Topic D - Protecting Data and Information

Question 1

What does antivirus do?

Answer 1

Detect any suspicious programs and remove them before they can cause problems.

Question 2

How does antivirus detect malware?

Answer 2

Scanning newly added files and software, as well as through regularly scheduled scans of storages devices connected to your system.

Question 3

What will take anti virus longer?

Answer 3

Size of storage device
Amount of data being used
How defragmented hard disk is
Applications running
Existing malware

Question 4

What is a firewall?

Answer 4

Monitors the traffic coming into and out of your computer systems via it ports over a network to look for anything suspicious.

Question 5

How do firewall prevent harm?

Answer 5

Blocks off any suspicious data.

Question 6

What is malicious software?

Answer 6

A computer program that is designed to harm or gain unauthorised access to a computer system.

Question 7

What are the 4 types of malware?

Answer 7

Viruses
Worms
Trojans
Spyware

Question 8

What are viruses?

Answer 8

A program that copies and insert itself into programs running on your computer system (spreads when programs/data is attached and passed to another system).

Question 9

What are worms?

Answer 9

A program that copies and inserts itself into programs running on your computer system (spread through a network and find security holes in systems to gain access).

Question 10

What are trojans?

Answer 10

A harmful program that masquerades as a legitimate software application (spreads by users downloading it thinking its a program).

Question 11

What is a spyware?

Answer 11

A malicious program that monitors user activity for the purpose of stealing personal information.

Question 12

What impact does malware have on individuals and organisations?

Answer 12

Can be used to corrupt and delete data on IT systems, which mean they have to spend time recovering data from backups.

Question 13

What is a hacker?

Answer 13

Someone who gains unauthorised access to a computer system.

Question 14

What are white hat hackers?

Answer 14

They test systems for security flaws by attempting to gain access to help check the security procedures of an organisation.

Question 15

What is the impact of hackers on individuals and organisations?

Answer 15

Unauthorised access can be used to steal financial, personal or business information.
The data can also be used for blackmail.

Question 16

What is meant by the term phishing?

Answer 16

Where emails or messages are sent to pretend to be from a reputable company but in fact they are not instead they are a malicious user who have the purpose to gain personal or financial information.

Question 17

What is the impact of phishing on individuals/businesses?

Answer 17

The personal or financial information obtained can be used for stealing money or identity fraud or hacking into the business.

Question 18

What is accidental damage?

Answer 18

Where IT systems or data are harmed through human error, such as dropping a device or accidentally overwriting important files.

Question 19

What 7 techniques are there for protecting data?

Answer 19

File permissions
Access levels
Backup and recovery procedures
Passwords
Physical access controls
Digital certificates
Protocols

Question 20

What does file permissions do?

Answer 20

You can set who can access the files and what they can do with them.

Question 21

What 3 files permissions can you set?

Answer 21

Read only
Write only
Full control

Question 22

What is read only?

Answer 22

Files can be opened and viewed, but not edited.

Question 23

What is read/write?

Answer 23

Files can be opened, viewed, edited, modified and deleted.

Question 24

What are access levels?

Answer 24

Control what software, data and services a user can access.

Question 25

What is the highest access level?

Answer 25

Administrator access.

Question 26

What is administrator access?

Answer 26

A user can access all folders with full control, alter the permissions of other users and can install and delete software.

Question 27

What can the lowest access level do?

Answer 27

A user can only access a limited number of files and the software they need to do their job.

Question 28

What are backups?

Answer 28

Involves taking a copy of the data and storing it in a secondary location.

Question 29

What three types of backups are there?

Answer 29

Full backups Incremental backup Differential backup

Question 30

What is a full backup?

Answer 30

A complete backup of all your data.

Question 31

What is an incremental backup?

Answer 31

A backup of only the data that has changed since the previous backup.

Question 32

What is differential backup?

Answer 32

A mixture of a full backup and an incremental backup.

Question 33

What does physical access controls do?

Answer 33

Prevent unauthorised users from gaining access to our IT systems.

Question 34

What are 4 examples of physical access controls?

Answer 34

Access cards Keypad access control Biometric Electronic locks

Question 35

What are access cards?

Answer 35

Cards that must be scanned to unlock rooms.

Question 36

What are keypad access controls?

Answer 36

A system that requires a passcode to gain entry to a room.

Question 37

What are biometric access controls?

Answer 37

A system that scans biometric data to gain access to a room.

Question 38

What are electronic locks?

Answer 38

To lock and unlock doors electronically when sent signals from the above access controls systems.

Question 39

What are digital certificates?

Answer 39

Used to authenticate a user as the owner of a public key so they can use public key encryption.

Question 40

What is the 2 important contents to a digital certificate?

Answer 40

Digital signature | Public key

Question 41

What is a digital signature?

Answer 41

Verifies the sender identity

Question 42

What is the public key?

Answer 42

Used to encrypt data when sending it to the website.

Question 43

What are protocols?

Answer 43

A set of rules that defines a method for transmitting data between different devices over a network.

Question 44

What are the 2 security protocols?

Answer 44

SSL | TLS

Question 45

What do the security protocols allow us to do?

Answer 45

Send data securely over the internet using encryption.

Question 46

What are the 4 tools used for protecting data?

Answer 46

Antivirus Firewalls Encryption Legislation and Codes of Practices

Question 47

What are 3 common features you see in antivirus software?

Answer 47

Scheduled scans (can be set automatically). Full scans on entire hard disk. Scanning of all fires opened (known as real time protection).

Question 48

What are 3 disadvantages of antivirus software?

Answer 48

Needs to be regularly maintained and updated as new viruses are found. Doesn't offer total protection as new malware programs being written. Can slow down PC/network performance (take up hard disk space, memory, processing power).

Question 49

What are 3 common features of a firewall?

Answer 49

``` Content filtering (used for security/productivity purposes). Controlling which programs can access the LAN/internet. Intruder detection/prevention (identifies/stops hacker from gaining access to network or computer system). ```

Question 50

What is 3 disadvantages of firewalls?

Answer 50

Diminishes performance of the network. Productivity can be impaired (things may be blocked by firewall when needed). Cannot prevent internal attack from within the network.

Question 51

What 2 types of data do we encrypt?

Answer 51

Stored data | Transmitted data

Question 52

What is stored data?

Answer 52

Uses the same key to both encrypt and decrypt the data (symmetric encryption).

Question 53

What is transmitted data?

Answer 53

Uses different keys to encrypt and decrypt the data (asymmetric data).

Question 54

What are 2 implications of stored data?

Answer 54

If you lose the encryption key, you won't ever able to decrypt the data. Sharing of the encryption key can compromise security (key can be intercepted).

Question 55

What is an implication of transmitted data?

Answer 55

If working in large quantities data, the data have a real impact on processing power.

Question 56

What 2 legislation have been implemented to protect data and IT systems from harm?

Answer 56

Data protection act (1998) | Computer misuse act (1990)

Question 57

What is the data protection act (1998)?

Answer 57

Protect how individuals data can be used and handled.

Question 58

What is the computer misuse act (1990)?

Answer 58

Protects against the wilful harm and damage of the IT systems and data.