Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

11B1/Cp > Systems Security (Ch14) (M1) > Flashcards

Systems Security (Ch14) (M1) Flashcards

1
Q

Give two risks of computer networks

A

-Username/passwords can be cracked or stolen
-Viruses/malware can be spread to devices, computer systems and other systems you interact with physically and digitally
-Data can be accessed, changed or stolen
-Email scams can be used to trick people, for purposes such as identity theft

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define a cyber attack

A

A cyber-attack is an attempt to gain unauthorised access to a network with the intention of accessing, changing, or destroying information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are people who perform cyber attacks often called?

A

Individuals who perform cyber attacks are often referred to as hackers or cybercriminals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Give four reasons for cyber attacks

A

1) For a challenge – to see if they can succeed
2) For fun – it might be a hobby
3) For financial gain – stealing and selling data
4) Idealism – trying to expose an injustice
5) Revenge – a disgruntled employee or ex friend
6) To take out a competitor – by bringing down their website
7) Political motives – to raise awareness of a political issue
8) Security reasons – trying to find flaws in a system, before someone else finds them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define cyber security

A

Cyber security is the set of measures taken to protect networks and computer systems from cyber-attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Name five things a business might do, to improve their cyber security

A

Things a business might do, to improve their cyber security:

1) Get a VPN
2) Install reliable Antivirus software
3) Use complex passwords
4) Use password managers
5) Protect with a firewall
6) Install encryption software
7) Ignore suspicious emails
8) Limit access to critical data
9) Back up data often
10) Secure your Wi-Fi Network
11) Secure laptops and smartphones
12) Communicate cyber security measures to employees

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Why might cyber criminals target businesses?

A

Cyber criminals may target businesses because:

-Businesses have a lot of money, they may want to gain some for themselves
-They may disagree with what the business does
-It may be an old employee from a business, trying to get revenge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the most valuable thing that a business owns? Why?

A

The most valuable thing that a business owns is data.
Physical things can all be replaced. But if data is lost, the organisation would no longer have a business.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Why do cyber attacks often focus on trying to steal company data?

A

Cyber-attacks often focus on trying to steal company data because:

-The criminals can sell this valuable data to a competitor.
-Or, they might try to extort (blackmail) money, for the safe return of the data.
-It could also be to damage the reputation of a business, showing people that the business doesn’t take enough precautions to keep user’s confidential data safe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Give two consequences to a business, following a data breach

A

Consequences to a business, following a data breach:

-They lose important information about employees, like allergies, phone numbers
-Personal information about everyone who works at the company would be accessed by a third party
-The business could be sued for weak cyber security
-The business is breaching the Data Protection Act (2018) by not keeping employee data safe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Give one example of personal data that may be stored by a business

A

Much of the data stored by businesses is classed as personal data. For example: customer names, addresses, bank details, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What condition do businesses have to follow, if they are storing customer data?

A

Businesses are allowed to store customer data, as long as they have adequate security measures in place, following the Data Protection Act (2018) / GDPR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Why would a business face a fine and be prosecuted if data is stolen in a cyber attack?

A

If data is stolen during a cyber-attack, it shows that the business did not do enough to protect that data.
They have broken the law and are likely to be prosecuted and face a very large fine.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is confidentiality?

A

Confidentiality is where data is kept private from users and third parties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Why is confidentiality important for companies?

A

Confidentiality is where data is kept private from users and third parties.
This is incredibly important because companies can be prosecuted for not following the Data Protection Act if there is a data breach or leak of data.
It would also damage their reputation and many people would not trust the company to store their personal data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Give four forms of attack on a network

A

Forms of Attack:

Malware
Phishing
Brute Force Attacks
Denial of Service Attacks
Data Interception and Theft of Data
SQL Injection
Rootkit
Backdoors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the three types of attack?

A

Three types of Attack:

Passive attack
Active attack
Insider attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is a passive attack? What is used?

