Secuirty

Question 1

What is phishing?

Answer 1

social engineering attack where attacker masquerades as a trusted entity to steal data

Question 2

Traditional secuirty procedures

Answer 2

Use strong passwords, control access to data and systems, installing reliable antivirus software

Question 3

What is asynchronous encryption type

Answer 3

RSA. 1024-2048 bits in length. Slower process, incomparable security. Used in email certificates, SSL/TLS certificates

Question 4

What are some common security threats?

Answer 4

Phissing
Typo Squatting
DNS typo poisening
SQL Injection
Trojan Hourse
DDOS

Question 5

What is phishing?

Answer 5

social engineering attack where attacker masquerades as a trusted entity to steal data. Typically refers to an email that looks like it came from a trusted source

Question 6

What is an SQL Injection?

Answer 6

Modify sql requests such as putting an SQL query in a text field.

Question 7

What is a trojan horse?

Answer 7

software pretending to be something else to gain access

Question 8

What is a worm?

Answer 8

Malware that replicates itself

Question 9

How do we mitigate or prevent these threats from happening?

Answer 9

Network segmentation, intrusion detection systems, intrusion prevention systems, reduce insider threat

Question 10

What is DNS cache poisoning?

Answer 10

Changing the DNS cache so a user is sent to the wrong website.

Question 11

What is an example of a cyber attack?

Answer 11

Man-in-the-middle - an attacker positions himself in a conversation between a user and an application or user and another user to eavesdrop of impersonating with the goal of stealing data.

Question 12

What is identity management?

Answer 12

a framework of policies and technologies to ensure that the right users have the appropriate access to technology resources