ppe pt2 (nov) Flashcards

Question

Define firewall.

Answer 1

A network security system which inspects incoming and outgoing data traffic and uses a set of rules to decide which data to allow through from one side to the other.

Answer 2

- A piece of knowledge, e.g. ID, password or pin - A physical object, e.g. an identity pass - A physical attribute, e.g. a fingerprint or voice

Answer 3

- Username and password - Algorithms and code - multifactor authentication

Answer 4

- Read (users can view the content of a file, but not alter it) - Write (users can read and amend the content of a file) - Execute (users can execute the file) - Delete (users can delete a file)

Answer 5

- A rule which stops certain protocols from being used to prevent the organisation's data from being potentially copied to an external sever - Block data coming/going to/from certain network addresses - Stop attempts at hacking the internal network's servers by disallowing data that watches the pattern an attacker would use

Answer 6

- Downloading viruses while browsing online - Emailing sensitive data to themselves or to someone else outside the organisation - Visiting harmful or time-wasting websites - Downloading files from file sharing sites

Answer 7

A smartphone, tablet, embedded system, e.g.

Answer 8

Any form of discarded electronic equipment, including digital devices.

Answer 9

A very rare, naturally occurring, metallic elements of high economic value.

Answer 10

Present in every piece of computing technology, it's a substance (solid, element or compound) used to make computer chips. It can conduct electricity under some conditions but not others, making it a good medium for the control of an electrical current.

Answer 11

The period of time between the purchase of assets (e.g. digital devices) and their replacement with equivalent assets.

Answer 12

The amount of CO₂ an individual or organisation produces as a result of the energy they consume.

Answer 13

The storing of software and data on a remote server accessed through the internet (e.g. microsoft office 365)

Answer 14

- E-waste can include hazardous materials that can include toxic substances. They will leak out into the ground, contaminating water supplies, infiltrating the food chain and polluting the air. - Large amounts of e-waste are shipped overseas to developing countries, where it's dumped into landfill sites or dismantled to extract the minerals.

Answer 15

The Waste Electrical and Electronic Equipment regulation's main aim is to set targets for the collection, recycling and recovery of computing technology and other electronic devices. They apply to businesses, but not individual.

Answer 16

The EU Restriction of Hazardous Substances directive was brought into the UK law in 2013, restricting the use of all 6 toxic materials typically used in manufacturing to force manufacturers of computing tech to replace them with safe materials.

Answer 17

Cloud computing and storage of vast amounts of data on remote servers has led to the building of data centres around the world. These store all images, tweets and selfies generated by social networking.

Answer 18

- Using hot-aisle/cold-aisle configuration to increase cooling system efficiency; using blanking panels to minimise recirculation of hot air and sealing the floor to prevent cooling losses - Investing in research to develop a new, less energy hungry alternative to silicon-based data storage. - Ration internet usage - possibly by imposing a tax on uploading data - and/or educate users so that they behave in a more environmentally responsible fashion

Answer 19

- The production of digital devices has many environmental issues associated with it. The extraction of raw materials from the ground, which are used in the production of digital devices, can lead to intense damage to the local environment, including scarring of the landscape and contamination of ground soil and water supplies. - Once the raw materials have been extracted, the shipping of the materials also has an environmental impact. The transportation to manufacturers uses fossil fuels, such as oil and coal. This contributes further to global warming.

Answer 20

The RoHS directive became UK law in 2013. Tougher recycling targets are set by governments to collect more reusable materials from computing technology when they are disposed of. Recycling sites are being upgraded to take a wide range of materials, including appliances and smaller digital devices.

Answer 21

- It results in an increase in demand, production and disposal over a shorter period of time. - An increase in manufacture leads to more extraction of raw materials, transportation of goods and energy usage in factories. - These increases, lead to further burning of fossil fuels that contribute to global warming. Once a device is finished with, it's likely to end up at a landfill, contributing to increasing amounts of e-waste already in the world.

Answer 22

- The development of a device requires raw materials to be extracted from the ground, including sand, oil and metals of various types (including precious metals like gold, silver and copper). - This extraction can scar the landscape of the area and contaminate soil and local water supplies. - Transportation of raw materials and manufacturing of devices contribute to CO₂ emissions through the burning of fossil fuels. - Further transportation needed to distribute devices to supplies and consumers. - At the end of a device's life, it's often disposed of in landfill if not recycled or reused, shortening the length of the replacement cycle.

Answer 23

Any information relating to an identified or identifiable living person, including name, age, gender and location.

Answer 24

The stealing of another person's personal details, such as their bank account details or passport number. It's usually done to commit identity fraud.

Answer 25

The General Data Protection Regulation containing 99 articles setting out the rights of individuals and the obligations of organisations who collect, process and store data.

Answer 26

A person who has their data is being collected and processed.

Answer 27

A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data.

Answer 28

Ethics is about good practice and behaving in a morally correct way.

