System Security Flashcards
What is cybersecurity?
Cybersecurity refers to the protection of computer systems, networks, and data from digital attacks, damage, or unauthorised access.
What is malware?
Malware (malicious software) is software designed to harm, exploit, or disrupt systems, such as viruses, worms, trojans, ransomware, and spyware.
What is a virus?
A type of malware that attaches itself to files or programs and spreads when they are opened or run.
What is a worm?
A self-replicating malware that spreads across a network without user action.
What is a Trojan horse?
Malware disguised as legitimate software that users are tricked into installing, allowing hackers access to the system.
What is ransomware?
Malware that encrypts files and demands payment for decryption.
What is spyware?
Software that secretly monitors user activity and sends information to a third party.
What is phishing?
A method of social engineering where attackers pretend to be trustworthy sources (usually via email) to steal personal information.
What is social engineering?
Manipulating people into giving up confidential information (e.g., passwords) rather than attacking systems directly.
What is a brute force attack?
An attack that tries every possible combination of passwords until the correct one is found.
What is a denial of service (DoS) attack?
An attack that floods a server with traffic to overwhelm it and make services unavailable.
What is SQL injection?
A code injection technique where attackers input malicious SQL into a form to manipulate a database and gain access to data.
How can strong passwords help prevent cyber attacks?
They are harder to guess or brute-force, making unauthorized access more difficult.
What are some ways to prevent cyber security threats?
• Use strong passwords
• Install antivirus software
• Enable firewalls
• Keep software updated
• Train users on phishing and safe practices
What is penetration testing?
A simulated cyberattack carried out to test and identify vulnerabilities in a system.
What are user access levels and why are they used?
Different levels of permissions given to users (e.g., admin vs. guest) to control who can access what — improves security by limiting access.
What is anti-malware software?
Software that detects, prevents, and removes malicious programs.
What is a firewall?
A security system that monitors and controls incoming and outgoing network traffic based on predetermined rules.
What is meant by ‘network forensics’?
The process of monitoring, recording, and analysing network traffic to investigate and prevent cybercrime.
What is the purpose of automatic software updates?
To fix vulnerabilities and security holes in software as soon as they are discovered.
What are the main types of social engineering attacks?
Phishing, pretexting, baiting, and tailgating.
Why is educating users important in cyber security?
Because users are often the weakest link — training helps prevent errors like clicking on phishing emails.
