The internet and it's uses (Paper 1) Flashcards
What are the names for the different sections in a URL?
-Protocol
-Host
-Domain name
-Webpage/filename
What does URL stand for?
Uniform Resource locator
What is the protocol?
https
What is the host?
www
What is an example of the domain name?
cambridgeinternation.org
What is an example of a webpage/filename?
index.html
What is a protocol?
A set of rules for communication between devices
What is HyperText transfer protocol (HTTP)?
Is the standard protocol used to communicate across the web. It is sent in plaintext
What is HyperText Transfer Protocol secure (HTTPS)?
It is a secure protocol meaning any data transmitted is encrypted and cannot be understood by anyone intercepting it
What are the functions of a web browser?
-Storing bookmarks and favorites
-Storing cookies
-Recording user history
-Allowing use of multiple tabs
-Providing an address bar
What is HTML?
The standard markup language for creating web pages
What is the role of a domain name server?
To convert a website address into an IP address so that a browser on a client machine can make a request to the correct web server
What is the role of cookies?
Text files with small pieces of data used to track user preferences
What are the 2 types of cookies
Session cookies
Persistent cookies
What are session cookies?
Session cookies are created and replaced each time a user visits a website
What are persistent cookies?
Persistent cookies are created and saved on the first visit and retained until they expire
Describe the process of SSL and how it provides a secure connection
-SSL is a security protocol
-It encrypts data that is sent
-Using digital certificates
-Which are sent to the user’s browser
-That contain the public key
-That can be used to authenticate
What is the difference between the internet and the world wide web?
The internet is the physical equipment such as the servers and the cables whereas the world wide web is the data that is sent via the internet for example webpages (HTML)
How are webpages located?
When a user enters a URL, the domain name is sent to a DNS server. The DNS server looks up the domain name and sends the associated IP address to the web browser. The web browser now requests the web page to the IP address for the Web server. The web server then sends the web page, written in HTML, to the browser
What are the forms of cyber attack?
-Hacking
-Brute force attacks
-Data interception and theft
-Spyware
-Phishing
-Pharming
-Shouldering
-Suspicious links
What is hacking and how do you defend against it?
-Hacking is an automated or manual attempt to gain unauthorised access to programs or data
Solved by: Getting a firewall to block access by unauthorised devices
What is a brute-force attack and how do you defend against it?
-Automated or manual attempt to gain unauthorised access to secure areas by trying all password or key combinations
Solved by: Strong password + limited attempts allowed
What is data interception and theft and how do you defend against it?
Data may be intercepted during transmission but also storage devices or files can be left insecurley
Solved by: Encryption, passwords
What is spyware and how do you defend against it?
Software that hides on your computer and records activities to send it back to third parties
Solved by: Anti-malware software
What is phishing and how do you defend against it?
Phishing emails redirect a user to a fake website where they trick the reader into divulging confidential information
Solved by: Firewall
What is pharming and how do you defend against it?
A form of cyberattack that sends you to a fake website that looks like the real thing
Solved by: Using a trusted ISP and checking the URL
What is shouldering and how do you defend against it?
Looking over someone’s shoulder when they enter a pin
Solved by: Concealing password when entering it
What is a suspicious link and how do you defend against it?
Links in emails that may not be genuine
Solved by: Hovering over the link should reveal the destination before clicking it
Define malware
Malicious software written to cause inconvenience or damage to programs or data
What is social engineering?
Obtaining confidential information by asking for it - usually making use of confidence tricks
Define a virus
Small program installed onto a person’s computer without knowledge or permission with the purpose of doing harm
It can self replicate automatically and can corrupt stored data or it uses all available memory and causes the computer to crash
Define a worm
-A small program which also replicates itself. However it finds vulnerability through holes in a network to replicate itself
-This clogs the bandwidth of a network and slows it down
Define anti-virus software
It runs on the computer constantly checking for viruses - therefore it has to be kept up to date
Define a trojan horse
A program which masquerades as having a legitimate purpose but actually has a different one - normally spread by email
Define ransomware
A form of malware which encrypts victims files. A ransom is then demanded form the attacker in return for the instructions on how to decrypt the file
Define adware
Malware which automatically displays onscreen advertisements - it may contain spyware or redirect the browser to an unsafe sight
What does DDOS stand for?
