Learning Aim B - Cyber Security

Question 1

Hacking

Answer 1

Unauthorised access to a computer system. Covered by the Computer Misuse Act 1990

Question 2

Why are systems attacked?

Answer 2

• Fun
• Financial Gain
• Industrial Espionage
• Personal Attacks
• Hacktivism (hacking for activism)

Question 3

Types of Hackers

Answer 3

• Black Hat - a hacker with malicious intent
• Grey Hat - a hacker with neither malicious or heroic intent
• White Hat - a hacker with heroic intent to stop other hackers

Question 4

Types of threat to a computer system

Answer 4

• Unauthorised access
• Virus
• Worm
• Botnet / DDoS Attack
• Rootkit
• Trojan
• Ransomware
• Spyware

Question 5

Virus

Answer 5

A computer program or part of a computer program that can make copies of itself and is intended to prevent the computer from working normally

Cambridge Dictionary

Question 6

Worm

Answer 6

Aa harmful computer program that can copy itself and spread across a number of connected computers

Cambridge Dictionary

Question 7

Botnet

Answer 7

A group of computers that are controlled by software containing harmful programs, without their users’ knowledge

Cambridge Dictionary

Question 8

DDoS

Answer 8

Distributed Denial of Service: an occasion when a computer network or website is intentionally prevented from working correctly, by a botnet sending lots of data at once.

Cambridge Dictionary (mod.)

Question 9

Rootkit

Answer 9

A type of malware designed to give hackers access to and control over a target device. Most rootkits affect the software and the operating system.

Kaspersky

Question 10

Trojan

Answer 10

A computer program that has been deliberately designed to destroy information, or allow someone to steal it.

Cambridge Dictionary

Question 11

Ransomware

Answer 11

Software designed by criminals to prevent computer users from getting access to their own computer system or files unless they pay money.

Cambridge Dictionary

Question 12

Spyware

Answer 12

Software that collects information about how someone uses the internet, or personal information such as passwords, without the user knowing about it

Cambridge Dictionary

Question 13

Social Engineering

`

Answer 13

Manipulating people so that confidential information can be found out.

Question 14

Why does social engineering work?

Answer 14

Most people want to do the right thing, and this is why it works. In a recent study, 60% of unauthorised USB drives were mounted to a computer and used in a controlled environment.

United States Department of Homeland Security

Question 15

Types of Social Engineering

Answer 15

• Phishing - Where an individual poses as a legitimate company to steal sensitive information
• Pharming - Where a user is redirected from a legitimate site to another
• Shoulder Surfing - Where somebody physically looks at somebody’s computer system to steal sensitive information
• Tailgating - Where a hacker gains unauthorised access to a password-protected system
• Baiting - Where a scammer uses a false promise to steal personal information
• Pretexting - Where an attacker tries to convince a victim into giving up valuable information

Question 16

How to detect Social Engineering

Answer 16

• Are they using correct grammar and spelling?
• Are they addressing you, or a generalised person?
• Are they asking for personal information?
• Are they being urgent?
• Are they asking you to check a link? Check the link before you click it and compare it to internet searches.

Question 17

Man in the Middle Attack

Answer 17

Where a hacker intercepts a message between two users without their knowledge.

Question 18

Internal Threats

Answer 18

A threat carried out by a trusted individual in an organisation. These are usually accidental and not malicious, but there is a minority who do this on purpose.`

Question 19

Why do Internal Threats happen?

Answer 19

• Carelessness
• Not following organisation’s procedures
• Not understanding risks of the user’s actions.

Question 20

Drive-by Downloads

Answer 20

By only visiting the website, the device can be infected (often with a worm).

Question 21

Malware in Adverts

Answer 21

Malware can be embedded into advert iframes and on a legitimate website and be downloaded onto the computer

Question 22

Search Engine Poisoning

Answer 22

Where websites abuse SEO tools and pack the website with trending and viral keywords to drive traffic to the site.

Question 23

P2P Sharing Sites

Answer 23

Peer-to-Peer sites often have trojans in them, so are downloaded when sharing/downloading files on a P2P site.

Question 24

Impacts of an Internal Threat

Answer 24

• Data and financial loss
• Damage to reputation
• Reduction in productivity and downtime
• Legal Action (Data Protection Act)

Question 25

Firewall

Answer 25

A physical device/piece of software that stops a cyber security threat from moving from one network/device to another.

Question 26

Hardware Firewall

Answer 26

• Protect an entire network
• Are complicated to setup
• Often offer more security than software firewalls
• Are hard to bypass

Question 27

Software Firewall

Answer 27

• Protects a single device
• Are easy to setup
• Offer less security than hardware firewalls
• Easier to buypass

Question 28

Device Hardening Policy

Answer 28

Steps that are required to be carried out in an organisation in order to reduce threats to a computer system

Question 29

Types of Device Hardening

Answer 29

• Using a password manager
• Keeping software and OSes up to date
• Removing unused software
• Removing unused accounts

Question 30

Symmetric Encryption

Answer 30

More vulnerable than asymmetric encryption.

Question 31

Asymmetric Encryption

Answer 31

Where the device and the host have a pair of keys which have to match. These are not symmetrical so are hard to guess.

Question 32

Types of policy

Answer 32

• Password Policy - define how long, complex and how long a password can be used for is.
• Acceptable Use Policy - how you are expected to use a computer and the sanctions if you do something prohibited.
• Device Hardening Policy - what software you should use and how to keep the computer system safe.
• Backup Policy - how regularly devices are backed up, how and where.
• Disaster Recovery Policy - Who is responsible for doing what to restore an organisations infrastructure when a cyber attack or physical damage to a computer system occurs