Chapter 7 (abigail)

Question 1

What is cybercrime?

Answer 1

Cybercrime is defined as using a computer to commit a crime. People involved in cyber crime are regarded as cyber criminals. Apart from planting viruses, cyber crime also incudes theft of personal information, stealing money from credit cards & theft of company data that could be sold to competitors.

Question 2

Describe hacking as a threat to cyber security:

Answer 2

A hacker is a person who gains unauthorised access to a computer with the intention of corrupting data stored on a hard drive/file server or to steal data.

Question 3

Describe pornography as a threat to cyber security:

Answer 3

Pornography is often used as a means of hiding malware. When an employee downloads adult content they are increasing the risk of organisation data being corrupted by a virus or stolen by an unauthorised user.

Question 4

Describe cyber stalking as a threat to cyber security:

Answer 4

Where individuals se technology to harass others, eg by sending inappropriate emails or making inappropriate comments on social media

Question 5

Describe data theft as a threat to cyber security:

Answer 5

The theft of customer records to obtain personal details which are then used o commit identity fraud such as credit card or passport applications.

Question 6

Describe denial of service as a threat to cyber security:

Answer 6

A malicious attack on a network, eg disrupting connections to a web sever preventing users from logging on to access their data or email accounts because access to the internet is denied.

Question 7

Describe digital forgery as a threat to cyber security:

Answer 7

Intentionally and false letting digital content, eg pictures and documents. For example changing a passport photograph and/or names to sell on to a criminal who wishes to enter a country.

Question 8

Describe cyber defamation as a threat to cyber security:

Answer 8

Using the internet with the intention to damage the reputation if a person or organisation by posting slanderous messages using mediums like electronic forums or bulletin boards

Question 9

Describe spamming as a threat to cyber security:

Answer 9

Sending bulk junk emails such as adverts for products. Consequently, the users email inbox becomes overloaded, as the spam emails take up a large portion of the bandwidth. Time is also wasted opening & reading such emails.

Question 10

Describe phishing as a threat to cyber security:

Answer 10

Sending emails that appear to be from a reliable source. These emails often ask the user to update their personal information by clicking a hyperlink to a webpage. This information will hence be used by hackers for the purpose of identity theft.

Question 11

What is malware?

Answer 11

Malicious software that is downloaded onto a computer unintentionally via the internet, email attachments or even by connecting a portable storage device eg a USB . Malware can be annoying & can also threaten the computer’s security. Computer systems are under constant threat from malware.

Question 12

Name 5 types of malware:

Answer 12

Viruses, Trojan Horses, Worm, Key Logger, Spyware

Question 13

Describe viruses:

Answer 13

-Can enter through the network by browsing the internet, opening email attachment nets, via a USB storage device, etc.
-Can store itself automatically on a computer hard drive as a hidden file.
-Can be activated when a certain program is opened or a predetermined condition is met, eg a certain date.

Question 14

Describe Trojan horses:

Answer 14

-Gains entry to a user’s computer ‘in disguise’
-Tricks the user by encouraging them to open& download a software program that they require.
-Once installed, some Trojans and do serious damage eg deleting files

Question 15

Describe worms:

Answer 15

-Spreads around a computer system by replicating itself.
-Spreads around a network without the need to be attached to any document or program.
-Requires bandwidth, which could result in slower data transmission speeds.

Question 16

Describe a key logger:

Answer 16

-A program that is designed to record keyboard activities performed by users (keystrokes).
-These are saved as a log file & sent to the person who created the program.
-Main purpose is to steal personal information from users (eg bank details).

Question 17

Describe spyware:

Answer 17

-Software that is secretly installed in a user’s computer from the internet.
-Trolls user activities, gathering useful information like credit car & password details used on net sites.

Question 18

Describe data encryption:

Answer 18

-Encryption uses special software to encode or ‘scramble’ data before it’s transmitted.
-Makes the data illegible and meaningless if intercepted.
-Users with the encryption key software can unscramble the data when it arrives at its destination.

