Revise terms Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

What does the term “Availability of data” mean?

A

This is about making sure that data is available when it is needed. Ideally the data will have a 100% availability at the times when it will be needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does the term “Cyber Security” mean?

A

Cyber security is the processes, practices and technologies which are designed to protect networks, computers, programs and data/information from attack, damage or unauthorised access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does the term “Denial of Service” mean?

A

An attempt to disrupt a network/business/organisation by issuing more requests than a system is able to cope with, it can be performed with malicious intent or as a protest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the difference between cyber- criminals

and cyber terrorists?

A

A cyber criminal is an individual who commits illegal activities using computers and the Internet.

A cyber terrorist is person who uses computers and the Internet to cause deliberate fear and disruption for political reasons.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a hacker?

A

A hacker is a person who gains unauthorised access to a computer system/network, for any reason – good or bad.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a phisher?

A

A phisher is an individual that attempts to acquire personal information, often for malicious reasons, such as fraud, by pretending to be a known and
trusted individual or organisation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a scammer?

A

A scammer is someone who uses existing computer scripts or codes to hack into computer systems. They do not have the expertise to write their own code.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does the term “Encryption” mean?

A

A method that is used to attempt to ensure data security by use of encrypted (secret) code. In order to read the contents of an encrypted message or file, someone must have access to a secret key or password that will enable them to decrypt the message or file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does the term “impacts of a cyber security incident” mean?

A

This is the effect that a cyber-attack could have on an individual or organisation. For a business it could mean that customers lose confidence and stop using that business. For individuals it might mean they lose money, if access is gained to their bank account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Describe the importance of cyber security

A

Cyber security has become an essential part of overall security. It affects individuals, as well as businesses, governments and other organisations. As the use of the internet for communication and data transfer increases, the opportunities for cyber criminals to illegally access data grows. This is why cyber security is so important.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does the term “Integrity of information” mean?

A

This is all about preventing data from being deleted or modified, so that it will be safely stored for as long as needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does the term “Logical protection measures” mean?

A

These are computer based protections that only exist within IT systems. These are things like antivirus applications, firewalls (hardware and software), encryption, strong passwords, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does the term “Physical protection measures” mean?

A

These are things that you can physically see and touch: lockable cupboards, key coded locks on doors, fingerprint readers, fire and flood protection methods etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does the term “Risk” mean?

A

A threat to a computer system/network can result in a risk, for example, if a hacker gains access to a person’s computer, there is a risk that data will
be stolen.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does the term “Vulnerabilities” mean?

A

These are potential weak points in security measures. By knowing what the vulnerabilities of an IT system are, it makes improving cyber security more straightforward.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What can Malware affect?

A

Malware can affect all types of devices, running all types of operating systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Why do people attack IT systems? (List at least 3 reasons)

A
Show off abilities
Thrill/Adrenaline
As a challenge
Bragging
Identify security breaches
Idealism
Financial gain
Intentions of terrorism
Government/Militant orders
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What does the term “Malware” mean?

A

It is malicious software specifically designed to disrupt, damage, or gain unauthorized access to a computer system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

List three different types of malware.

A
Virus
Adware
Rootkit
Spyware
Ransomware
Trojan Horse
Remote access
Worm
Keylogger
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What does the malware term “Virus” mean?

A

A computer virus is a malicious software program loaded onto a user’s computer without the user’s knowledge and performs malicious actions. It can self-replicate, inserting itself onto other programs or files, infecting them in the process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What does the malware term “Rootkit” mean?

A

A set of software tools that enable an unauthorised user to gain control of a computer system without being detected.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What does the malware term “Adware” mean?

A

It is software used by a hacker to gain constant administrator-level access to a computer or network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What does the malware term “Spyware” mean?

A

It is software designed to ‘spy’ on the computer. It can capture information like Web browsing habits, e-mail messages, usernames and passwords, and credit card information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What does the malware term “Ransomware” mean?

A

It is software designed to hold the computer’s data hostage until a ransom fee has been paid. Often introduced to the computer via a worm or trojan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What does the malware term “Trojan Horse” mean?

A

It is a type of malware that is often disguised as legitimate software. For example, a virus that looks like an excel spreadsheet.

26
Q

What does the malware term “Remote Access” mean?

A

A remote access Trojan (RAT) is a malware program that includes a back door for administrative control over the target computer. This is usually downloaded with a requested file (like a game)

27
Q

What does the malware term “Worm” mean?

A

It is a standalone malware computer program that replicates itself in order to spread to other computers

28
Q

What does the malware term “Keylogger” mean?

A

It is a program that records the keystrokes on a computer

29
Q

What does DDOS stand for?

A

Distributed Denial of Service attack

30
Q

What does a DDOS do?

A

It is an electronic attack whereby multiple computers send messages to a server with the intention of overwhelming it by rendering it inaccessible for a time.

31
Q

What is a botnet or zombie network?

A

It is a number of Internet-connected devices (usually infected with a virus) used to attack a website or server through a DDOS

32
Q

What does the term “Social Engineering” mean?

A

It is the art of manipulating people so they give up confidential information.

It is gaining unauthorised access or obtaining confidential information by taking advantage of the trusting human nature of victims

33
Q

What does the term “blagging” mean?

A

It is the act of creating an invented scenario to target a victim into performance actions under the pretence of threat

34
Q

What does the term “shouldering” mean?

A

It is observing people’s private information over their shoulder, for example: at an ATM

35
Q

What does the term “pharming” mean?

