# Component 1.9 - Security And Data Management (Finished) Flashcards Preview

## Computer-Science GCSE Revision (Paper 1) > Component 1.9 - Security And Data Management (Finished) > Flashcards

Flashcards in Component 1.9 - Security And Data Management (Finished) Deck (96)
1
Q

What can be used to improve network security?

A

Encryption techniques, user access levels, suitable passwords

2
Q

What do user access levels do?

A

User access levels define which change/view selected stored data. It allows certain users read/write access to data on a computer system

3
Q

Why would user access levels be used on a network?

A

Certain users don’t need to access all data so user access levels are used to keep them from viewing/changing it. E.g. an administrator in a company should have access to all data but an assistant should not have access to confidential data

4
Q

A

Passwords are used to prove a person’s identity to a computer system allowing them access to it

5
Q

What is a brute force attack?

A

Using programs to try multiple password guesses in quick succession

6
Q

What is the problem with short, simple passwords?

A

Another user can easily guess them and a hacker could use a brute force attack

7
Q

How do you calculate the number of attempts needed to brute force a password?

A

Attempts = number if characters^password length

8
Q

What is a suitable password for network security like and why?

A

A suitable password should be long and use a combination of different characters (upper case, lower case, alphanumeric) as it will be harder to guess and take longer to brute force due to more characters available and a longer length

9
Q

What is encryption?

A

Encryption is the conversion of data using an algorithm into cyphertext that can’t be easily understood by people without the decryption key

10
Q

Which logical operator is often used for encryption?

A

XOR

11
Q

How is the xor logical operator used for encryption?

A

During encryption, the XOR logical operator is used on the data and a key. (If data is 10101010 and key is 11110000, you do 1 XOR 1, 1 XOR 0 and so on to get 01011010). The data is encrypted now.

12
Q

What is a ‘key’

A

A ‘key’ is a secure binary number, known only to the sender and recipient

13
Q

How is data encrypted using XOR decrypted?

A

The encrypted data can be XOR’d with the key once again to regain the original data

14
Q

What is compression?

A

Compression is the process of making a file size smaller

15
Q

What is the advantage if compression?

A

Compression allows for more data to be stored on the disk and for files to be transferred faster.

16
Q

What are the two primary compression methods?

A

Lossy and lossless

17
Q

What is lossless compression?

A

Lossless compression is a data compression technique using an algorithm to compress data into a form that can be decompressed at any time with no loss. (The file is returned to its exact original form)

18
Q

When is lossless compression used?

A

Lossless data compression is used when any loss of detail (e.g. word document) could have a

19
Q

Give an example of lossless compression?

A

Replacing ‘the’ in a word document with the character @

20
Q

What is lossy compression?

A

Lossy compression is a data compression technique that compresses the file size by discarding some data

21
Q

How is the compression ratio calculated?

A

Original file size / compressed file size

22
Q

What is lossy compression used for?

A

The compression of multimedia data (sound, video)

23
Q

What are network policies?

A

Network policies are documents written to outline the rules users are required to follow while using a computer network. Following publication, users need to adhere to the rules

24
Q

What are some typical rules set out in network policies?

A
• List of unacceptable types of websites
• Activities not allowed on the network (e.g. gambling)
• unauthorised software
25
Q

Give some examples of disasters covered by ‘disaster recovery’

A
• Fire, flooding
• hardware failure
• software failure
• malicious damage (hacking)
• accidental damage
26
Q

What are the three parts to a disaster recovery policy?

A
• Before the disaster
• during the disaster
• after the disaster
27
Q

What does the ‘before the disaster’ section of a disaster recovery policy include?

A

It includes risk analysis, preventative measures and staff training

28
Q

What does the ‘during the disaster’ section of a disaster recovery policy include?

A

The staff response - implementation of plans

29
Q

What does the ‘after the disaster’ section of a disaster recovery policy include?

A

Recovery measures, purchasing of replacement hardware, software reinstalling, restoring backup data

30
Q

What is a backup?

A

A backup is a copy of data that can be used if the original data is lost

31
Q

Why should regular backups be made?

A

The older a backup, the less likely it is to match current data stored on the computer system

32
Q

What does a backup policy do?

A

It sets out how often to backup and what backup medium to use

33
Q

What would a typical backup policy require?

A

That three different backups are kept at a given time, with one stored off sight

34
Q

What is the name given to the oldest (of three), second oldest (of three) and most recent backup?

A

Grandfather, father and son. If a new one is made all names shift, so father becomes grandfather, son father and new one son

35
Q

What is the three backup policy called?