A

A passive attack is where someone monitors data travelling on a network and intercepts any sensitive information they find.
They use network monitoring hardware and software, such as packet sniffers. Passive attacks are hard to detect as the hacker is quietly listening.
Encryption is the best way to be protected from passive attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is an active attack? What is the main defence?

A

An active attack is where someone attacks a network with malware or other planned attacks. They are more easily detected. The main defence is a firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is an insider attack?

A

An insider attack is where someone within an organisation exploits their network access to steal information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is malware?

A

Malware is software designed to disrupt, damage or gain unauthorised access to a computer system.
Malware is short for ‘malicious software’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Give three different forms of malware

A

Different forms of malware:

Viruses
Worms
Trojans
Spyware and Keyloggers
Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Give three things that malware can typically do to a computer system

A

Typical things Malware can do:

-Delete or modify files
-Scareware - for example, telling the user their computer is infected with lots of viruses to scare them into following malicious links or paying or problems to be fixed
-Ransomware - encrypting all files on a computer. The user recieves a message demanding a large sum of money in exchange for the decryption key.
-Spyware - secretly monitoring a user’s actions., For example: key presses, and it sends this information to the hacker.
-Rootkits - these alter permissions, giving malware hackers administrator-level access to devices.
-Backdoors - holes in someone’s security which can be used for future attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Give two ways that malware can access a device

A

Ways Malware can access a device:

-Viruses attach - by copying themselves - to certain files. Users spread them by copying infected files, and activate them by opening infected files.
-Worms are like viruses but they self-replicate, this means that they can spread very quickly. Worms exploit weaknesses in network security.
-Trojans are malware disguised as legitimate software. They don’t replicate themselves - users install them, not realising they have a hidden purpose.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What is a virus?
A computer virus is a piece of code designed to copy itself (replicate) into other programs and files.
26
Once a program infected with a virus has been opened, what will happen?
Once an infected program has been opened, the virus will be placed into system memory. It will then begin to replicate, trying to infect other files and network devices.
27
What will many viruses attempt to do to a computer?
Many viruses will attempt to corrupt, modify or delete data on your computer.
28
Give three ways that viruses can be spread
Viruses can be spread in a number of different ways: -Email - via attachments in email messages -Infected websites -Removable media - e.g. memory sticks -Social media - links or images in posts
29
What is a worm?
A worm is also a malware program that tries to replicate itself.
30
In terms of being run and activated, what is the difference between a virus and a worm?
Viruses are normally attached to an executable (.exe) file and need that file to be run, before they are activated. But, worms do not need a host program to run and replicate.
31
Once a worm is on a system, what will it do?
Once a worm is on your system, it will continue to make copies and spread around the network, regardless of what your computer is doing.
32
Give one effect of a worm
Effects of a worm: -Worms are so effective at copying themselves that they can cause the system to run out of memory and crash. -They can also slow down network connections as they search for other devices to infect.
33
Give two ways that worms can be spread
Worms can be spread in a number of ways: -Files sent as email attachments -Peer-to-peer file sharing networks -Links to a resource on the internet
34
What is a trojan?
Trojan malware is malware that hides inside a legitimate software application.
35
Do trojans replicate? What is their aim?
Trojans do not replicate themselves. Their aim is to sit on your computer system, completely unnoticed.
36
What can trojans create on your system? What does this allow?
Trojans can create backdoors by making changes to your security, allowing other malware or hackers access to your system.
37
What kind of malware can a trojan act as? How does it behave like this?
Trojans can act as spyware, waiting to collect your online account and credit card details. Once collected, they are sent back to a criminal entity.
38
What network can a trojan make your computer part of? What attack is this used in?
Trojans can make your computer into part of a botnet to be used in a DDoS attack.
39
What is spyware?
Spyware is malware that gathers data about your activities on the computer. It then relays that information (secretly) to a third party.
40
Give three things that spyware may gather about a user
Spyware may gather data such as: -Websites that you visit -Social media that you use -Your personal information, e.g. login details, credit card data -It may redirect your browser to advertising site or sites containing other malware -It can also alter your browser settings such as changing your default home page
41
Give two ways you can download spyware
You may download spyware by: -Clicking on a pop-up advert, e.g. 'free prize draw' -Downloading free software, e.g. a video sharing program -Emails and social media messages can contain links to spyware
42
What is a keylogger?
A keylogger is a type of malware that records every key that you press on your keyboard.
43
What does a keylogger do?
A keylogger is a type of malware that records every key that you press on your keyboard. It can also record every mouse click, every item you download or anything else that you do on your computer. The data collected is sent, without your knowledge, to a third-party
44
What is ransomware?
Ransomware is a type of malware that encrypts or locks files on the system so that the user cannot access them.
45
What is accompanied by ransomware?
A demand for payment is received after downloading ransomware. It is often accompanied by a threat that the files will be destroyed if the ransom is not paid.
46
With ransomware, what is the problem with paying the ransom to unlock your files again?
Even if the ransom is paid, there is no guarantee that the files will be unlocked
47
What is social engineering?
Social engineering is a technique used by criminals to manipulate or trick people into revealing confidential information.
48
What is the data obtained from social engineering used for?
The data obtained from social engineering is used to gain access to a computer system.
49
Social engineering is one of the most common methods used by cyber criminals. Why?
Social engineering is one of the most common methods used by cyber criminals. This is because people are generally trusting of others and this makes them a weak link where network security is concerned.
50
What is the best way for companies to prevent social engineering attacks?
The best way for companies to prevent social engineering attacks is by educating employees on the risks and what to look out for.
51
Give one way that social engineering takes place
Ways that social engineering takes place: -A phone call out of the blue may tell you that a problem has been noticed with your computer. You are told that you need to download some software to fix the issue. -Or, the call may be from 'your bank' who have noticed some unusual activity on your account. You are told you need to provide your login details or security answers so that they can 'verify' you.
52
What is phishing a type of?
Phishing is a type of social engineering.
53
Describe the process of a phishing attack
