Surveillance

Question 1

What does the Information Commissioner Code attempt to balance?

Answer 1

Legit desire of employees for privacy and legit desire of employers to run their business

Question 2

What did data protection act ensure

Answer 2

All information about citizens would only be used for the purposes for which they gave it

Question 3

What does the Communications Act make illegal?

Answer 3

Using other wifi networks without permission

Sending obscene messages

Using tech to cause anxiety / persistence

Question 4

What does the Privacy & Electronic Communications Regulations protect?

Answer 4

A citizen’s right to ‘privacy’

Question 5

What is RIPA concerned with?

Answer 5

Regulating the powers of public bodies to carry out surveillance.

Question 6

What does the IPA try to do?

Answer 6

Prohibit interception of communications without lawful authority

Question 7

Define ‘Cyber-enabled crime’

Answer 7

Traditional crimes conducted online

Question 8

Define ‘Advanced cybercrime’

Answer 8

Attacks against hardware and software

Question 9

Who are today’s attack sources?

Answer 9

Highly complex global networks

Question 10

Cybercrime is four things. What are they?

Answer 10

Fast
Anonymous
Convenient
Transnational

Question 11

Define malware

Answer 11

A program that is covertly inserted into another program

Question 12

What is the intent of malware?

Answer 12

Destroy data
Run intrusive or destructive programs
To compromise confidentiality or integrity of data

Question 13

What is an APT

Answer 13

Advanced Persistent Threats

Question 14

What three things does a Virus have?

Answer 14

Infection mechanism
Trigger
Payload

Question 15

What is a infection mechanism

Answer 15

how virus spreads

Question 16

What are the four phases of virus life?

Answer 16

Dormant phase
Propagation phase
Triggering phase
Execution phase

Question 17

define dormant

Answer 17

virus idle

Question 18

define propagation

Answer 18

virus spreading

Question 19

define trigger

Answer 19

virus activated

Question 20

define payload

Answer 20

virus does its thing

Question 21

how is a virus classified?

Answer 21

by target or concealment strategy

Question 22

Define worm

Answer 22

Program that to infect more machines and acts as launching pad for attacks on other systems

Question 23

4 examples of worm propagation

Answer 23

email
IM
file sharing
through a network

Question 24

what is a muliplatform worm?

Answer 24

worm can attack various OS (windows/linux)

Question 25

what is multi-exploit worm?

Answer 25

worm penetrates in different ways

Question 26

what is ultrafast worm?

Answer 26

attempt to optimise rate of propagation?

Question 27

what is polymorphic worm?

Answer 27

worm generates new code in flight

Question 28

what is metamorphic worm

Answer 28

worm behaves differently at different stages of propagation

Question 29

what is zero day exploit?

Answer 29

worm exploits unknown vulnerability for surprise

Question 30

What three offences did Computer Misuse Act define?

Answer 30

Unauthorised access to computer material

Unauthorised access with intent to commit or facilitate further offences

Unauthorised modication of computer material

Question 31

A person is guilty of an offence in the Computer Misuse Act if what:

Answer 31

he causes a computer to perform a function to secure access to any program or data

the access is unauthorised

they know this to be the case

Question 32

What things were changed in Police and Justice Bill?

Answer 32

Max penalty for unauthorised access = 6 -> 12 months

Impairing operation of a computer = max penalty 12 months

Now an offence to make, adapt or supply tools to commit offence

Question 33

What does Directive on Security of Network and Information Systems attempt to do?

Answer 33

Improved cybersecurity at national level

Increased cross border cooperation

Question 34

List some legislation limits

Answer 34

Legislation gets out of date

Government criticised for placing responsibility for security on individuals

UK is limited to tackle something international

Question 35

What is the ‘general’ concern with data and privacy?

Answer 35

There’s now so much data. How is it being kept safe? What rights do you have over it? Can you live off the grid? Can you consciously remove yourself from the datasets that are being collected on you?

Question 36

What things can employers look at?

Answer 36

Emails
Telephone messages
Security cameras
Personal data on employees

Question 37

When is surveillance in workplace allowed?

Answer 37

Detecting crime
To comply with regulation
Staff quality control

Question 38

What is the main law concerned around surveillance in the workplace?

Answer 38

Information Commissioner Code on monitoring at work

Question 39

What does the ICO monitoring at work recommend for employees?

Answer 39

Employees are entitled to some privacy
Methods to surveil should not be intrusive
Covert monitoring should happen for crime detection

Question 40

What are the five laws related to privacy and computer misuse? (Alphabetical order)

Answer 40

Communications act

Data protection act

Investigatory Powers Act

Privacy and Electronic Communications Regulations

Regulation of Investigatory Powers Act

Question 41

What does RIPA provide rules about?

Answer 41

Interception of communications
Getting data relating to communications
Carrying out snooping

Question 42

What is significant about the Investigatory Powers Act?

Answer 42

It also covers interception of messages prior to transmission as well as after.

Significance: a message that hasn’t been sent could still be used as evidence against a person.