2.3.2 Cyber Security Flashcards
What are the legal and professional responsibilities in identifying threats
Preventing and mitigating damaged caused by malicious or deliberate attacks require a multi-layered approach
Types of advanced viruses/scams
Brute force attacks
Cross-site Scripting
Cross-site request forgery
Buffer overload
Remote code execution
Directory traversal
Types of normal viruses/scams
SQL Injection
Man in the middle attacks
DDos attack
Social engineering
Types of Cyber defences
Firewalls
Encryption
Access control
Anti-virus software
Patches and updates
Backups
User education
Network segmentation
VPN
Types of Hackers
Black hat - Illegal (unauthorised access with malicious intent)
White Hat - Legal (Hired to try to hack businesses)
Grey Hat - Similar to Black hat but without malicious intent
Types of firm Security measures
Encryption
Firewall
Anti-virus software
Hierarchical access levels
Define cryptography
The practice of securing communication and data through the use of algorithms
Techniques of cryptography
Symmetric key
Asymmetric key
Hash junctions
Digital signatures
Types of Biometrics
Fingerprint, facial, voice, eye(iris), signature recognition and behavioural biometrics
Benefits of biometrics
Increased security
Convenience
Reduced fraud
Increased accuracy
Drawbacks of biometrics
Privacy concerns
Technical limitations
Cost
Bias and discrimination
What is a tracert
A network diagnostic pool used to track the path taken by data packets from a source computer to another computer
What is IP address Masking
the process of hiding or changing the real IP address of
a device or network to appear as if it originates from
a different location or device.
What is a “whois”
A protocol and database system that stores information about registered domain names and the associated organisations and individuals.