Phishing attacks often send an email pretending it is from a trusted organisation such as a bank, the tax office, a parcel delivery company, etc. They try to trick people into giving away account information. They do this by pretending there is a problem, e.g. missed parcel delivery, rejected bank payment, etc. Within the email is usually a 'call-to-action', telling the user to 'click here' to solve the problem. Clicking on the link often takes you to a fake, but very convincing looking website
54
Who might a phishing attacker pretend to be?
Phishing attacks often send an email pretending it is from a trusted organisation such as a bank, the tax office, a parcel delivery company, etc.
55
How many people are phishing emails often sent to?
Phishing emails are often sent to thousands of people, in hope that someone will read the email and believe its content is legitimate.
56
What feature do many email programs, browsers and firewalls have to attempt to stop phishing?
Many email programs, browsers and firewalls have anti-phishing features that will reduce the number of phishing emails received.
57
What is a brute force attack?
A brute force attack is where software is used to try every possible combination of words, numbers and symbols to try to crack a password.
58
Why can brute force attacks be very effective?
Brute force attacks can be very effective because so many people use short, simple and easy to guess passwords.
59
Give one way that brute force attacks can be stopped
-Brute force attacks can be stopped by limiting the number of failed login attempts. Many systems will lock the account after three failed logins. -CAPTCHAs can also help to block brute force attacks. -Using strong passwords (capital letters, numbers, symbols, a length of over eight characters) can make it harder to an automated algorithm to guess your password
60
What is a Denial of Service (DoS) attack?
A denial of service attack (DoS) is where a criminal uses software to bombard a web server with fake requests.
61
Describe the process of a Denial of Service (DoS) attack
-A denial of service attack (DoS) is where a criminal uses software to bombard a web server with fake requests. -This is done to use up the server memory and CPU cycles in the hope of making the server crash. -A DoS typically uses one computer and one internet connection. -Servers are usually built to withstand an attack from a single source. -So the DoS may not be successful.
62
Give two reasons for Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
Reasons for DoS and DDoS attacks: -To extort money -To punish the company for unethical behaviour -To get revenge on the company
63
What is a Distributed Denial of Service (DDoS) attack?
A DDoS (distributed denial of service attack) is where a criminal uses many computers and many internet connections to bombard a web server with fake requests.
64
Describe the process of a Distributed Denial of Service (DDoS) attack
-A DDoS (distributed denial of service attack) is where a criminal uses many computers and many internet connections to bombard a web server with fake requests. -Multiple computers are infected with botnet malware. -The main computer communicates with the infected computers, commanding them to send simultaneous fake requests to the server. -This overwhelms the server using up CPU time, memory and network bandwidth so that it is unable to deal with legitimate users.
65
What is data interception often referred to as?
Data interception is often called a 'man in the middle attack' (MITM)
66
What is a data interception attack?
A Data Interception attack is where someone gets in between you and what you are doing online. It is a bit like eavesdropping and the victim has no idea this is happening.
67
Describe the process of a data interception/man in the middle (MITM) attack
-A Data Interception attack is where someone gets in between you and what you are doing online. It is a bit like eavesdropping and the victim has no idea this is happening. -There are many different techniques for this. -They commonly occur where there is a public Wi-Fi hotspot. -Attackers scan the router looking for a vulnerability such as a weak password. Sometimes they set up their own rogue Wi-Fi network, to entice users to connect. -The victim connects to the Wi-Fi network and sends their message. -What they don't realise is that the criminal is intercepting it. The message can be read, copied or even changed before it is finally transmitted on to its destination. -And the victim has no idea this has happened.
68
Give one clue that suggests a data interception/man in the middle (MITM) attack is happening
Data interception attacks are hard to detect while they are happening. Clues include: -Sudden, long page load delays -URLs switching from HTTPS to HTTP
69
Give two ways you can prevent a data interception/man in the middle (MITM) attack
Ways to prevent a data interception/man in the middle (MITM) attack: -Using a Virtual Private Network (VPN) -Using up-to-date antivirus software -Being alert to phishing scams
70
What is SQL short for?
SQL is short for Structured Query Language.
71
What is SQL?
SQL is short for Structured Query Language. It is the programming language used to communicate with a database.
72
What is an SQL injection?
An SQL injection is where an attacker enters malicious code into a web form.
73
Describe the process of an SQL injection
-An SQL injection is where an attacker enters malicious code into a web form. -If there are any vulnerabilities present, the SQL injection can bypass the authentication and verification process. -The attacker now has access to the backend database and can copy all of the data. It can also add, modify or delete records.
74
Give two methods to prevent an SQL injection attack
Methods to prevent an SQL injection attack: -Update and patch software regularly -Firewall - to filter out malicious data -Data validation - check input data, e.g. that email addresses are in the correct format
75
Give five ways that people are a weak point in a network
Many system vulnerabilities are caused by people being careless. Ways people are a weak point in a network: -Not installing operating system updates -Not keeping anti-malware up to date -Not locking doors to computer rooms -Not logging off or locking their computer -Leaving printouts on desks -Writing passwords down on sticky notes attached to computers -Sharing passwords -Losing memory sticks/laptops -Not applying security to wireless networks -Not encrypting data
