Internet Security

Question 1

What is a firewall and what is it used for

Answer 1

A piece of software that sits between 2 networks.

It can prevent certain things from entering and leaving

Question 2

What is static filtering

Answer 2

When a firewall checks packet headers arriving from untrusted networks against a set of rules or packet filters defined by the network administrator

Question 3

What is packet filtering

Answer 3

When the firewall inspects packets to check which port they’re attempting to access

Question 4

What is stateful Inspection/ dynamic filtering

Answer 4

When incoming & outgoing traffic is continuously monitored after a connection is established

Done via looking at contents of packet rather than header

Question 5

What is required of the firewall for stateful inspection to occur

Answer 5

Requires the firewall to maintain a connection table which keeps track of all conversations going on between networks

Question 6

What does a proxy server do

Answer 6

Sits between the client device and firewall.

Provides anonymity to the client keeping their true IP hidden.

Question 7

Additional uses of a proxy server

Answer 7

• keeps a cache of websites, speeds up user access and reduces traffic
• logs all user activity e.g. recording a list of websites user has attempted to visit
• web filtering

Question 8

What is symmetric encryption

Answer 8

uses the same key for encryption & decryption

Question 9

What is asymmetric encryption

Answer 9

• Uses a public and private key. The keys work as a pair.
• one key is used to encrypt message and the other to decrypt.
• used to initiate TLS connections

Question 10

Symmetric Vs Asymmetric encryption

Answer 10

• symmetric is faster as it uses less complex mathematical operations, allows for data to be encrypted and decrypted at suitable speeds
• Asymmetric is slower but allows the sender to be authenticated (more secure)

Question 11

What is key exchange

Answer 11

When the communicating devices have to transfer the key between them so they can pass each other messages

Question 12

What is a digital signature

Answer 12

A form of authentication to guarantee the integrity of the message and authenticate the sender

Question 13

How is a digital signature created and used

Answer 13

• runs a hash function against the unencrypted message to produce a hash total
• encrypts the hash total with their private key, forming the digital signal
• the sender then bundles it with the message and encrypts it with the public key

Question 14

How does the recipient decrypt the message and digital signature

Answer 14

• uses private key to decrypt the bundled digital signature & message
• use the public key to decrypt hash total
• run the hash function on the plaintext to see if it matches the hash total
• if the hashed message and hash total match then it verifies the integrity

Question 15

What can a digital signature also include

Answer 15

A timestamp so that a false signature cannot be recreated at a later date

Question 16

What is a digital certificate

Answer 16

An electronic document that authenticates a message sender or website

• issued by an official certificate authority

Question 17

What does a digital certificate include

Answer 17

• serial number
• expiry date
• holder’s name
• holder’s public key
• ‘signed’ by digital certificate of issuing CA to verify its genuine

Question 18

What is the purpose of a digital certificate

Answer 18

• used to verify the identity of the owner of each public key and obtain the key itself
• used to check if a website is authentic
• used by websites that use HTTPS

Question 19

What can be considered vulnerabilities in a computer system

Answer 19

• Human weakness
• out of date or unpatched software
• poor code quality

Question 20

What is a virus

Answer 20

• Malicious form of self-replicating software
• attaches itself to other programs or files
• makes copies of itself and spread to infect computer systems

Question 21

What can a virus do

Answer 21

May be designed to:
Spam / steal data / infect other devices on network / corrupt files

Question 22

What is a worm

Answer 22

Malicious software that can replicate and distribute itself independently.

Done by using network features or email services to spread

Question 23

What does a worm do

Answer 23

• programmed to damage software
• waste system resources

Question 24

How does a worm waste system resources

Answer 24

Uses up network bandwidth, slows down network significantly

Some cases worms can use all the resources causing a denial-of-service attack

Question 25

What is a trojan

Answer 25

A malicious piece of software that appears to be real to trick the user into executing it

Question 26

What does a trojan do

Answer 26

Performs malicious attacks such as:
Data theft / redirecting search requests / installing more malware / opening a backdoor for remote access

Question 27

What is spyware

Answer 27

Malicious software that installs onto a device without the user’s knowledge

Question 28

What does spyware do

Answer 28

Captures data from the device and sends it back to creator of the software

Question 29

What is ransomware

Answer 29

Malware that locks a computer or encrypts files, preventing a user from accessing their data

Question 30

What is the purpose of ransomware

Answer 30

The attacker demands a fee for the release of the files

Question 31

What is antivirus software

Answer 31

Software used to detect, quarantine or remove malware

Question 32

Methods for antivirus to detect malware

Answer 32

• Comparing your files to a list of of known malware
• monitoring files for suspicious activity

Question 33

What does improving code quality do

Answer 33

Reduces threats from malware

Question 34

Measures against malware

Answer 34

Guarding against buffer overflow attack
Guarding against SQL injection attack
Use of strong passwords
2FA
Use of access rights

Question 35

When does buffer overflow occur

Answer 35

When a program accidentally writes data to a location to small to handle it

Question 36

What is the result of buffer overflow

Answer 36

Malware can cause and manipulate overflowed data which then may be read ad a malicious instruction

Question 37

What is SQL injection

Answer 37

When a malicious user enters SQL commands via the online database to change the processing