Distributed denial of service
What is a DDOS attack?
-A malicious attempt to disrupt the normal traffic of a targeted server with a flood of internet requests - Targets include internet shopping sites or a bank/credit card company
-The attack uses multiple interconnected devices in different locations to establish a botnet
-The attacker is able to direct the attack by sending remote instructions to each bot to send requests to the target’s IP address
-This results in it becoming overwhelmed so that genuine requests cannot be handled - the server then fails/times out
Why is a DDoS attack difficult to solve?
As each request is from a legitimate device so it is difficult to separate the fraudulent requests from genuine ones
What can be used to protect from DDOS attacks?
Firewall
What are the methods of keeping data safe?
-Biometrics
-Two step verification
-Passwords
-Automatic software updates
-SSL
-Privacy settings
-Proxy servers
What are biometrics?
-They use pre-recorded human characteristics to authenticate authorised users of a system or device
What are methods of biometrics?
-Facial recognition
-Iris and retina scanners
-Fingerprint/palm recognition
-Voice recognition
How do biometrics work?
-The user is required to look at a camera, press their fingerprint into a sensor or speak into a microphone
-The image or recording is taken and analysed for key features
-This is compared with pre-recorded examples for that individual and if a match is found then access is granted
What is 2 step verification?
Involves two authentication methods performed one after the other to prove an identity. For example, a 4 digit code may be sent in email or text to your phone where a login process must be completed
How do automatic software updates ensure data is safe?
-These updates will keep applications and the OS up to date
-This enables bugs and security flaws in the software to be fixed as soon as they are located, with a patch
What does SSL stand for?
Secure socket layer
What is SSL protocol?
-SSL provides a secure channel between 2 computers or devices operating over the internet or an internal network
-SSL can be used to secure communication between a web browser and a web server
-This will then use an HTTPS address for the website - S meaning secure
How do privacy setting keep data safe?
-They allow a person to control what information about them is shared on a social media platform
-A user can control who has access to what they post, and who can see their full profile
How do proxy servers keep data safe?
-A proxy server is a machine that checks and forwards traffic between networks or protocols
-It’s an intermediary server separating end-user clients from the destination sites that they browse
-It can provide security and privacy if needed
How does anti-virus software work?
-Anti-virus software scans the computer for viruses
-It compares all the files in the computer with a known list of viruses to see if there are any matches
-If there is a match, it will put the file in a quarantine area and will then inform the user about the suspected virus and ask you to delete the file
How does a firewall work?
-A firewall helps prevent malware being downloaded onto a computer
-The data coming in and out of the computer is examined against the criteria of the firewall
-If the data looks malicious, the firewall will reject it and stop it from being downloaded onto the computer
What is a data backup?
A copy of data stored separate from the computer
Why are digital currencies gaining popularity?
-They can transfer money from one person to another directly without intervention of a banking organisation
-There is a reduced transfer fee and a decreased time a transaction takes to complete
-A higher demand raises their value
What is a digital currency?
A currency that exists electronically rather than physically
How does a digital currency ensure maximum safety?
A blockchain
How does a blockchain work? (7 key points)
-Blockchain software is used to form a ledger that is a time-stamped series of transaction records
-Each new transaction is added onto a chain of transaction blocks
-Each transaction carries the user’s unique ID number and a reference to the previous block
-The reference is a hash total calculated with a hashing program using data from the previous blocks
-A change to data in any block in the blockchain would create a ripple effect of incorrect hash totals throughout the blockchain
-The blockchain is therefore copied and stored on multiple different servers so if there is a change to a data block it isn’t reflected in all copies
-This maintains integrity and trustworthiness of data
What is a cryptocurrency?
A type of digital currency that uses encryption procedures
What is a digital ledger?
A database that is a list of all the transactions recorded by use of blockchain
How are digital currencies sent?
-User sends payment using cryptocurrency
-Before it is sent it is encrypted
-The details of payment are added to a digital ledger including a digital signature, date and time stamp
-The ledger is encrypted and cannot be changed
-The payment arrives with the intended user
