Fundamentals of cyber security Flashcards

1
Q

Define the term cyber security, describe the main purposes of cyber security

A

Cyber security consists of the processes, practices and technologies designed to protect networks, computers, programs and data from attack, damage or unauthorised access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Explain what is meant by social engineering techniques

A

Manipulating people to give away confidential information. Blagging is the act of creating and using an invented scenario to engage a targeted victim in a manner that increases the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances
Phishing is a technique of fraudulently obtaining private information, often using email or SMS
Pharming: cyberattack where websites traffic is redirected to a fake site
Shouldering: viewing private information over someone shoulder

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Explain what is meant by malicious code

A

Malware, SQL injections, backdoors, logic bombs. Any code that does something malicious: modify, delete and steal data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain what is meant by weak and default passwords

A

Passwords that are easy to guess, with minimal combination of letters, numbers and symbols. They are rarely/never changed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Explain what is meant by misconfigured access rights

A

When people are given permissions they shouldn’t have e.g. when a student has a teacher account. The user i

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Explain what is meant by removable media

A

External devices that contain malware which may be automatically installed with autoplay, it can bypass firewalls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Explain what penetration testing is and what it is used for

A

Penetration testing is the process of attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Explain what penetration testing is and what it is used for

A

Penetration testing is the process of attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access. Organisations employ specialists to simulate potential attacks on their network. It is used to identify possible weaknesses and try to exploit then.
A white-box penetration test is to simulate a malicious insider who has knowledge of and possibly basic credentials for the target system.
A black-box penetration test is to simulate an external hacking or cyber warfare attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is social engineering?

A

Social engineering is the art of manipulating people so they give up confidential information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is malware?

A

Malware is an umbrella term used to refer to a variety of forms of hostile or intrusive software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Describe what a trojan is

A

Malware disguised as legitimate software. They don’t replicate like viruses and worms - they install them without realising they have a hidden purpose.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Describe what spyware is

A

Secretly monitoring user actions e.g. key presses and sends information to the hacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Describe what adware is

A

Software that automatically displays or downloads advertising material such as banners or pop-ups when a user is online

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are biometric measures?

A

They are measures of human characteristics, they are used as identifications and access controls e.g fingerprints, eye and voice recognition. They are distinctive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are password systems?

A

System that prevents unauthorised users accessing the network. Passwords should be strong - they should contain a mixture of letters, numbers and symbols and it should be regularly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is CAPTCHA?

A

A measure used to determine whether a user is human, it prevents spam being sent and is used on websites when you log on. Initial texts could be read so now pictures are used.

17
Q

What is an email confirmation?

A

It confirms a users identity to ensure they are an actual person

18
Q

What are automatic software updates/

A

Prevents the issue of unpatched and outdated software so anti-malware software is up to date