Answer 29

- The data must be processed in a fair, lawful and transparent manner. - The data should be accurate and up-to-date. - The data must not be kept longer than necessary. - The data subjects must give their consent - they must be asked to 'opt-in' or 'opt-out'

Answer 30

- They must be informed about the collection and use of this data - They have the right to have their data erased - They have the right to restrict or stop the processing of their data - They have the right of data portability, meaning they can move, copy or transfer the data

Answer 31

- Unauthorised access to computer material; using a computer to attempt ot access a program or data to which you know you are not authorised. The attempt itself is an offence, successful or not. - Unauthorised access with intent to commit further offences; to attempt to access a computer system with the intention of committing a further offence. - Intentional and unauthorised destruction of software or data; to gain unauthorised access to a computer with the intention to change the data or impair the running of the computer.

Answer 32

The design, construction, operation and use of robots.

Answer 33

Artificial intelligence. They're machines and their programs that solve problems commonly associated with human intelligence, e.g. learning, problem-solving and pattern recognition.

Answer 34

Lethal Autonomous Weapons. They can search for and engage targets on their own, making their own decisions with direct human control.

Answer 35

- Machine learning is the branch of AI that allows them to learn independently. It's used by music and video streaming services to make recommendations.

Answer 36

Surveillance cameras can use face recognition to identify individuals. There's an ethical concern in this, as personal data is being collected without express permission of those being captured.

Answer 37

- The act expects organisations to allow users to say no to their data being used. - The organisation must be specific about what data processing activities are being carried out. - In addition, the user must know the identity of the organisation and have the option to withdraw consent any time.

Answer 38

Bias in computer systems that create unfair outcomes, e.g. in sleecting candidates for a job using AI that has preprogrammed bias by the devlopers or the data.

Answer 39

Through pre-existing bias in data or by the programmers themselves.

Answer 40

Antimalware, encryption, acceptable use policies and backup and recovery policies/procedures.

Answer 41

Signatures are known malware definitions (set of unique data or bits of code) allowing it to be identified.

Answer 42

Heuristics identifies malware by behaviour and characterisation instead of comparing against a known list of malware. It's a set of rules used to detect malicious behaviour without having to uniquely identify the program responsible or it.

Answer 43

- A program which tries to copy itself into other programs - A program which tries to write directly on the disk - A program which decrypts itself when run (malware often does this to hide itself from the signatures known).

Answer 44

It scrambles any data into an unreadable form to anyone who doesn't have the key to turn it back it unto its unscrambled form. This is useful for when we send sensitive information, so it can't be understood. There are 2 types; asymmetric and symmetric.

Answer 45

Asymmetric encryption encrypts and decrypts data using 2 different keys; a public key and a private key. Every user has both. A message encrypted with a specific public key can only be decrypted by the corresponding private key.

Answer 46

Algorithms encrypt and decrypt a message using the same key. Both ends of the transmission must know the exact same shared key.

Answer 47

- New malware may've been created and distributed - This means the out-of-date anti-malware won't have the signature of the new malware in its database. - Therefore, the infection goes unidentified and the antimalware fails to protect the computer.

Answer 48

The readable content before it's encrypted or once it has been decrypted. Cipher text is encrypted plain text.

Answer 49

- Rules that ensure all laws are complied with. - Rules that ensure malicious software isn't installed. - Rules that ensure files aren't downloaded from the internet.

Answer 50

A set of conditions or rules that a network user must agree to comply with before they're allowed to use the network.

Answer 51

A policy which ensures the copying of programs and data stored on the network to safeguard them in case of natural or man-made disasters.

Answer 52

- Who's responsible for the backup process - When the backup is to be made - Where the backups will be kept - How long the backups will be kept

Answer 53

A set of procedures that the organisation will follow to restore normal system operations if there's a natural disaster or a man-made one.

Answer 54

- How often it should be tested - A statement of where all the data backups are kept - A description of where all data backups are kept - A description of which data should be restores and in which order it should be restored in.

Answer 55

- Using a database of malware definitions (using signatures) - Heuristics (define heuristics _{(Identifies malware by behaviours and characteristics, instead of comparing against a list of known malware)})

Answer 56

They correct errors in the program or vulnerabilities in the security of the software application.

Answer 57

A signature file is used to identify known malware. Periodically, the program will check online to see if there is a signature file newer than the one currently installed on a machine. If there is a new file, then it'll be downloaded and updated.

Answer 58

- The device may contain malware of some kind that could be transmitted to the network. - If the device does contain malware of some kind, it'd jeopardise the security of the network, potentially harming other users and the network itself.

Answer 59

A malware that doesn't need a user to distribute it.

Answer 60

The malware that embeds itself into other programs or files.

Answer 61

Malware that must be installed by the user and is hides itself as authentic software.

Answer 62

Attacks which spread via apparently legitimate email communication, but actually extracts sensitive or confidential information from the user.

Answer 63

A self-contained block of code which performs a specific/dedicated task.

Answer 64

- Runtime - Syntax - Logic

Answer 65

- Repairing it - Give away to charity - Keep the software updated

Answer 66

- It prevents someone from selling an invention because it gives the inventor the exclusive right to sell it for 20 years.

Answer 67

- The OS extends main memory by using a part of secondary storage as virtual memory. - The OS also uses a scheduling program to share processing time between competing processes.

Answer 68

Breaking down a problem.

Answer 69

The target item is not on the list or is at the end of the list.

Answer 70

A variable.

Answer 71

Looping every item in a data structure.

Answer 72

The subprograms may be used more than once in a program so that writing, debugging, testing will save time.