Unit 5 - The internet and its uses

Question 1

what is ‘url’

Answer 1

Uniform resource locator. it is a text based address for a web page; it can contain the protocol, the demain name, and the web page/file name

Question 2

what is the purpose of a web brower?

Answer 2

to render hypertext mark up language (HTML) and display web pages

Question 3

what are 5 functions of a web browser?

Answer 3

-storing bookmarks and favourites
-recording user history
-allowing use of multiple tabs
-storing cookies
-providing navigation tools
-providing and using an address bar
-have home page
-use hyperlinks
-data is stored as a cache
-make use of JavaScript

Question 4

what are 4 functions of cookies?

Answer 4

-saving personal details
-tracking user preferences
-holding items in an online shopping cart
-storing login details

Question 5

what are session cookies?

Answer 5

It is stored in temporary memory on the computer but it doesn’t collect any information from the user’s computer and doesn’t personally identify a user. sessions cookies disappear once a user’s computer’s browser is closed or the website session is terminated. (example: used to keep a user’s items in a virtual shopping basket during online purchases)

Question 6

what are persistent cookies?

Answer 6

These are stored in the hard drive of a user’s computer until the expiry date is reached or the user deletes it. They remain on the computer even after session cookies disappear. Legitimate websites will always encrypt any personal information stored in the cookies. (examples: remembering a user’s log in details, sometimes storing more personal information or user preferences)
(advantages: removes the need to type in log in details every time a certain website is visited, effeiciently carries data from 1 website session to another, removes need to store massive amounts of data of the web server, easier to retrieve a user’s data without requiring the user to log in every time they visit the website)

Question 7

what is a blockchain?

Answer 7

digital ledger that is a time-stamped series of records that cannot be altered

Question 8

what is brute-force attack?

Answer 8

method where all combinations of characters are tried to generate passwords

Question 9

what is data interception?

Answer 9

stealing of data by tapping into a network.

Question 10

what is DDoS attack?

Answer 10

distributed denial of service attacks. attempt to prevent anyone accessing part of a network (web servers). the system uses a network of computers to carry out an attack. DDoS can send spam mail to fill up a user’s inbox so that the user can’t access their emails.

Question 11

what is hacking?

Answer 11

gaining illegal access to a computer system without the user’s permission. (It can lead to identity theft, gaining personal information, loss of key data)

Question 12

what is virus?

Answer 12

programs that can copy themselves with the intention of deleting files or causing the computer to malfunction. They need an active host program on the target computer. (Usually on link in email)

Question 13

what is worm?

Answer 13

stand alone viruses. they can replicate themselves with the intention of spreading to other computers. Worms can spread through a network without any action by an end user, making them more dangerous than viruses. (often use networks to search computers with weak security)

Question 14

what is trojan horse?

Answer 14

malicious programs disguised as a legitimate software. They replace parts (or all) of the legitimate software with the intent of carrying out harm to the user’s computer system. (Trojan horse needs to be executed by an end user, so usually as an email or message that can be downloaded)

Question 15

what is spyware?

Answer 15

software that gathers information by monitoring. The gathered information is sent back to the person who sent the software.

Question 16

what is adware?

Answer 16

software that floods a user’s computer with unwanted advertising (usually pop-ups). (appear in browser address window redirecting to a fake website containing the promotional adverts) It can highlight weaknesses in a network’s security and it’s difficult to remove because it’s not considered harmful.

Question 17

what is ransomware?

Answer 17

programs that encrypt the data on a user’s computer (needs decryption key), key is sent to the user only once they pay some money. (Ransomware is often sent via a Trojan horse or by social engineering)

Question 18

what is pharming?

Answer 18

malicious code installed on a user’s computer or web server without the user knowing. Doesn’t need an action to able it. (often uses DNS cache poisoning which is using fake IP addresses to take the browser to the fake website)

Question 19

what is phishing?

Answer 19

sending out legitimate looking emails to users. It requires the user to take action to initiate the phishing attack (like clicking on a link). Then the user’s browser is taken to a fake website where personal information can be stolen

Question 20

what is social engineering?

Answer 20

when a cybercriminal creates a social situation that can lead to a victim dropping their guard. it manipulates people into breaking their normal security procedures. No hacking is required because the user willingly gives the cybercriminal access and information to carry out an attack. Its an effective way to introduce malware to a device.

Question 21

what is access levels?

Answer 21

levels of access that are each protected by a username and password. Access levels are used by social network sites in privacy settings to protect a user against dangerous activity

Question 22

what are 2 types of anti-malware?

Answer 22

anti-virus and anti-spyware

Question 23

what is authentication

Answer 23

ability of a user to prove who they are. Passwords (and usernames) are the most common form of authentication

Question 24

what is automatic software updates?

Answer 24

contains patches that may include updated virus checkers, software improvements, and bug fixes

Question 25

what is checking the spelling and tone of communications and URL links?

Answer 25

users should do these action when received an email:
-look for suspicious links (destination address should match up with everything else)
-check spelling for errors (fake -> amazon)
-check tone of message and language used
-check email addresses

Question 26

what is firewalls?

Answer 26

software or hardware that sit between the user’s computer and an external network to defend the computer system

Question 27

what is privacy settings?