A

It is scamming where malicious code is installed on a client and users are misdirected to fraudulent websites without knowledge / consent

36
Q

What does the term “Data Destruction” mean?

A

When data has been deleted without authorisation. Usually as a result of a cyber attack.

37
Q

What types of personal data could be stolen during a phishing attack?

A

Bank Account Details
Date of Birth
Credit / Debit card details

38
Q

What is the purpose of cyber security?

A

1) To protect information and data
2) to keep information and data confidential
3) to maintain the integrity of information and data
4) to maintain the availability of information and data

39
Q

Describe the importance of cyber security.

A

1) the need to protect personal data
2) the need to protect an organisations data
3) the need to stay safe online

40
Q

Who are the targets for cyber security attacks?

A

1) individuals
2) data / information
equipment
organisations

41
Q

What are the types of cyber security incidents?

A

1) data destruction
2) data manipulation
3) data modification
4) data theft

42
Q

Name the different types of attackers in cyber security incidents.

A

1) cyber criminals
2) cyber terrorists
3) hackers
4) phishers
5) scammers

43
Q

What are the motivations behind cyber security attacks?

A

1) financial gain
2) publicity
3) fraud
4) espionage

44
Q

What laws are involved in cyber security?

A

1) The Data Protection Act 1998

2) The Computer Misuse Act 1990

45
Q

What are the cyber security issues related with fraudulent websites?

A

1) Stealing personal data - potentially identity theft
2) introduction of malware to the network
3) potential for future spamming

46
Q

What occurs during identity theft?

A

Identity theft is when a person’s personal details are stolen, and can happen whether that person is alive or dead.
Fraudsters can use your identity details to:

1) open a bank account
2) obtain credit cards, loans and state benefits
3) order goods in your name
4) take over your existing accounts
5) take out a mobile phone contract
6) obtain genuine documents, such as passports and driving licences, in your name.

47
Q

How to protect against identity theft.

A

1) Do not respond to a request from your bank for your entire PIN or password
2) Create strong passwords for use online, and don’t use the same one for every website you log in to.
3) Protect your internet-connected devices with up-to-date security software, and make sure you install all official software updates and security fixes on such devices.
4) Don’t throw out anything containing your name, address or financial details without shredding it.
5) If you move house, ask Royal Mail to redirect your post for at least a year.

48
Q

What are the difference between accidental and intentional cyber security threats? (Describe both)

A
  1. accidental
    a. organisational i.e. downloading files from unauthorised websites
    b. individual i.e. responding to a fake email/clicking on a hyperlink
  2. intentional
    a. organisational i.e. DoS through flooding it with useless traffic
    b. individual i.e. hacking into unsecured wireless internet
49
Q

What vulnerabilities can lead to a cyber security attack?

A

1) Environmental e.g. natural disasters like flooding
2) physical e.g. theft
3) systematic e.g. DoS, malware etc

50
Q

What are the impacts of a cyber security incident?

A

1) Loss - financial, data, reputation and intellectual property
2) Disruption - operational, financial and commercial
3) Safety - individuals, equipment and finances

51
Q

Describe the logical protection measure of access rights and permissions

A

These are the permissions an individual user or a computer application holds to read, write, modify, delete or otherwise access a computer file; change configurations or settings, or add or remove applications.

52
Q

Describe the logical protection measure of anti-virus software

A

It is software that is designed to detect and destroy computer viruses. It only works when it is run regularly and kept up to date.

53
Q

Describe the logical protection measure of authentication.

A

Authentication is the process of determining whether someone or something is, in fact, who or what it declares itself to be

54
Q

Describe the logical protection measure of encryption.

A

It is the process of converting information or data into a code, especially to prevent unauthorised access by using a key.

55
Q

Describe the logical protection measure of firewalls

A

A firewall isolates your computer from the Internet using a “wall of code” that inspects each individual packet of data as it arrives at either side of the firewall — inbound to or outbound from your computer — to determine whether it should be allowed to pass or be blocked.

Firewalls need to be able to perform the following tasks:

Defend resources
Validate access
Manage and control network traffic
Record and report on events
Act as an intermediary
56
Q

Describe the logical protection measure of secure backups of data

A

Data backups that are secure against physical threats (fire, flooding etc) and logical threats (viruses) are essential to ensure that if the primary data has been affected by a cyber security attack, the business can carry on with a limited effect on operations.

57
Q

Describe the logical protection measure of token authentication

A

A web authentication technique that lets users enter their username and password once and receive a uniquely-generated encrypted token in exchange. This token is then used to access protected pages or resources instead of the login credentials for a designated period of time.

58
Q

Describe the logical protection measure of user name and password

A

Username is used to authenticate the user exists and has assigned access rights. The password ensures the correct user is accessing the account.

59
Q

Describe some emerging logical protection measures.

A

1) AI / Machine learning
2) Video Analytics
3) Biometric data

60
Q

Describe the methods for creating a safe password

A

1) Mixture of upper and lower case, numbers and special characters.
2) Enforce regular updates of passwords

61
Q

Describe eight physical protection measures

A

1) Biometric Access devices
2) Locks on doors
3) Device locks
4) RFID security badges
5) CCTV
6) Security guards
7) Disabling USB ports to prevent storage device usage
8) Lock all portable equipment to floors / walls

62
Q

Name three organisational policies or agreements relevant to cyber security.

A

1) Acceptable use policy
2) Clean desk Policy
3) Code of Conduct