Fundamentals Of Cybersecurity Flashcards
What is cybersecurity?
Cybersecurity is a series of processes, practices and technologies that protect networks, computers, software and data from damage, loss and unauthorised access
What is social engineering?
Forms of cyberattack that focus on people, rather than pieces of technology, as the weak point in any system. Different ways to manipulate people
What are the 4 different forms of social engineering?
Blagging, Shouldering, Pharming, Phishing
How does blagging work?
Fabricating a scenario in order to gain unauthorised access to a system. IT Support
How does shouldering work?
Watching over someone’s shoulder as they type in their password
How does pharming work?
Redirecting users to an unsafe website by users own mistake to collect the user’s login credentials
How does phishing work?
Emails lure people to convincing but fake website pages where they transmit login details to an unknown person
What is malware?
Any program that works against the interests of you or your computer
What are examples of malware?
Computer viruses, Trojans, Adware, Spyware
What are other threats to users?
Weak passwords, Misconfigured Access Rights, Removable Media, Unpatched Software
What are methods used to detect and prevent cyberattacks?
Biometric measures, password systems, CAPTCHA, Email Confirmation, Automatic Software Updates, Penetration Testing
What are computer viruses?
Self-replicating pieces of code that can damage data or software. They are often spread via attachments
What are Trojans?
Trojans are legitimate programs developed with the intention of hiding malicious code within
What is adware?
Adware are downloads of unwanted Internet adverts often observing online behaviour to target specific adverts
What is spyware?
Spyware obtains sensitive data and transmits the data to a hacker across the Internet
How are weak passwords a threat?
Passwords that are easy to guess and default passwords can leave data vulnerable.
What are the threats of misconfigured access rights?
Access rights are rules that tell a computer system which user should have access to which files and other resources. If the rights are not set properly, incorrect access may be granted
What are the threats of removable media?
Any storage device that is highly portable can easily be used to steal data or introduce malware onto a system
What are the threats of unpatched software?
When a security risk is identified in a program, the developer will release a patch. If the user does not install the patch, the computer will not be secure
What is the role of biometric measures?
Using some part of a person’s biology to access a system instead of a password
What are the role of password systems?
Automated procedures that ensure that sound password policies are followed. Users that do not adhere to policies are not let into the system
What is the role of CAPTCHA?
Blurry text is presented to the reader which is human readable but difficult for a computer. This technology is used to ensure that a human is using the system
What is the role of email confirmation?
Often when a password is changed, a user must verify this change by clicking a link sent to a registered email. This prevents third parties from changing passwords
What is the role of automatic software updates?
When a new version of software is released, a computer can be configured to automatically download it so as to have updated security measures
What is the role of penetration testing?
Someone tries to hack into a system working under the employer to identify weaknesses so that they can be resolved