Computer security and ethics Flashcards Preview

Computer science > Computer security and ethics > Flashcards

Flashcards in Computer security and ethics Deck (23):
1

What is hacking, what are its effects, and how can it be prevented?

Hacking is the act of gaining illegal access to information on the computer. It can be obtained through hacking into a computer system, or into someone's account.

Effects include corruption of data, identity theft, theft of other private information, etc.

Firewalls, strong passwords, and anti-hacking software can be used as a method of prevention.

2

What are viruses, what are its effects, and how can it be prevented?

They are programs that can replicate themselves in order to corrupt or delete files, or causes the computer to malfunction.

It can cause applications and the computer system as a whole to crash. It can cause corruption of files, theft of information, and render hardware useless.

Installing anti-virus software, and taking care when dealing with the internet.

3

What is phishing, what are its effects, and how can it be prevented?

Practice of sending out emails, seemingly from reputable companies, in order to trick users into giving their personal information away.

It can lead to misuse of private information, as well as to transferring virus or other dangerous software into the victim's computer.

Use a filter for emails; be cautious

4

What is pharming, what are its effects, and how can it be prevented?

Practice of sending Internet users to a bogus website, as a result of malicious code installed in their computers, that mimics a reputable one, in order to obtain private information from them.

It can lead to misuse of private information, as well as to transferring virus or other dangerous software into the victim's computer.

Anti-spyware software

5

What is wardriving, what are its effects, and how can it be prevented?

Locating and using illegally wireless internet connection.

Theft of personal information, using up someone's internet connection

WEP encryption, strong passwords for wifi networks , firewalls

6

What is key-logging software, what are its effects, and how can it be prevented?

Software that gathers information about a person by monitoring the presses on the user's keyboard

Theft of personal information, the computer system may be ruined

Anti-spyware software, Taking caution, Do not type important passwords

7

What is a firewall?

It is a software/hardware that blocks unauthorized access to the user's information and files via the internet.

8

What are the things a firewall can do?

1. Checking incoming and outgoing data against a set of filters. If the data does not meet the criteria, the user is given a warning.

2. Keeps a list of all undesirable IP addresses.

3. Prevents hackers and viruses into the user's computer

4. If the software or hardware of the user's computer is trying to access an external source, the user is given a signal, so that they can choose whether to permit or not.

9

What are the things a firewall cannot do?

1. It cannot prevent users from using their own modems to bypass the firewall.

2. It cannot control use of accounts and passwords.

3. There is nothing it can do if users disable the firewall.

10

What is a proxy server and what are its functions?

It is an intermediary through which internet requests are processed.

It can act as a firewall.
It can keep the user's IP address a secret.
They speed up users access to websites through using caches.
They filter internet traffic.

11

What is SSL?

It is a security protocol that makes sure that all information transferred between a web browser and server is encrypted, and therefore safe.

12

How does SSL work?

1. User types a URL since they want access to a website.

2. The web browser connects with the website and requests that it identifies itself.

3. The web server responds by sending an SSL certificate to the browser.

4. If the browser can authenticate the certificate, it sends a message to the server to let communication begin.

5. The server acknowledges the message and the two-way encrypted data transfer begins.

13

What is TLS?

TLS is a predecessor of the SSL system, it provides better security.

14

How does TLS work?

It makes sure that during an exchange or data transfer, there is no hacking.

15

What are the layers that TLS is made of, and what are the functions of each?

1. Record protocol - It is responsible for securing data and verifying integrity and origin.

2. Handshake protocol - Establishes a secure session by authenticating the web server.

16

What are the differences between SSL and TLS?

1. TLS can be extended by adding new authentication methods.

2. TLS makes use of Session Caching, improving the overall performance.

17

What is session caching?

The TLS uses connection data from an existing session to carry out its function. This greatly reduces time taken.

18

What is encryption?

Encryption is converting data into a code so that unauthorized access is prevented.

19

What is symmetric encryption?
What is the problem with this type of encryption?

It is a form of encryption where only a single encryption key is used for encrypting data.

The main problem with this type of encryption is the key distribution problem - the sender has to send the key to the receiver, but that involves security threat, which can be avoided by using an algorithm to generate an encryption key.

20

What is asymmetric encryption?
What is the problem with this type of encryption?

It is a form of encryption where a pair of keys, one a public key and the other a private key, to encrypt and decrypt data.

There is a possibility of interception of keys, which makes the encryption process less secure. To overcome this problem, hashing algorithms are used so that the keys are impossible to break into.

21

What is authentication? What are the different ways it is done?

Authentication is used for verifying that data comes from a trusted source. It can be done through passwords, digital signatures, and biometrics.

1. Passwords - Usernames and passwords are requested by sites in order for users to gain access to them.

2. Digital signatures - Digital codes that are attached to an electronically transferred document to verify tis content's and source.

3. Biometrics - Fingerprint scans, retina scans, face and dice recognition

Fingerprints - Compares the patterns of ridges and valleys

Retina scans - Infrared scans the unique pattern of blood vessels in retina.

22

What is denial of service attack?
What are its effects?
How can a user get security against this attack?

It is an attempt at preventing users from gaining access to a network, such as the internet. When the access to websites is slow or not possible at all, or when large amounts of mails are being sent, it can be a sign that there is a potential DoS.

The hackers can gain access to users' emails and bank accounts, which is a major security threat.

Use of an updated anti-virus software.
Firewall
Email filters

23

How do banks protect their customers from security threats?

When users are logging into a banking website:

1. Users are given a long unique code that they are asked to provide when they open the website. This code is encrypted for safety purposes.

2. They may be asked to input 3 random digits from their PIN and/or password.

3. Some systems use hand held devices, into which cards are inserted and PIN is given. The device generates an 8 digit code which much be the same as that received by the bank.

4. Questions about the users are asked, and after that they are taken to the website.