security Flashcards Preview

computer science > security > Flashcards

Flashcards in security Deck (43)
Loading flashcards...
1
Q

what is malware ?

A

Malware is any type of harmful program that seeks to damage or gain unauthorised access to your computer system

2
Q

virus

A
  • can replicate itself
  • and spread from system to system by attaching itself to infected files
  • only activated when opened by a human
  • once activated , it can change data or corrupt a system so that it stops working
3
Q

worm

A
  • can replicate itself
  • and spread from system to system by finding weaknesses in software
  • does not need an infected file or human interaction to spread
  • can spread very quickly across a network once it has infiltrated it
4
Q

what is a trojan?

A
  • a harmful program that looks like legitimate software so users are tricked into installing it
  • secretly ives the attacker backdoor access to the system
  • do not self replicate or infect other files
5
Q

what is spyware ?

A
  • secretly records the activities of a user on a computer
  • aim of spyware is to record usernames, passwords and credit card information
  • all recorded information is secretly passed back to the attacker to use
6
Q

keylogger

A
  • secretly records the key presses of a user on a computer.
  • data is stored or sent back to the attacker
  • aim of keylogger is to record usernames, password and credit card information
  • keyloggers can be downloaded or plugged into the USB port
7
Q

ransomware?

A
  • locks files on a computer system using encryption so that a user can no longer access them
  • the attacker demands money from the victim to decrypt (unlock) the data
  • attackers usually use digital currencies like bitcoin which makes it hard to trace them
8
Q

what is phishing ?

A
  • the method of misleading individuals or organizations into sharing sensitive information , often through the use of emails
  • phishers may pose as trusted company like amazon or YouTube to direct users to open malicious attachments or encourage them to follow fraudulent links to steal their data
9
Q

what is social engineering?

A
  • the means to trick others into revealing their personal data by posing as a trusted source
  • e.g. impersonating an IT technician of a school via email and asking for a student’s username and password
10
Q

what is interception?

A
  • when data packets on a network are intercepted by a third party (e.g hacker) and copied to a different location than the intended destination.
  • software called packet sniffers are used to intercept and analyse data packets
11
Q

what software is used to intercept and analyse data packets ?

A

software called packet sniffers are used to intercept and analyse data packets

12
Q

what is physical theft?

A
  • computer systems or storage devices may be stolen in public or from offices
  • unwanted systems and storage media should be disposed of securely as data could be stolen from discarded information, such as old CDs or even printed paper
13
Q

what is hacking ?

A
  • the method of exploiting weaknesses in a system or network to create, view, modify or delete files without permission.
  • A hacker is anyone who gains access to data or systems that they do not have authority to access
14
Q

what does DoS and DDoS stand for?

A

denial of service attack

distributed denial of service attack

15
Q

what is a DoS attack?

A
  • when a computer repeatedly sends requests to a server to overload the system
  • a server overload will slow the system and may take websites offline temporarily
16
Q

what is a DDos Attack?

A
  • a coordinated attack using a botnet of infected systems to overload a server with requests.
  • A botnet is a large group of devices controlled and used maliciously by an attacker
17
Q

what does SQL stand for?

A

Structured Query Language

18
Q

what is an SQL injection?

A
  • SQL is a programming language used for manipulating data in databases
  • SQL injection is when a malicious SQL Query (command) is entered into a data input box on a website
  • if the website is insecure then the SQL query can trick the website into giving unauthorised access to the website’s database
  • An SQL injection can be used to view and edit the contents of a database or even gain administrator privileges
19
Q

What is brute force attack?

A
  • in order to break a password , every possible combination is tested in order from start to finish
  • This is not a quick method but it should break the password eventually and can be sped up if multiple computer systems are used at the same time
20
Q

What is IP Address Spoofing ?

A
  • when an attacker changes the IP address of a legitimate host so any visitors to the URL are instead taken to a spoofed (fake) web page
  • This web page is used to record any inputted data (e.g usernames and passwords) and send it back to the attacker
  • The spoofed web page can also be used to install malware
21
Q

what is network forensics ?