A

The grandfather-father-son method

36
Q

What is archiving?

A

Archiving is the process of storing data that is no longer in current or frequent use

37
Q

Why is archived data (old no longer used data) held?

A

Archived data is held for security, legal or historical reasons

38
Q

Why is archiving done?

A

Archiving data frees up resources on the main computer system and allows faster access to data that is in use

39
Q

When is data archived?

A

When it is no longer in chrrent or frequient use

40
Q

What do attacks on online networks usually target?

A

Confidential data such as customers’ details or technical info about products etc

41
Q

What is cybersecurity?

A

Cybersecurity is the range of measures taken to protect computer systems, networks and data from unauthorised access or cyberattack.

42
Q

Name the types of malware used for cyberattacks?

A

Viruses, Worms, Spyware, Trojans

43
Q

What are Viruses?

A

Viruses are programs that can replicate themselves and be spread from one system to another by attaching themselves to host files.

44
Q

What are viruses used for?

A

Viruses are used to modify or corrupt information on a targeted computer system

45
Q

What are worms?

A

Worms are self-replicating programs that identify vulnerabilities in operating systems and enable remote control of the infected computer

46
Q

How does a computer become infected by spyware?

A

47
Q

What is spyware used for?

A

Apyware is used to collect stored data without the user’s knowledge

48
Q

What is a trojan?

A

A trojan is a program that appears to provide a useful function but provides a ‘backdoor’ that allows data to be stolen

49
Q

What are keyloggers?

A

Keyloggers are a type of spyware used to track keystrokes

50
Q

Why are keyloggers used to track keystrokes?

A

Keyloggers can be used to capture passwords, account numbers etc for fraudulent use

51
Q

What does anti-virus software/virus protection software do?

A

Anti-virus software is loaded into memory when the computer is running. It monitors activity on a computer system for the signs of virus infection

52
Q

How does an anti-virus software detect viruses?

A

Each virus has its own unique ‘signature’, known to virus protection software and stored in a database. Data stored on a computer system is scanned and compared to signatures in the database to see if any of the virus signatures within the database exist on the computer system

53
Q

Why does virus protection software need to be updated regularly?

A

New viruses are created every day, so databases of virus protection software need to be updated to combat these

54
Q

How can you protect against malware?

A
• Instal, virus protection software
• Use a firewall
• Keep your operating system updated
• use latest web browser versions
• look out for phishing emails
55
Q

What is a firewall?

A

A firewall is a software or hardware security system that controls the incoming and outgoing network traffic

56
Q

How does a firewall determine if packets of data should be allowed through or not?

A

A firewall monitors where data has come from and where it is going to and determines if communication is allowed by checking a list of pre-defined rules

57
Q

Why does updating the operating system protect against malware?

A

New ways to bypass the operating systems’ security are often discovered, so by installing security patches they can be covered up

58
Q

How does using the latest version of a web browser help protect against malware?

A

The manufacturers of web browsers seek to improve their products and remove (possible) security vulnerabilities. By installing updates you are covering up previously possible vulnerabilities.

59
Q

What should be done if you suspect you have malware on your computer?

A

You should run a malicious software removal tool that should detect and remove malware not blocked by the anti-virus software

60
Q

Give 3 forms of cyberattack?

A
• shoulder surfing
• SQL injection
• DoS attack
• Social engineering
61
Q

What is shoulder surfing?

A

Shoulder surfing is using direct observation to get information

62
Q

How does the cyberattack shoulder surfing work?

A

Direct observation is used to get a PIN number, details from a form etc. Watching someone enter personal information

63
Q

How does the cyberattack ‘SQL injection’ work?

A

Malicious users can inject SQL commands into an SQL statement (database request) via web page input. These injected SQL commands can alter SQL statements and compromise the security of information held in a database

64
Q

What is a DoS attack?

A

A DoS attack is a cyberattack that attempts to make a website and servers unavailable to legitimate users, by swamping/spamming a system with fake requests - usually to try and exhaust server resources

65
Q

What is the difference between a DoS and DDoS attack?

A

A DoS (Denial of service) attack involves a single internet connection. However a DDoS attack (Distributed denial of service) is launched from multiple connected devices distributed across the internet

66
Q

Why are DoS/DDoS attacks useful?

A

DoS attacks can be used as a distraction to cover up another attack. By flooding the network infrastructure with high volumes of traffic, IT staff could be distracted and not notice another ongoing attack

67
Q

What are the three password based attacks?

