Internet And Cybersecurity Flashcards
What are some threat to personal data?
Lost or damaged during a system crash -especially one affecting the hard disk.
Corrupted as a result of faulty disks or power failures.
Lost by accidentally deleting or overwriting files
Destroyed by natural disasters, acts of terrorism or war.
Lost or corrupted by computer viruses.
Hacked into by unauthorised users and deleted or altered.
Deleted or altered by employees wishing to make money or take revenge on their employer.
Stolen due to theft of components or thrown away components
What are some dangers that are inherent in using networks?
Hacking-just being connected to a network opens the data to the possibility of hacking.
Viruses- these may be sent via the internet, email, or as part of a hack.
Denial of service attack-prevents users from accessing the parts of a network that they can normally access, which can prevent business from operating at all.
Interception- if traffic can be intercepted then there is a possibility of accessing financial and personal data
What could happen if data is breached?
Cost the organisation money through lost business, payments to recover the data or payment of ransom demands.
Make customers lose trust in the business if they fail to keep their personal details safe.
Allow competitors to win business by gaining access to confidential client information.
What can a network do to ask a user who they are?
Using suitable user ID and passwords.
Using a PIN.
Drawing a pattern on a smartphone.
Using face and voice recognition.
Sending an email confirmation to ensure they are the correct person when making an online order.
What is a worm?
Like a virus but replicates itself before spreading to other programs and/or computers.
What is malware?
Term that covers any software attempt to disrupt computer systems.
Software that is designed to cause harm or damage to a computer. This includes viruses that might damage files, adware that causes pop-ups, and spyware that collects and shares login details.
What is social engineering?
Where users are manipulated by cyber criminals into giving access to the network. This might be done with or without their knowledge.
What is phishing?
In the most common form of phishing, a hacker pretends to be somebody in order to trick the user into disclosing sensitive data such as their user ID and password.
For example, this might be an email pretending to be a genuine message from the user’s bank containing a link to a website that looks like the real bank’s website.
What is shoulder surfing?
A hacker watches a user to record the password or PIN they enter.
This might be by looking over their shoulder at a cashpoint before stealing their bank card and using it to withdraw money.
What is unpatched software?
Occasionally a software manufacturer identifies potential security breaches in their own software and sends out patches to their registered users.
The patches update the software and fix the potential hazards.
A network manager is responsible for keeping up to date with the latest patches.
What are key loggers?
Key loggers are programs that capture user input.
This data is then sent on to people with malicious intent.
What is footprinting?
Footprinting is a technique used for actively gathering information about the different methods of gaining access to the system.
What are some techniques of foot printing?
Looking at employees’ social media to help them understand their habits and passwords.
Looking to see how customers are given access to some areas of the network.
Using the WHOIS database,which contains the contact names and email addresses of the network administrators for nearly all the websites on the internet.
What is penetration testing?
The purpose of penetration testing is to determine how resilient a network is against an attack.
It involves authorised users - sometimes an external party or organisation - probing the network for potential weaknesses and attempting to exploit them.
This is known as ‘ethical hacking’, as it is done with full permission from the organisation.
What are some policies of a network?
Users have a secure, hard-to-guess password that meets specified conditions
Users change their password on a regular basis
Users cannot connect unauthorised equipment, such as USB memory sticks,smartphones and tablets, to the network.
Levels of access allow only authorised users to access sensitive data.
