Cybersecurity Flashcards
What is a firewall?
A firewall can be defined as a block or filter that prevents some external
items from entering a system. This firewall was placed at the gate of
a company’s digital infrastructure and, much like a security guard, prevents any potentially
harmful elements from entering.
What are potential security threats?
Threats of note would include malware, which is software intended
to cause harm or discord. Ransomware, which prevents an organization
from accessing its own applications. Denial of service, which bombards a system
with requests so that it cannot respond to legitimate digital requests and
spam related activities. These attacks are typically clicked or
triggered and access a company’s internal system.
The other category consists of various, less common attacks, such as a browser hijacker. This is software that alters a user’s web browser without permission, usually to direct the user toward a particular website.
What is a concern in the threat landscape?
This added to the complexity of defending
a system due to the need to increase the level of external access that
is required for remote work. The proliferation of remote access tools,
which allow workers to access an organization’s
network content from outside. And the practice of bring your own devices
has drastically expanded the threat landscape. Reducing the efficacy of firewalls and giving potential attackers far
more scope for infiltration. Much like the security
guard mentioned earlier, firewalls typically relied on there
being a limited number of entry points.
What is adware?
adware, which is a type of software that frequently shows ads to a user and is typically installed through deceit or without consent.
What are the type of Trojans?
Exploit Trojans
Downloader Trojans
Ransom Trojans
Backdoor Trojans
What are signs of suspicious email?
Unusual sender address
Errors in grammar or punctuation or spelling
Subject incorrect or unfamiliar
Panic or immediate urge to action
Suspicious URL link
What is ransomeware?
approach to cybercrime that is designed to cause disruption to services. This approach is featured frequently in the news due to the scope of impact.
The methodology behind these types of attacks is to gain access to a system and lock out the legitimate owner until a demand has been met. One approach to best mitigate against this type of attack is to ensure that no external actors gain access to your system. Best practices for achieving this include the following:
Use strong passwords. A strong password is one that is difficult to guess and typically would include a mix of characters, numbers, and symbols.
Keep your system up-to-date with the latest security patches.
Ensure that only people with authorization for a system can use its system.
What is a botnet attack?
A bot can be defined as an online software program that performs automated and repetitive tasks. They are a means of creating a Denial of Service to an organization. It could be described as a full scaling of the walls, as depicted below.
These attacks are orchestrated so that a system is plagued with innumerable requests for information and services. These requests can come from any capable devices on the Internet of Things (IoT) that have an IP address. The IoT relates to devices online and will be covered in more detail later.
This type of attack can be coupled with the trojan attack, when some of the code maliciously embedded in a system is used to make the request of another system. In this way, an attacker makes use of someone else’s digital resources to negate the resources of a targeted victim. One defensive approach to mitigate against these types of attacks is to monitor network traffic for suspicious activity. If a particular source is identified as making repeated calls that impact the operations of a system, then this address can be blocked. However, more sophisticated approaches must be employed when a variety of compromised systems are used.
