corrupt or destroy entire tables
where do hardware failures cause the most problems globally?
in storage and power
what happens during a power failure
power failure is not the cause of damage it’s the state of components at the time that causes probelms
what damage can occur during power failure?
data damage can occur
after the power comes on a surge can occur
how are surges prevented?
a surge is usually stopped by an electrical circuit breakker outside of the computer surge protectors or hardware safety measures inside of modern Power Supply Units (PSU)
what is malware
malware is when an unauthorised source gains access to your software
explain phishing and spoofing
phishing is usually a convincing email that is sent to a user requiesting the user to click on a link that will take the user to a fake or spoofed website which wil request the user to enther their banking or credt card details giving the crimicnals access to their online bankn accounts
what is website spoofing
the act of creating a website with the intention of misleading readers that the wevsite has been created by a diffirent person or organisation
what phishing commonly used for
identity theft
how does a virus work
it attaches itself to a program or file that is then spread from one computer to another leaving a copy of itself as it travels
what is a trojan horse
a seemingly harmless program that when activated causes harm to a computer system and design to be valid and useful software but will do damage once inistalled and run on a computer
what is spyware
it software that “spies” on a computer and can capture information like web browsing habits e-mail messages usernames and password and credit card information if left uchecked it can transmit data to antoher person’s computer over the internet it can be installed when opening an e-mail attachment
what is pharming
it is an attack intended to redirect a website’s traffic to another site and is conducted by changing the host’s file on a victim’s computer or by expolitation of a vulnerability in DNS server software
what does ransomware do
prevents or limits the user from accessing their computer system until they have paid ransom through an online payment system
what does a denial of service attack do
attempts to make a server or netowrk resource unavailable to its users and visitors
how does a denial of service attack work
it uses one computer and one Internet connection to send massive requests to a server at a time interrupting or suspending a host service connected to the Internet temporarily or indefinitely
what happens if a host server suffers a DOS attack
all the websites hosted on this server will be inaccessible
what is a DDoS attack
a Distributed Denial of Service attack and it uses more than one computer distributed worldwide to put a heaby burden on a service
what is the difference between Dos and DDos
the attackers use only on computer and one Internet connection when launching Dos while attackers use a widely distrbuted network of computer and many Internet connections in a DDoS attack
what are Open Ports
all communication that happends over the internet is exchange via ports every IP address can have up to 65,535 ports inluding TCP and UDP services that connect to the internet use specific ports to recieve informatnion and these ports need to be open in order to functino
what is a botnet
several internet computers that have been set up to forward transmssions to other computers on the Internet without the knowledge of their owners
what are WIFI vulnerabilities
open networks don’t use encryption and therefore make all data traffic visible to a malicious actor who wants to see any online communication of the people physcally nearby unless the app or site being used enforces encryption
what is a data leak
it involves the unauthorised or unintentional transfer of sensitive informatnion from a mobile device to an Internet service
what is RAID
Redundant Array of Inexpensive Disks uses two or more hard disks so that if one hard drive fails the other hard drives on the server will contain a copy of the data providing reliable hard drive storage It protection against hard drive failure
explan Raid level 1
it uses mirroring in which all data is stored on two hard disks simultaneously but data is only accessed from one main hard disk with the second kept as a backup
what is RAID level 5
it uses disk striping with parity which requires a minimum of three hard disks data is written in “stripes” across the three hard drives with no one disk having the same data
what is the parity
it is usually an extra bute added to every 8 bytes of data for error correction
what does parity do
ig one disk fails the parity data is used to reconstruct the disk that failed
what is backup
a copy of the data placed into a secure space int the cloud or external hard drive
what what is it called when data is coped each time a backup is run
full backup
what is a differential backup
it creates an initial full back up and threreafter only backs up the new or chnged files reducing the size of subsequent backups by doing a comparison of the original files and the last full backup
what are the advantages of onsite backup
quick Access to Data
low cost
easy to install
what are the disadvantages of onsite backup
security
and damage
what are the advantages of remote backup?
multiple Copies of data
security
capacity
what are the disadvantages of remote backup
cost
speed depends on internet connectivity
what is UPS or Uninterruptible power supply
privdes emergency power to electrical equipment when normal power source fails
what does UPS provide
immediate protection against power failures, data loss, hardware damage and failure to shtu down properly
what is redundant power supplies
single pieve of computer equipment that operates using 2 or more physical power supplies
what are the advantages of biometrics over passwords
uses unigue data
convenient to use
supports multifactor authentication
what does authentication does
porcess of validatings usernames+passwords submitted
what does user-level security do
protects shared network resources by using security provider to authenticate requests to access resources
what does a domain controller d
grants access after verifying username and password
what is share-level security
it protects shared network resources with individually assigned passwords.
what does active directory users and computer mean
manage users groups and computers
what is encryption
process that uses algotithm to transform data stored in database to cipher text to be incomprehensible until decrypted
what is asymmetrical encryption
public and privaet key encryption two non-indetical crytographic key that encrypt and decrypt message
what is a public key
available to everyone and
what is private key
confindential to respective owner
what does encryption achieve
confidentiality and creates digital signature
what is symmetrical encryption
both keys are the same
what is a digital signature
when you click “sign “ in email application or select file to be signed
what is key length
number of bits in key
what is brute force attack
to guess key speed of device running through combinations increase because length of key must increase
what is temporal key integrity protocal (TKIP)
encryption protocol fo wireless LANs each data packet is encrypted using 48-bit serial number incremetned for each instead of using 1 pre-shared key for all packets
what is a firewall
set of related hardware and software protects resources of private network from users on other networks works with router program to examine network packets to forward to destination and works with proxy server to make network requests on behalf of workstation users
what is port filtering
firewall monitors pots of network protocol packets that pass through firewall blocks packets heading to certain prt/packets based on certain content prevent users from using ports that provide holes for hacker to get inside network
what are Audit trails
show who accessed computer what operations performed maintain security a recover lost ransactions
what does anti-malware do
focuses on newer malware and upgrades rules quickly to provide protection when using internet
what is anti virus
prevents,detects and remoes malware infections in computers server or networks
what is a virus signature
fingerprint of virus ser of unique data/bits of code that detects quarantines and removes virus
what is anti-spam
program that detects and blocks unwated email from getting into user’s inbox
what is spam
irrelevant message sent over internet to many users for advertising phishing or spreading malware
what does outdated hardware do to your device
compromises system security
why is important to upgrade software
more cst and time effective to upgrade software
