5.3 Cyber Security Solutions

Question 1

What is a firewall?

Answer 1

• A firewall can be software (installed on pc) or hardware (on router)
• It helps prevent unauthorised access to a network or device
• Checks incoming and outgoing data/traffic meets specific criteria

Question 2

Explain how a firewall works

Answer 2

• Checks incoming and outgoing data/traffic meets specific criteria
• Acts as a filter for incoming and outgoing traffic
• Keeps a log of activity e.g. website requests
• Blocks unacceptable data and allows acceptable data through e.g.
  
  • … certain websites (IP addresses) can be blocked
  • … prevent malware can be blocked
  • … certain ports can be blocked
  • … can prevent hackers accessing the network

Question 3

Firewalls … True or False?

• Firewalls are only available as hardware devices
• Firewalls allow a user to set rules for network traffic
• Firewalls will automatically stop all malicious traffic
• Firewalls only examine traffic entering a network
• Firewalls encrypt all data transmitted on a network
• Firewalls can be used to block access to certain websites

Answer 3

Firewalls are only available as hardware devices (False)
Firewalls allow a user to set rules for network traffic (True)
Firewalls will automatically stop all malicious traffic (False)
Firewalls only examine traffic entering a network (False)
Firewalls encrypt all data transmitted on a network (False)
Firewalls can be used to block access to certain websites (True)

Question 4

Explain how a a proxy server can act as a firewall.

Answer 4

• Prevents direct access to a web server
• Used to direct invalid traffic away from the webserver
• Examines and filters traffic
• Rejects requests for data from the web server if invalid

Question 5

State some functions of a proxy server

Answer 5

• Caches websites (fast - no need to reconnect )
• Used to hide the user IP address
  
  • Requests are anonymous
  • Requests/responses are passed through the proxy server
• Firewall: Can filter outgoing/incoming requests for data e.g. Sensornet

Question 6

Encyption: What is plain text?

Answer 6

Message data before it is encrypted

Question 7

Encyption: What is cipher text?

Answer 7

Message data after it has been encrypted

Question 8

Describe the process of encryption

Answer 8

• An encryption algorithm is used
  
  • … to scramble the data (make it not understandable)
• The original data is called the plain text
• A key is used to encrypt the data
• The key is applied to the plain text
• Plain text is encrypted into cipher text

Question 9

Describe the process of decryption

Answer 9

• An algorithm is used to decrypt the text
• The encrypted data is called the cipher text
• A key is used to decrypt the data
• The key is applied to the cypher text
• Cypher text is encrypted into plain text

Question 10

What are the main uses of encryption?

Answer 10

• To store information securely
• To transmit messages securely

Question 11

Why do we use encryption?

Answer 11

To make data meaningless if intercepted or stolen

It does not stop it from being stolen!!

Question 12

Describe symmetric encyption

Answer 12

• Symmetric encryption uses …
  
  • an encryption algprithm and
  • a single shared key
• The same key is used to encrypt and decrypt

Question 13

Describe the problem associated with symmetric encryption

Answer 13

• When sending symmetrically encrypted data …
  
  • the key must be sent seperately to the cipher text
• If the key is intercepted when being transmitted it is …
  
  • easy to decrypt cipher text with the algorithm and the key

Question 14

Data is encrypted using a 64 bit key. How can we improve the security of the encryption.

Answer 14

• Increasing the length (number of bits) of the key e.g. 8 bit to 64 bit
  
  • …means there are more possible combinations for the key
  • …and less chance of decryption by bruteforce

Question 15

Describe asymmetric encryption

Answer 15

• Asymetric encryption (also known as public key encryption) uses
  
  • an encryption algorithm and
  • a public key and
  • a private key
• Everyone has their own public and private key
  
  • Private key is kept secret, public key is freely available
• A message encrypted with a public key
  
  • … can only be decrypted
  • … with a private key
• A message encrypted with a private key
  
  • … can only be decrypted
  • … with a public key

Question 16

What is a disadvantage of asymmetric encrption?

Answer 16

Slower than symetric encryption and decryption

Question 17

Asymetric encryption can be used to pass symmetric keys securely. Explain the stages of this process.

