LO1 Flashcards
(22 cards)
What is meant by cyber security
Technologies, processes and practices used to protect networks, programs, computer systems and data from being attacked, damaged and prevent unauthorised access
What is integrity
Ensuring data is kept upto date, accurate, fit for its intended purpose and trustworthy
What is confidentiality
Ensuring data is only accessible to those who are authorised to do the data
What is availability
Ensuring data is made avaliable for those who are authorised when the data is required
What is GDPR
General data protection regulation, protects the privacy of data for people in the EU that is processed by organisations and stored on computers
6 Principles of GDPR
Data must be collected lawfully
Data must be used only for reasons specified
Data must be relevant and not excessive
Data must be up to date/ Accurate
Data must be secured securely
Data must not be stored longer than required
Name types of cyber security incidents
Unauthorised access Information disclosure Inaccessible data Destruction Theft
What is unauthorised access and what types of unauthorised access is there
Gaining access to computer systems, networks and data without permission
- Hacking
- Escalation of privileges
What is hacking
Illegally using a computer to access information stored on another computer
What is escalation of privileges and the two forms of it
obtaining rights to access and edit information that normal users do not normally have
- Horizontal
- Vertical
What is vertical escalation of privileges
Finding flaws in the security system/ operating system to increase levels of unauthorised access
What is horizontal escalation of privileges
Gaining access to other users areas by stealing their username and passwords
What is information discourse
Information passed to another person, organisation without permission from the owner
What is inaccessible data and the two examples of inaccessible data
Data that is not available to those with authorisation
- Account lockout
- denial of service
What is account lock out
account is locked due to many failed log in attempts
What is denial of service
Attack to shut down a computer system making it inaccessible
What is destruction and two ways destruction can be done
Permanent deletion of data
- Malware
- Deliberate erasure
What is Malware
Software including viruses, trojan and spyware used to steal, encrypt or delete data
What is deliberate erasure
data deleted from a computer system on purpose and without owner permission to cause problems for an individual or organisation
What is theft
Stealing computer based information from an un known victim with the intent of compromising privacy or obtaining confidential information
Cyber security protects…
Personal data such as financial date, identity
organisations data such as financial date or intellectual property
States data such as national security, economic plans
Why is cyber security importants
Cyber crime is on the rise so cybersecurity is in place to fight and reduce cyber crime making the online world more safer and secure
Cyber crime causes damage therefore cyber security is in place to protect against all damages such as financial, health and safety and reputational damage
cyber security can help build trust as for organisations customers want a trustworthy organisation to securely store their personal information if there is no trust then people are less likely to use the organisation
