topic 6 cyber security Flashcards
define cyber security
the process and practice and technology designed to protect networks, computers, programs, and data from attack, damage or unauthorized access
define social engineering
The art of manipulating people to give up confidential information.
define malicious code
the term used to refer to a variety of forms of hostile or intrusive software
what are methods of social engineering?
- blagging
- phishing
- shouldering
what is blagging?
Targets an individual to persuade them to give up sensitive information
what is phishing?
Can be done by email/ text, disguised to look like it’s from a reputable source, targets a large group of people hoping some would respond, , often contains a link directing u to a fake website
what is shouldering?
looking over someone else’s shoulder seeing their usernames, passwords, PIN etc.
how can you prevent methods of social engineering?
Education – spreading knowledge and awareness of security risks etc.
Verify the caller identity
Do not use email links, properly find main web address and login securely to c
what is the biggest risk of a computer virus?
One the biggest risks of viruses is a day 0 attack. A day 0 is when it is on release and this is when nobody really knows what it is, so nobody has a fix for it right away. You have to try and prevent the virus from coming in AND you have to fix it.
what are examples of malicious code?
- computer virus
- trojan
- spyware
what is a computer virus?
Can spread when executed, attached to another program or file,executed by clicking onto the host/ infected program
what is a trojan?
Poses as having a useful purpose/ a legitimate program. User id tricked into executing the Trojan, when the program is executed the Trojan activates
what is spyware?
Gathers information about person/ organisation activity without their knowledge. Send information back to originator
how can you prevent malicious code?
-education on how you can stop getting spyware
-when installing new programs download the correct versions
-don’t use copied code
-use an antivirus software
-cover up your camera
-password managers, this is an antispyware tool as key loggers cant detect your password as you aren’t typing it in it saves it for you
how can you reduce the risk of getting a virus?
-download files from correct places, not those that are sent to you
-education, tell people not to click on links
-get files from reputable sources
-get antivirus software to detect viruses on your computer
how can you prevent a trojan?
-education, do not open suspicious file endings those especially that are code files
-use antivirus software, really it is antimalware software
-don’t open emails from people you don’t trust
what are the methods to detect and prevent cyber security threats?
- biometric measures
- password systems
- CAPTCHA systems
- email confirmation
- automatic software updates
what is penetration testing?
When you hire someone to test your cyber security measures.
what are the 2 types of penetration testing?
- internal penetration testing
- external penetration testing
what is internal penetration testing?
when the tester has knowledge of the security and structure of a network. E.g. if an employee decides to test the security of the network. This simulates someone trying to hack the network.
what is external penetration testing?
when somebody doesn’t know the structure so they look for vulnerabilities in the network. Companies pay for this to be done to give them the ability to see where they might be vulnerable.