A
  • the monitoring of a network to identify unauthorised intrusions
  • network forensics is used to record and analyse attacks on a network and to gather other information about how the network is performing
  • it is important for organisations to identify weaknesses in their networks so that they can fix them and be prepared for any type of attack or malware
22
Q

what is footprinting?

A
  • a method of evaluating a network’s security
  • when a security team puts itself in the attacker’s shoes by obtaining all publicly available information about the organisation and its network
  • footprinting allows the company to discover how much detail a potential attacker could find out about a system
  • the company can limit the technical information about its system that is publicly available
23
Q

what are penetration tests?

A
  • carried out as part of ethical hacking
  • ethical hacking is when a. organisation gives permission to specific ‘good ‘ hackers to try and attack a system so that the weak points can be highlighted and then fixed
  • the purpose of penetration tests is to review the system’s security to find any risks or weaknesses and to fix them
24
Q

what is ethical hacking ?

A
  • ethical hacking is when a. organisation gives permission to specific ‘good ‘ hackers to try and attack a system so that the weak points can be highlighted and then fixed
25
Q

what are internal tests?

A

internal tests are carried out to see how much damage could be done by someone within the company with a registered account

26
Q

what are external tests?

A
  • are for white hat hackers to try and infiltrate a system from outside the company
27
Q

what are blind tests?

A

are carried out with no inside information , to stimulate what a real attacker would have to do to infiltrate a system

28
Q

what are targeted tests ?

A

conducted by the company’s IT department and the penetration team cooperating together to find faults in the system

29
Q

what is anti-malware software?

A
  • used to locate and delete malware, like viruses , on a computer system
30
Q

how does anti-malware software work?

A
  • the software scans each file on a computer and compares it against a database of known malware
  • files with similar features to malware in the database are identified and deleted
  • new forms of malware are created each day by attackers, so anti-malware software must be regularly updated to keep the system secure
31
Q

other roles of anti-malware software :

A
  • checking all incoming and outgoing emails and their attachments
  • checking files as they are downloaded
  • scanning the hard drive for viruses and deleting them
32
Q

what is a firewall and how does it work?

A
  • a firewall manages incoming and outgoing network traffic
  • each data packet is processed to check whether it should be given access to the network by examining the source and destination address
  • unexpected data packets will be filtered out and not accepted to the network
33
Q

other roles of firewall :

A
  • blocking access to insecure/malicious websites
  • blocking certain programs from accessing the internet
  • blocking unexpected / unauthorised downloads
  • preventing specific users on a network accessing certain files
34
Q

what is double authentication also known as ?

A

two-factor authentication (2FA)

35
Q

what is double authentication ?

A
  • a method of confirming someone’s identity by requiring two forms of authorisation e.g. password and pin code sent to your mobile
36
Q

describe secure passwords as a method of protection

A
  • usernames must be matched with a secure password to minimise the chances of unauthorised users accessing a system
  • passwords should contain a mix of uppercase and lowercase letters , punctuation and numbers
  • password should be a substantial length (at least 8 characters) and should be regularly changed
37
Q

why are user access levels used?

A

so only certain users can access and edit particular files

38
Q

what is read-only access?

A

when a user can only view a file and is not allowed to change any data

e.g a teacher may set instructions as read-only for students to view

39
Q

what is read and write access?

A

allows a user to read and edit the data in. a file

e.g a teacher may set an online workbook as read and write access for students to fill in

40
Q

why is it important to set access levels?

A

so that only authorised users can view and change data.

the more users who have access to a file to the more likely it is to be compromised

41
Q

what is encryption ?

A

the process of scrambling data into an unreadable format so that attackers cannot understand it if intercepted during transmission

42
Q

how does encryption work?

A

the original data( plaintext) is converted to scrambled ciphertext using an encryption key
- only at the correct destination will the encryption key be used to convert the ciphertext back into plaintext to be understood by the receiving computer

43
Q

what is an example of a simple method of encryption?

A

the XOR logical operator

  • xor is used on the plaintext and key together to create the ciphertext.
  • using XOR gain on the ciphertext and key will reverse the encryption to reveal the plaintext