Chapter 7: Cyber Security

Question 1

Causes of data corruption and loss

Answer 1

1. Human error
2. Power failure
3. Hardware failure or damage
4. Malicious software or viruses

Question 2

Human error

Answer 2

Storage devices may be accidentally damaged during transport

Make regular backups of data
Use adequate protection when transporting storage devices

Question 3

Power failure

Answer 3

If the power supply to a computer fails, data in the process of being written to a storage device may be corrupted and data that is stored in volatile memory but not yet written to a storage device will be lost

Make regular backups of data
Set up a uninterruptible power supply (UPS) so storage devices can complete any write operations in case of a power failure

Question 4

Hardware failure or damage

Answer 4

All magnetic, optical and solid-state storage device can fail, either due to overuse, manufacturing deflects or age

Make regular backups of data
Check storage devices regularly and replace them immediately when signs of failure are detected

Question 5

Malicious software or viruses

Answer 5

Some malicious software may purposely damage and corrupt data as a way of attacking the computer

Make regular backups of data
Install anti-virus and anti-spyware software, as well as perform regular scans and updates

Question 6

When does unauthorised access occurs?

Answer 6

1. Poor authentication
2. Poor access control or authorisation
3. Poor understanding of privacy policies

Question 7

What is authentication?

Answer 7

The process of verifying the identity of a user

Question 8

Authentication Factors

Answer 8

1. Own
2. Know
3. Unique

Question 9

Ways to prevent authentication

Answer 9

PASSWORDS
Keep passwords secret and safe
BIOMETRICS
Choose an appropriate biometric measurement that is difficult to replicate
SECURITY TOKEN
Keep security token in a secure location at all times

Question 10

Ways to prevent access control or authorisation

Answer 10

FILE PERMISSIONS
Use file permissions in combination with encryption
FIREWALL
Configure the firewall to block traffic from certain well-known harmful programs
ENCRYPTION
Keep secrete keys private and safe

Question 11

Ways to prevent understanding of privacy policies

Answer 11

SOCIAL NETWORKING SITES

Read and fully understand the privacy policy of the social networking site

Question 12

Cookies

Answer 12

A small file used by websites to store personal information on a users web browser

Although not malicious in nature, cookies are sometimes misused to collect personal information about users

Question 13

Pharming

Answer 13

The interception of requests sent from a computer to a legitimate website and redirected to a fake website to steal personal data or credit card details

The stolen data can then be used for unauthorised access to even more of the victim’s data

More difficult to detect then phishing as the fake website users the same address as the real website

Question 14

Phishing

Answer 14

The use of emails and fake websites that appear to be from reputable companies to steal personal information such as passwords and credit car numbers from users

The stolen data can then be used for unauthorised access to even more of the victims data

Question 15

Spamming

Answer 15

The mass distribution of unwanted messages or advertising to email addresses which are collected from sources such as public mailing lists, social networking sites, company websites and personal blogs

Question 16

Spyware

Answer 16

A hidden program that secretly collects personal information about its users and transmits this information to attackers without the users’ knowledge

The collected data can then be used for unauthorised access to even more of the victims data

Question 17

Trojan horse

Answer 17

A computer program that pretends to be a harmless file or useful application

Once a trojan horse is run, it does something harmful such as giving intruders unauthorised access to the computer instead

Question 18

Unauthorised access

Answer 18

The use of data owned by someone by someone else, such as an instruder, without permission.

Can lead to identity theft, stolen money and public embarassment

Question 19

Virus

Answer 19

A computer program that attaches itself to a normally harmless program and modifies it

When the modified program is run by a user, the virus attaches copies of itself to any other programs it can find, thus “infecting” them

Question 20

Worm

Answer 20

A computer program that runs automatically and attempts to spread by sending copies of itself to other computers

Unlike a virus, a worm does not need to attach itself to an existing program

Question 21

Firewall

Answer 21

A device or computer program that prevents unauthorised access to or from a private network

Question 22

Encryption

Answer 22

Process of encoding a message so that a secret key is needed to decode the data

Question 23

How to prevent privacy and security threats

Answer 23

1. Install Anti-virus and Anti-spyware programs
2. Update software regularly
3. Identify pharming
4. Identify phishing
5. Manage cookies
6. Manage spam

Question 24

Anti-virus and Anti-spyware

Answer 24

ANTI-VIRUS
Software to detect, remove and stop viruses and other malware from running
ANTI-SPYWARE
Software to detect, remove and stop spyware and other malware from running
BOTH
Used to:
1. Detect when malware is about to run and stop it
2. Detect malware that is already running and try to stop it
3. Scan the user’s storage and email to detect and remove malware

Question 25

Identify pharming

Answer 25

1. Regularly check bank, debit or credit card and other statements to ensure all transactions are legitimate
2. Regularly update web browsers and the software running on network hardware so that all knowned bugs are fixed

Question 26

Identify phishing

Answer 26

1. The email uses a generic greeting such as “Dear Customer” or “Dear User” . This is a sign that the email was sent automatically and not by a person
2. The email has inaccurate logos, gramatical and spelling errors that suggest it is not from a legitimate source

Question 27

Manage spam

Answer 27

Look out for options to off email updates and participation in mailing lists when signing up for or changing the settings of an online account. Many sites leave such options on by default and additional effort is needed to off them

Question 28

Copyright

Answer 28

The legal right of owners to control the use and distribution of their intellectual property

Question 29

Intellectual property

Answer 29

Creations of the mind that have value but can exist purely as data with no physical form

Question 30

Types of software licences

Answer 30

1. Public domain software
2. Free and open-source software (FOSS)
3. Proprietary software
4. Freeware and shareware

Question 31

Public domain software

Answer 31

Software where the legal protections that are typically granted to intellectual property have either expired, been surrended of simply inapplicable

Question 32

Free and open-source software (FOSS)

Answer 32

Software where users are given freedom to change, copy, study and share the software and its source code

Question 33

Proprietary software

Answer 33

Commercial software for which most of the legal protections under copyright are retained

Question 34

Freeware and shareware

Answer 34

FREEWARE
Proprietary software that is available for use at no cost
SHAREWARE
Demonstration software that is distributed for free but for a specific evaluation period only

Question 35

Copyright infringement

Answer 35

Use or distribution of copyrighted work without the permission if the copyright owner

Question 36

Software piracy

Answer 36

Crime of copying, distributing and/or using proprietary software in a manner that is not permitted by its licence

Question 37

How to avoid commiting software piracy

Answer 37

1. Check and follow the website’s terms and conditions
2. Limit reproduction of a copyrighted work to 10%
3. Consider using public domain material instead

Question 38

Plagiarism

Answer 38

Passing off someone else’s original work as one’s own