Answer 17

• The sender (User A) applies a symrnetric key to encrypt the message
• The symmetric key is then encrypted by the sender (User A) using the public key of the receiver (User B)
• The sender (User A) sends the encrypted message and encrypted key over the internet
• The receiver (User B) decrypts the symmetric key by using their own private key
• The decrypted symmetric key is now used to decrypt the message sent by user A

Question 18

What is SSL and TLS?

Answer 18

• SSL = secure socket layer
• TLS = transport layer security
• They are both security protocols
• Both are used to encrypt data
  
  • … to provide a secure connection
  • … for the transmission of personal data

Question 19

TLS and SSL have 2 layers. What are they?

Answer 19

• Handshake layer - exchanges information
• Record Layer - handles data and encryption

Question 20

How is TLS different to SSL?

Answer 20

• TLS is the updated version of SSL
• TLS is more secure than SSL
• TLS allows for session caching - to connect quicker
• TLS can be extended by adding new authentication methods

Question 21

How do we know TLS or SSL is being used in a browser?

Answer 21

• Protocol being used is https
• Padlock icon is locked
• You can view the website certificate

Question 22

How does SSL/TLS work when a browser requests a connection to a web server?

Answer 22

• Browser requests web server to identify itself
• Web server sends its digital certificate to the brwoser
• Browser authenticates the digital certificate
  
  • … which contains the websites public key
• Once authenticated a connection is established…
  
  • The browser uses the public key to encrypt and send a symmetric session key
  • The web server decrypts the symmetric session key with its private key
  • The symmetric session jey is then used to transmit data securely
• If not authenticated …
  
  • .. a warning message is shown
  • .. open padlock is shown

Question 23

Where is SSL/TLS used?

Answer 23

• cloud storage
• video conferencing
• gaming
• email
• shopping
• banking

Question 24

What is authentication?

Answer 24

• Authentication is used to verify data …
  
  • … comes from a trusted source

Question 25

What is a hashing algorithm?

Answer 25

• Plain text is passed to a hashing algorithm …
  
  • … which generates some hashed text
• The process is one-way
  
  • … you cannot calculate plain text from the hashed text
• The process is repeatable
  
  • .. you always get the same hashed text from the plain text

Question 26

What are Digital Signatures?

Answer 26

• A digital signature is an authentication mechanism that enables the creator of the message to attach a code that acts as a unique signature (like a finger print)
• Based on asymmetric encryption
• Used to authenticate an electronic document
• Uses a hashing algorithm

Question 27

How are digital signatures used?

Answer 27

• The message (data file) is put through a hashing algorithm (function) to generate a hash (text)
• The generated hash (text) is encrypted with the senders private key to get a digital signature
• The message and digital signature are sent to the receiver over the internet
• The receiver puts the message through the same hash algorithm to generate its own hash (text)
• The digital signature is decrypted using the senders public key to get the original hash (text)
• The original hash (text) is compared to the receivers calculated hash (text)
• If the hashes are the same then the it is verified and has not been altereted

Question 28

What is meant by “Access Levels” when talking about cyber security?

Answer 28

Different user accounts control a users permissions

This often involves having different levels of access

e.g. In a database different users will be able to view/edit/delete different tables

Question 29

Describe the main features of anti-virus software

Answer 29

Scans existing files for virus and checks software/files before they are downloaded or executed
Uses a database of known viruses for comparison
Can constantly run in background
Can run scheduled scans
Automatically updates virus definitions
Can quarantine or delete a virus

Question 30

Describe the main features of anti-spyware software

Answer 30

Detects and removes spyware already installed on a device
Uses rules and file structures to detect spyware
Prevents a user from downloading spyware
Encrypted files to make the data more secure
Blocks access to a user’s webcam and microphone

Question 31

Give some examples of things you should look out for when receiving emails/URL’s from unknown sources

Answer 31

You should check the spelling in the email and in the links
You should check the tone of the language used is appropriate
You should check the email address is legitimate
You should check the spelling of the domain name e.g. Amozon
You should check a secure protocol is used e.g. https

Question 32

State 3 different ways of authenticating a user logging on to a computer system

Answer 32

Usernames and passwords

Biometrics e.g. fingerprint scans, retina scans, facial recognition, voice recognition

Two-Step Verification - requires two methods of authentication to verify e.g. a pass code sent by text after logging in