Question 19

Describe usernames & passwords:

Answer 19

-Users on a network are allocated a unique user ID and a randomly generated password.
-Users are required to change passwords regularly by the network software to enhance security.
-Each time a user logs on, the system checks their user ID and password against a database of user details.
-Network software can disable the user ID for a period of time after unsuccessful log on attempts.

Question 20

Describe access levels:

Answer 20

-Users are allocated different levels of access to files (eg in a school or office).
-Access rights can be classified as ‘read only’, ‘read & copy’ or ‘read & write’.
-Access rights are stored in a table linked to the user ID & password.

Question 21

Describe back up:

Answer 21

-If data is lost or becomes corrupted, the network should have a method of recovering the data.
-A file backup ensures that a copy of the data can be loaded or restored onto the system if the original is lost or corrupted (eg in the event of a fire).
-Network backups are usually automatically scheduled to run at certain times (eg at the end of the day)

Question 22

Describe firewalls:

Answer 22

A firewall can be a hardware device or a software program. It monitors and filters data entering or leaving a network. It uses security settings or rules that block data which does not comply with the
organisation’s security policy from entering. At the same time it allows data that does comply with the security policy to enter or leave. A firewall can prevent activities that may affect the network’s performance, for example:
• hackers from entering the network via the internet
• viruses and spam from entering or leaving the network via the internet
• users/computers within the network from uploading or downloading
undesirable data to and from the internet.
Firewall software can produce reports detailing unauthorised access attempts
and web addresses that do not comply with the organisation’s security policy.

Question 23

Describe the role of a protocol in data transfer:

Answer 23

-Computers on a network must be able to communicate with each other to allow data to be sent and received.
-In simple terms, they must be able to ‘speak the same langauge’.
-A communications protocol is an agreed standard set of rules for sending or receiving data in a network which allows computers to

Question 24

What is TCP/IP?

Answer 24

-Transmission Control Protocol/ Internet Protocol
-Uses the router to ensure that data travels in the correct network path to arrive at the correct computer.

Question 25

What is FTP?

Answer 25

-File Transfer Porotcol -Widely used and allows user to send and receive files on the internet. - Also used to send software updates to network devices (examples where necessary) -To ensure data is sent in a secure way, data is encrypted and usernames and passwords are used ti prevent unauthorised access ti the file server.

Question 26

What is HTTP?

Answer 26

-Hypertext transfer protocol -Used by the WWW to identify and transfer webpages using the internet. -When a user enters a URL into the browser, this protocol sends a command to the web server to request the required webpage. -If the page cannot be located (maybe it has been deleted or the user inputted the address incorrectly) the HTTP will report an error back to the user. -These error messages are referred to as ‘status codes’ eg ‘404, file not found’

Question 27

What is HTTPS?

Answer 27

-Hypertext Transfer Protocol Secure -Similar to HTTP but uses a SSL (secure socket layer) to ensure data is transmitted securely. -Designed to allow access to a secure web server for secure data communication. -Uses encryption for sending data and decryption for receiving it. -Its main use is financial application such as e-commerce where payment transactions are managed on the WWW. -Exolain differences between HTTPS & HTTP where necessary.

Question 28

What is the difference between HTTP and HTTPS?

Answer 28

-While using HTTP, it is possible to intercept data; an individual could gain access to a customer’s personal bank details eg credit card number. -When using HTTPS, an individual could still gain access to the personal data. -However, it would be scrambled and therefore meaningless due to the encryption and the usage of a SSL (secure socket layer). -Web browsers display a padlock icon on screen to indicate the webpage currently in use is secure.

Question 29

What does SSL mean? What is it used for?

Answer 29

Secure socket layer. Encryption by HTTPS.

Question 30

Which data protocol encrypts data when sending it and decrypts it when receiving it?

Answer 30

HTTPS

Question 31

Which protocol is responsible for the command sent to request a webpage when a user enters a URL?

Answer 31

HTTP

Question 32

Which protocol allows users to send and receive files in the internet?

Answer 32

FTP

Question 33

Which protocol sends software updates to network devices?

Answer 33

FTP