Theory - Cybersecurity

Question 1

Encryption key

Answer 1

Data used to encrypt or decrypt data

Question 2

Hacking

Answer 2

Any attempt to gain unauthorised access to a computer system
Can target either a computer system itself or system’s users

Rootkit malware used by hackers to alter access levels to devices - hard to remove as it becomes embedded in the device’s OS

Question 3

Social engineering

Answer 3

Attacks on users
Trying to exploit user rather than system using techniques such as phishing and shoulder surfing
Person is exploited into giving away critical information that gives access to network or accounts

Question 4

Anti-malware software

Answer 4

Used to DETECT and REMOVE MALWARE on a computer system

Question 5

Threat of data being intercepted can be reduced by…

Answer 5

encrypting data so that if it is intercepted it cannot be read

Question 6

CAPTCHA

Answer 6

Technology intended to determine that a human and not a computer program is accessing a website

Question 7

Penetration testing

Answer 7

Attempt to hack into a system to test how secure it is
Improves security by highlighting security flaws that need to be fixed
Hacking authorised by network owner

Components of a good penetration test:
Technical vulnerabilities
Test of damage recovery

Question 8

Phishing

Answer 8

BAIT is used - email that looks legitimate or is an attractive offer to prompt the user to follow a link to a fake website
Involves attacker faking their identity

Eg. attempts to prompts users to go to a fake web page to enter their details

Question 9

Malware

Answer 9

MALICIOUS SOFTWARE designed to cause intentional damage to a computer system
Anti-malware software is used to detect and remove malware on the system

Question 10

Why is data encrypted

Answer 10

Threat of data being intercepted can be reduced
Method of obscuring data so that it cannot be read if it is intercepted
If it is intercepted it cannot be read

Question 11

Brute-force

Answer 11

Repeatedly guessing a password until access is granted to system
Attempts to crack a password by trying every combination of letters and numbers

Dictionary attacks - use list of commonly used passwords or standard words in a dictionary

Question 12

Penetration testing

Answer 12

Attempting to hack a system on PURPOSE to identify SECURITY WEAKNESSES which can then be reported and fixed

Question 13

User access levels

Answer 13

Help to reduce the impact of any attacks that occur
If a hacker manages to get an employee’s password they will only be able to access part of system

Stop users from accessing services on the system that they do not normally need access to, so insider attacks would be reduced

Question 14

Cyber security

Answer 14

Process of ensuring networks and computers are SAFE from UNAUTHORISED ACCESS

Question 15

Implant

Answer 15

Technology that is carried inside the body,
rather than simply on the body, such as a watch

Question 16

Biometric

Answer 16

Fingerprints and retinal images are examples of this type of information

Question 17

Pharming

Answer 17

When a website is spoofed, eg. a spoof banking website that looks identical to original
Involves using malware to alter IP address of a real website to direct user to a fake website
Malware being introduced to user’s computer or a server, e.g. a bank
Used to re-direct users to a fake website

Redirecting web traffic bound for a legitimate site to a fake, but still convincing, site

Question 18

Blagging (pretexting)

Answer 18

Perpetrator approaches a specific individual with an INVENTED STORY to persuade target to give out PRIVATE INFORMATION or access

Question 19

Malicious Insider / White-Box Testing

Answer 19

Test of computer system whereby an internal cyber-attack is simulated
Insider attack - When someone in an organisation gives away access details or sensitive information

Question 20

Shouldering

Answer 20

Watching people enter passwords or PINs

Question 21

Firewall

Answer 21

Network security device that monitors and filters incoming and outgoing network traffic based on an organisation’s previously established security policies
Barrier that sits between a private internal network and the public Internet
Prevents unauthorised data from leaving or entering the network

Software firewalls are programs installed on computers
Hardware firewalls are physical firewalls such as a linkeye server, that stops any unauthorised traffic from entering the network

Packet filtering firewall is a network security technique that regulates data flow to and from a network.
Security mechanism that allows packets to move across networks while controlling their flow through the use of a set of rules, protocols, IP addresses, and ports

Question 22

Patching

Answer 22

Process of ensuring that software updates have been installed

Question 23

Interception

Answer 23

When data is stolen as it is being transferred across a network

Question 24

Trojan

Answer 24

Malware which is hidden in legitimate software

Question 25

Active attack

Answer 25

When someone uses MALWARE or other technical methods to COMPROMISE a network’s security

Question 26

Passive attack

Answer 26

When a hacker eavesdrops on a network by ‘sniffing’ data packets

Question 27

Denial of service (DoS) attack

Answer 27

Tries to bring down a server by flooding it with many useless requests
Attack aims to overload the server - stops the server responding to legitimate requests

To protect against DoS attacks:
A server’s firewall can blacklist (ban) any traffic from an IP address which is known to perform DoS attacks
Firewalls can also monitor traffic in real time. So if a new IP address starts to send too much traffic then traffic limits can be set

Distributed denial of service attack:
Where multiple devices all send a DoS attack at the same time to a certain server

Question 28

Black box penetration testing

Answer 28

Done outside of an organisation
System administrator might pay an outside organisation to attempt to gain access to their systems in a controlled way
Allow system administrators to experience a ‘practice’ attack which is very similar to a real attack

Question 29

White box penetration testing

Answer 29

Test is done INSIDE an organisation
System administrators will test how vulnerable the system is against someone with knowledge of the system, and possibly a user account with low access rights
This will help to PREVENT insider attacks

Question 30

Spyware

Answer 30

Monitors keystrokes to find out passwords