76
Give four methods that can be used to protect a network
Methods that can be used to protect a network: -Physical security -Access control -User security -Firewalls -Encryption -Penetration testing -Passwords
77
What is a network policy?
A network policy is a formal document containing the rules and procedures that people must follow if they wish to use the network.
78
What is a network policy designed to ensure?
It is designed to ensure that the network is protected from misuse and security breaches.
79
Give one problem of not having a network policy
Problems of not having a network policy: -Not having a policy increases the likelihood of network vulnerabilities, making an organisation more susceptible to an attack. -It also increases the risk of non-recovery from an attack or disaster.
80
What is physical security?
Physical security is preventing unauthorised persons from entering a building that contains network equipment, for example servers.
81
Give three examples of physical security
Examples of physical security: -Use of locked doors with keypad or biometric measures (fingerprint/iris scanners) -Use of electronic swipe cards programmed with authorised user details -CCTV -Alarms -Radio Frequency Identification (RFID) Chips -Chains and locks on equipment
82
What is user security?
User security is minimising the risk posed by people to the network, in an organisation.
83
What is permissioning? What is it used for?
Permissioning assigns different levels of access to different groups of users. Permissioning is used to control the files and folders a user can see and set files to be read only, etc.
84
Give two ways to increase user security
Ways to increase user security: -Prompt the use of secure login names and passwords (Greater than 8 characters, contains a mixture of letters and numbers, contains a capital letter, contains a symbol) -Regular changing of passwords -Prevent re-use of the same passwords -Not sharing passwords
85
What is a firewall?
A firewall is software that protects against unauthorised access to a network, particularly the internet. It prevents internal and external unauthorised access.
86
Describe the process of a firewall. What does it do?
A firewall isolates your computer from the internet using a "wall of code" that inspects each individual packet of data as it arrives at either side of the firewall – inbound to or outbound from your computer – to determine whether it should be allowed to pass or be blocked. It compares the traffic to a criteria that has been set, and it blocks unauthorised traffic that doesn't meet the requirements set.
87
Give one problem with firewalls
Problems with firewalls: -However, firewalls do not provide enough visibility into threats and risks on the network. -Moreover, if it is not configured correctly then it can be oversensitive. It can block innocent or necessary websites from being used.
88
What is encryption?
Encryption is the scrambling of data into a form that cannot be read by unauthorised personnel through the use of a key.
89
What two things are used to encrypt data?
Data is encrypted using a cipher and a public key
90
What is data decrypted with?
The data is decrypted using a private key
91
Describe the process of encryption
-Encryption is the scrambling of data into a form that cannot be read by unauthorised personnel through the use of a key. -Data is encrypted using a cipher and a public key -The data is then decrypted using a private key
92
What is encrypted text called?
Encrypted text is called cipher text
93
What is unencrypted text called?
Unencrypted text is called plain text
94
What is essential for sending data over a network securely?
Encryption is essential for sending data over a network securely.
95
What is penetration testing?
Penetration testing is where a company hires someone to simulate an attack on a computer network or system to find vulnerabilities that an attacker could exploit
96
Name two things that can be penetration tested
Penetration testing can be used on a computer system, network or web application to find vulnerabilities.
97
What are the results of a penetration test used for?
The results of a penetration test are used to inform future network policies
98
What can penetration testing be used to check:
Penetration testing can be used to check: -The security awareness of employees -The response to a security threat -Vulnerabilities that an attacker could exploit.
99
Give three things organisations should do, to keep networks secure
To keep networks secure, organisations should: -Regularly test the network to find and fix security weaknesses and investigate problems if they happen. -Use passwords to prevent unauthorised people from accessing the network. -Enforce user access levels to limit the number of people with access to sensitive information. -Install anti-malware and firewall software to prevent and destroy malicious software attacks. -Encrypt sensitive data.
100
What is shoulder surfing?
Shoulder surfing is where an attacker watches a person enter a password and uses it to access their account
101
Summarise what malware can do
Malware can corrupt data on a computer system, such as files. It can replicate across the computer system, spreading when a user copies an infected file. Moreover, it can record keypresses and transmit it to a third party.
102
What is anti-malware software?
Anti-malware software scans for viruses, spyware or malware. The software compares data to a database of malware and alerts the user and requests action. It quarantines viruses, spyware and malware and stops the download of them.
103
What is anti-virus software?
Anti-virus software scans for viruses, spyware or malware. The software compares data to a database of malware and alerts the user and requests action. It quarantines viruses, spyware and malware and stops the download of them.
104
What is anti-spyware software?
Anti-spyware software scans for spyware or keyloggers. The software compares data to a database of spyware and alerts the user and requests action. It quarantines or deletes spyware and stops the download of spyware or malware.

11B1/Cp (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions