5.3 A - Data Security Flashcards
What are all the types of diff cyber security threats (8)
» brute force attacks
» data interception
» distributed denial of service (DDoS) attacks
» hacking
» malware (viruses, worms, Trojan horse, spyware, adware and ransomware)
» phishing
» pharming
» social engineering.
What is a brute force attack
a ‘trial and error’ method used by cybercriminals to crack passwords by finding all possible combinations of letters, numbers and symbols until the password is found
What is a word file
a text file containing a collection of words used
in a brute force attack
What is data interception
what is used
an attempt to eavesdrop on a wired or wireless network transmission often using packet sniffing or access point mapping / wardriving
What does a packet sniffer do
Examines packets being sent over a network to find the contents of a data packet, which are sent back to the cybercriminal
What is wardriving
other name
Using a laptop, antenna, GPS device and software to intercept Wi-Fi signals and illegally obtain data
aka access point mapping
What is a WEP
wired equivalency privacy - an algorithm for wireless networks to protect them against data interception by encrypting the data
What is a DOS
what can it prevent the user from
Denial of Service - An attack where the normal operation of a website is disrupted by flooding it with requests.
prevent users from:
accessing their emails
accessing websites/web pages
accessing online services (eg banking)
What is a DDOS
Distributed Denial of Service - a denial of service (DoS) attack in which the fake requests come from many different computers, which makes it harder to stop
How to gaurd against a DOS and DDOS
» using an up-to-date malware checker
» setting up a firewall to restrict traffic to and from the web server or user’s computer
use a proxy server
» applying email filters to filter out unwanted traffic (for example, spam).
How to tell if you have been DDOS’d
» slow network performance (opening files or accessing certain websites)
» inability to access certain websites
» large amounts of spam email reaching the user’s email account.
What is Hacking
the act of gaining illegal access to a computer system without the owner’s permission
How to prevent hacking
Use of firewalls frequently changed strong passwords usernames Intrusion detection software Anti-hacking software
Encrypting data - doesn’t prevent hacking but makes data meaningless. Hackers can still delete it, corrupt it, or pass on the data.
what is malware
6 types of malware
malicious software that aims to delete corrupt or manipulate data illegally.
Viruses Ransomware Adware Spyware Trojan horse worms
What are viruses
Program or program code that replicates itself with the intention of deleting or corrupting files or by causing the computer system to malfunction
What is an active host
functioning software that a virus can affect by attaching itself to the code or by altering the code to allow the virus to carry out its attack
What are worms
Standalone malware that aim to corrupt whole networks not individual computers and don’t need an active host program or any action from the end-user.
How does worms spread through the network
They remain inside applications which allows them to move throughout networks.
They rely on security failures within networks to permit them to spread unhindered.
What is a Trojan horse
A program which is often disguised as legitimate software but with malicious instructions embedded within it.
How does a trojan horse work
Replaces all or part of the legitimate software with the intent of carrying out some harm to the user’s computer system.
Why are firewalls and other security measures useless against trojan horses usually
They rely on tricking the end-users and hence the user can overrule the security measures and initiate the running of the malware.
What is spyware
how is spyware countered
Gathers information by monitoring a user’s activities on a computer and sends the data back to the cybercriminal who sent out the spyware
Antispyware
What is adware
A type of malware that attempts to flood the end-user with unwanted advertising
What can adware do
» highlight weaknesses in a user’s security defenses
» be hard to remove – it defeats most anti-malware software since it can be difficult to determine whether or not it is harmful
» hijack a browser and create its own default search requests.