Topic 8- security and ethics

Question 1

What is hacking?

Answer 1

illegally gaining access to a computer system

Question 2

illegally gaining access to a computer system in known as

Answer 2

hacking

Question 3

Why do people hack (5)

Answer 3

• Curiosity
• Financial Gain
• Malicious
• Hacktivism
• Military

Question 4

Curiosity,Financial Gain,Malicious,Hacktivism,Military are all reasons to___?

Answer 4

Hack

Question 5

Cracking is

Answer 5

Changing a program’s source code to be used for another use (illegal)

Question 6

Changing a program’s source code to be used for another use illegally is known as

Answer 6

Cracking

Question 7

What is spyware

Answer 7

Software which tracks keylogs and through this can find out passwords.

Question 8

Software which tracks keylogs and through this can find out passwords. Is known as

Answer 8

Spyware

Question 9

How is Spyware prevented

Answer 9

Antispyware

Question 10

Antispyware prevents___?

Answer 10

Spyware

Question 11

Spyware (5)

Answer 11

• User clicks on a link from an email or website
• When clicked spyware is downloaded
• Monitors users activity and relays it back to author
• Keypresses can be analysed to find passwords
• Common key logs allow password to be found

Question 12

Viruses (3)

Answer 12

• Program that replicates itself
• Deletes or corrupts files
• Ransomware a new form of virus

Question 13

Phishing (5)

Answer 13

• Fake email sent that looks legitimate
• User clicks on link in the email
• User redirected to fake website
• Often used to try and steal financial details
• How to avoid – Don’t click on links from unknown emails

Question 14

Pharming (3)

Answer 14

• Malicious code stored on a computer
• Redirects user to fake website to steal users data
• How to avoid – check the URL is as expected

Question 15

Cookies (4)

Answer 15

• Message given to browser by webserver
• Stored in a text file
• Stores detail about users preferences on a website
• Message sent back to server each time that page is requested

Question 16

Cookies uses (5)

Answer 16

• Enable logon information to be kept
• Provide customized pages for the user
• Enable target adverts
• Enable one-click purchasing with shopping carts
• Be able to distinguish between new and repeat visitors

Question 17

Causes of data loss (5)

Answer 17

• Accidental Deletion
• Malicious – virus
• Hardware failure
• Software failure
• Natural disaster

Question 18

Data loss prevention (4)

Answer 18

• Set data to read only
• Use correct shut down procedures
• Use correct procedures when removing portable storage devices
• Backup

Question 19

Firewalls(5)

Answer 19

• Prevents unauthorized access
• Acts as a filter for incoming/outgoing data
• Checks data meets criteria
• Logs incoming and outgoing traffic
• Blocks access to specified IP addresses

Question 20

Antivirus (2)

Answer 20

• Compares virus signature against a database of known virus signatures
• Removes any viruses

Question 21

Proxy servers (3)

Answer 21

• Keeps user IP address secret
• Prevents direct access to a web server
• Filters traffic

Question 22

Biometrics examples (3)

Answer 22

• Voice recognition
• Facial Recognition
• Thumbprint

Question 23

Text v Biometric (2)

Answer 23

• Text passwords easier to hack than biometrics

- Biometric passwords are unique and can’t be shared

Question 24

Security methods (2)

Answer 24

• Encryption

- SSL

Question 25

SSL (5)

Answer 25

• Uses encryption
• Uses SSL
• Uses digital certificates – contains public key
• Makes use of public and private keys
• Data is meaningless without the key

Question 26

How can we tell a website is using SSL(3)

Answer 26

• Protocol end in s e.g. https
• Padlock on some browsers
• Colour of address bar changes

Question 27

SSL process (5)

Answer 27

• Web browser connects to the website
• Web browser requests web server to identify itself
• Web server sends browser a copy of its SSL certificate
• Browser checks the certificate is trustworthy and sends message back to server
• Server acknowledges message and SSL session begins

Question 28

TLS layers (2)

Answer 28

• Record

- Handshake

Question 29

Record layer (2)

Answer 29

• Contains the data being transferred

- Can be used with or without encryption

Question 30

Handshake layer (2)

Answer 30

• Website and client authenticate each other

- Encryption algorithms used to establish secure session

Question 31

Differences between TLS and SSL (3)

Answer 31

• Possible to extend TLS using new authentication methods
• TLS can make use of session caching
• TLS separates handshake and record protocol

Question 32

How does encryption work on text (6)

Answer 32

• Before encryption it is plain text
• Text encrypted using an algorithm
• Text encrypted using a key
• Encrypted text called cypher text
• Key transmitted separately from text
• Key used to decrypt the cypher text

Question 33

Assymetric(5)

Answer 33

• Private key and Public key needed
• Public key given to everyone
• Private key only known by the computer user
• Encryption keys generated using a hashing algorithm
• Different keys

Question 34

Plain text & Cyper text

Answer 34

• Text encrypted using encryption algorithm
• Text encrypted using a key
• Key transmitted separately from the text
• Key used to decrypt the text

Question 35

Authentication (1)

Answer 35

-Used to verify that data comes from trusted source

Question 36

Symmetric Encryption (1)

Answer 36

-Uses the same key to encrypt and decrypt data

Question 37

Hashing algorithm (4)

Answer 37

• Takes message or key and translates it into string of characters
• Usually shown in hex notation
• Length depends on algorithm used
• Same hashing algorithm needed to decrypt

Question 38

DoS Attacks (4)

Answer 38

• Large number of requests sent to server at once
• Designed to flood a server with useless traffic
• Server will come to a stop trying to deal with the traffic
• Prevents users gaining access to the web server

Question 39

Ethics (1)

Answer 39

-Set of laws that regulate computers

Question 40

Misuse of ethics (5)

Answer 40

• Hacking/Malware
• Copyright
• Stealing personal Information
• Addiction or health issues
• E waste

Question 41

Types of softaware(3)

Answer 41

• Free software
• Freeware
• Shareware

Question 42

Free software (4)

Answer 42

• Can use for any legal purpose you wish
• Can study and change the source code
• Can pass on to other people
• Must not be used to infringe copyright laws by copying existing software

Question 43

Freeware(2)

Answer 43

• Can download and use free of charge

- Cannot view or modify the source code e.g. Skype

Question 44

Shareware (5)

Answer 44

• Can use for a trial free of charge
• Need to pay once the trial is over
• Often trial version missing key features
• Protected fully by copyright laws
• Cannot modify code or distribute the software