Answer 27

controls available on web browsers, social networks, and other websites to limit who can access and see a user’s personal profile (data).
features:
-do not track setting (stops websites collecting browsing data
-checking if payment methods have been stored on websites (don’t need to type in financial details every time a website is visited
-privacy options
-advertising opt outs (preventing unsolicited adverts from websites)
-preventing apps sharing your location

Question 28

what is proxy-servers?

Answer 28

intermediate between a user and a web server
features:
-filtering internet traffic
-blocking access to websites
-keeping user’s IP addresses secret
-can block requests from certain IP addresses
-prevent direct access to a web server by sitting between user and server
-get attacked instead of the web server (more secure web server)
-directing invalid traffic away from server
-using cache to speed up access to a website
-can act as a firewall

Question 29

what is secure socket layer (SSL) security protocol

Answer 29

type of protocol used by computers to communicate securely with each other across networks. When user logs onto a website, data is encrypted.

Question 30

what are processes involved in the aim of carrying out a range of cyber security threats? [8]

Answer 30

-brute-force attack
-data interception
-distributed denial of service (DDoS) attack
-hacking
-malware (virus, worm, Trojan horse, spyware, adware, ransomware)
-pharming
-phishing
-social engineering

Question 31

what are a range of solutions that are used to help keep data safe from security threats? [9]

Answer 31

-access levels
-anti-malware (anti-virus and anti-spyware)
-authentication (username and password, biometrics, 2-step verification)
-automating software updates
-checking the spelling and tone of communications
checking the URL attached to a link
-firewalls
-privacy settings
-proxy-servers
-secure socket layer (SSL) security protocol

Question 32

what are 5 differences between the internet and the WWW?

Answer 32

Internet: -not only for web pages and older than WWW. uses infrastructure, Its a network of networks.

WWW: -part of the internet, came after the internet, contains websites and browsers and uses hyperlinks

Question 33

what is http

Answer 33

hypertext transfer protocol. set of rules that must be obeyed when transferring files across the internet.

Question 34

what is https

Answer 34

hypertext transfer protocol secured

Question 35

what is the process of retrieval and location of web pages?

Answer 35

1) type URL, browser asks DNS server for IP address of website
1.5) DNS server 1 asks 2, 2 gives information to 1
2) IP address is sent back to user’s computer
3) computer sets up a communication with the website server and required pages are downloaded, HTML files are sent from website server to computer, computer browser interprets the HTML, and displays information on user’s computer

Question 36

what are cookies?

Answer 36

small files or code stored on a user’s computer, that is sent by a web server to a browser on a user’s computer.

Question 37

what is war driving (access point mapping) (data interception)

Answer 37

intercepting wifi signals

Question 38

who are packet sniffers?

Answer 38

those who intercept data by examining all data packets on a network and read the data being moved across the networks

Question 39

what is ethical hacking?

Answer 39

employees that the company hired to try and hack into their systems to check how strong their security is

Question 40

what is anti-spyware?

Answer 40

software that detects and removes spyware using rules and file structures (looking for certain features associated with spyware and looking for file structures common to spyware software)

Question 41

what are 6 general features of anti-spyware?

Answer 41

-detecting and removing spyware from user’s HDD/SSD
-preventing the downloading of spyware
-encrypting files to make data more secure in case spyware becomes installed on user’s computer
-encrypting keyboard strokes
-blocking access to user’s webcam and microphone if suspicious activity is detected
-scanning for signs that the user’s personal information is being stolen and warning the user

Question 42

what are 3 factors used in authentication?

Answer 42

-something you know (pin, password)
-something you have (mobile phone, tablet)
-something unique to the user (biometrics)

Question 43

passwords should:

Answer 43

-be changed regularly
-not easy to guess
-strong

Question 44

what are 4 ways pharming attacks can be mitigated against by?

Answer 44

-modern browsers alerting the user to potential phishing and pharming attacks
-running up to date virus checkers that will look for malicious codes stored on the user’s computer or the web server
-checking the spelling of websites to see if they’re genuine
-getting information about the email sender by clicking on the information symbol. the actual email address from the sender will indicate whether or not it is from a genuine source

Question 45

what are 5 common types of social engineering threats?

Answer 45

-instant messaging (malicious links)
-scareware (fake antivirus that looks real) (pop up messages)
-emails/phishing scams (redirecting browser to a fake website using legitamite looking links)
-baiting (plugs infected stick and downloads malicious malware)
-phone calls (fake professional calls user and advise to download a special software and the cybercriminal then gets access to personal information and takes over device)

Question 46

what are biometrics?

Answer 46

type of password that are based on unique human characteristics like:
-fingerprint scans
-retina scans
-face recognition
-voice recognition
application:
-door security systems
-unlocking mobile phones

Question 47

2 step verification

Answer 47

method of authentication where 2 different types of authentication are needed to identify someone

Question 48

what are 5 main features of firewalls?

Answer 48

-examining the traffic between the user’s computer and an external network
-checking if incoming and outgoing data meets criteria. If failed, traffic is blocks and user is received a warning
-keeping a list of unwanted IP addresses
-help prevented viruses or hackers
-maintaining a log to know the activity activity

Question 49

when are 3 times were firewalls aren’t useful?

Answer 49

-if user’s own hardware bypass the network’s firewall
-employee misconduct or carelessness (poor control of passwords)
-stand alone computers (disabling firewalls

Question 50

what are SSL certificates?

Answer 50

form of digital certification used to authenticate a website. Used during online banking, cloud storage, instant messaging, etc…