A

Dictionary attacks, brute force attacks, educated guessing

68
Q

How does a dictionary attack work?

A

Dictionary attacks use a simple file containing words found in a dictionary containing common passwords. The attacker uses exactly these kinds of words since many people use them as their passwords

69
Q

How does IP address spoofing work?

A

In IP address spoofing, an attacker changes the IP address of a legitimate host so that a visitor who types it is taken to a fraudulent disguised web page. That page can then be used to steal sensitive data or install malware.

70
Q

How does the cyberattack ‘social engineering’ work?

A

Social engineering involves tricking a user into giving out sensitive information such as a password, by posting as a legitimate system administrator (e.g. scam emails)(phishing)

71
Q

What is pharming?

A

Pharming is where users are unknowingly re-directed to a fake website used to steal data

72
Q

What is phishing?

A

Phishing is an attempt ot acquire users’ details using fake emails and webpages

73
Q

What is Ethical hacking?

A

Ethical hacking is hacking carried out with the permission of the system owner to search for weak points

74
Q

How does ethical hacking work?

A

In ethical hacking a hacker is permitted by the system owner to cover all computer attack techniques. They attempt to bypass system security and search for weak points that could be exploited by malicious hackers. The information is then used by the owner to improve security

75
Q

What is footprinting?

A

Footprinting is the first step in the evaluation of the security of a computer system, involving gathering all information about it

76
Q

How does footprinting help improve system security?

A

Footprinting involves gathering all available information about a computer system or network and devices attached to it. This enables a penetration tester to discover how much detail a potential attacker could find out about a system. This allows an organisation to limit the technical information publicly available

77
Q

What is ethical hacking?

A

Ethical hacking is hacking carried out with permission from the system owner to cover all computer attack techniques

78
Q

How does ethical hacking help improve data security?

A

An ethical hacker will attempt to bypass system security and search for any weak points exploitable by malicious hackers. This information can then be used by the system owner to improve their security system.

79
Q

What is penetration testing?

A

Penetration testing is a sub set of ethical hacking that deals with the process of testing a computer system or network to find vulnerabilities

80
Q

What are the four four penetration testing strategies we should know?

A

Targeted testing, external testing, internal testing, blind testing

81
Q

How does the ‘blind testing’ penetration test strategy work?

A

In blind testing, the information given to the term performing the test is limited to simulate the actions and procedures of a real attacker

82
Q

What happens in the ‘targeted testing’ penetration test strateg?

A

The testing is carried out by the organisation’s IT team and penetration testing team working together.

83
Q

Why would the external testing strategy for a penetration test be used?

A

External testing is used to find out if an outside attacker can get in and how far they can get in once they have found access

84
Q

Why would the internal testing penetration test strategy be used?

A

The internal testing strategy is used to find out how much damage a dissatisfied employee could cause

85
Q

What is ‘secure by design’?

A

Secure by design is an approach seeking to make software systems as free of vulnerabilities through measures such as continual testing and adherence to best programming practices

86
Q

What is the benefit of security issues being taken into account and corresponding security measure being considered during design in ‘secure by design’?

A

This ensures that security is not an afterthought, reducing the need for addressing vulnerabilities and patching security holes discovered in use.

87
Q

What are some examples of attacks prevented during design and testing?

A

Buffer overflow attacks, permissions, scripting restrictions, accepting parameter without validation

88
Q

What is a buffer overflow?

A

A buffer overflow occurs when a program tries to store more data in a buffer (temporary data storage area) than it was intended to hold

89
Q

How do buffer overflow attacks work?

A

In a buffer overflow attack, a buffer overflow may intentionally be caused, where the overflow data may contain codes designed to change data or disclose confidential information

90
Q

How can a buffer overflow attack be prevented?

A

Through thorough testing, particularly of any library routines used

91
Q

How can malicious practices using permissions be prevented with ‘secure by design’ strategy?

A

App developers need to consider the scope of access and limit the number of permissions required at the design stage for their app

92
Q

What is Same Origin Policy (SOP)?

A

Same Origin Policy is a security measure that prevents a web site’s scripts from accessing and interact in with scripts on other sites

93
Q

Why is accepting parameter without validation a security issue?

A

If inputs submitted to (dynamically generated) HTML webpages are not validated on the way in to another page, maulicious script can be embedded within inputs which could then appear to browsers as originating from a trusted source

94
Q

A

Cookies are data stored on a computer system

95
Q

What do cookies allow websites to do?

A

Cookies can allow websites to store a small amount of uniquely identifying data on your computer system while you are visiting them.

96
Q