3.6 Flashcards
Define Cyber Security.
Cyber security consists of the processes, practices and technologies designed to protect networks, computers, programs and data from attack, damage or unauthorised access.
What is removable media?
Memory sticks and removable hard drives can pose two major threats to an organisation; data theft and virus infection.
What is pharming?(2)
Pharming is a technique that redirects a website’s traffic to another fake site by putting code on either your hard drive or on the actual server itself.
When you type in a genuine website address pharming redirects you to a fake website.
What are weak passwords?(2)
A weak password is one that is easily guessed, such as a word from a dictionary or a piece of personal data that can easily be found out about the user.
A strong password is one that has an uppercase and lowercase letter, number(s), and special character.
What are misconfigured access rights?
In organisations, user names are used to identify the access rights for each user. If these access rights are not carefully managed, they may create barriers to legitimate access or conversely allow some people into areas which they shouldn’t have access to.
What is unpatched or outdated software?
If software is outdated because users may not automatically update, there could be vulnerabilities in the code that means it will be easy to hack into.
Define social engineering?(2)
Social engineering is the art of manipulating people so they divulge personal information such as passwords of bank account details.
Social engineering includes the following techniques: blagging, phishing, shouldering.
What is blagging?(3)
Blagging is the act of knowingly obtaining or disclosing personal data or information without the consent of the controller.
For example, an employee could trick a colleague to tell them private information, saying that the need it in order to install something on their computer.
To prevent blagging, companies should provide security training to their employees so that they don’t fall for these tricks.
What is phishing?(2)
Phishing emails are designed to steal money, an identity or login details. It’s most common they come as an email or SMS text inviting you to click a link.
This can be prevented by always being aware of links in emails, often the emails may also have simple spelling and grammar mistakes.
What is shouldering?
Shouldering or shoulder surfing uses direct observation techniques to gain information such as passwords or data. It is most common as someone looking over your shoulder while you type in your PIN.
Define malware.
Malware is the term used to refer to a variety of forms of hostile or intrusive software.
Define computer virus.(2)
A computer virus is a program that is installed on a computer without your knowledge or permission with the purpose of doing harm.
Viruses include instructions to replicate between and on a computer.
What is Spyware?(2)
Spyware is software that gathers info about a person or organisation without their knowledge.
It is used to collect personal info, as well as change computer settings, or browser settings.
What is a Trojan?(2)
A Trojan is a program with masks itself as having a different purpose than it actually has. It is most commonly spread via email.
Trojans can cause crashes, spread malware, corrupt data or access sensitive info.
What is network forensics?(2)
Network forensics involves capturing, storing and analysing network events by using special software.
Network forensics can reveal who communicated with whom, when, how and how often.
