Unit 4 Flashcards
(30 cards)
What is malware and 2 types
Malicious Software are executable programs which run on a computer and causes harm to things like data
VIRUS:
Replicate their code in other programs
Infect other computers
Harm computer by deleting/corrupting/modifying files
WORM
Cause no damage to attacked computer
Slows down computers/networks
What are the different forms of malware
Trojan Horse - Where malware is disguised as something the user wants (ie: a cracked game)
Ransomware - Software which holds a computer hostage and by locking/encrypting access to it. Once a ransom is paid to the attacker then the access is restored
What is social engineering
The ability to obtain confidential information by asking for it (ie: scamming)
What is shoulder surfing
The ability to get info/passwords by observing as someone types them in
What is phishing and what to look out for
A type of social engineering when someone sends an email/text/phone call to obtain personal information
WHAT TO LOOK OUT FOR
No personalised greeting
Senders address is often a variation off a genuine address
Forged link
request for personal information
Sense of urgency
Poor SPaG
What is DOS and DDOS attack
Denial of service attack where a hacker sends many fake requests to a server at once (flood) so it cannot interpret the real requests fast enough and may just go offline
In DDoS attack (distributed) many computers are used to send requests
What is MITM attack
Man in the Middle attack is where a hacker interprets communications between a user and server so they can
Eavesdrop to find personal info
add different info to a web page/other communication such as emails
How to preven data theft
**Use a strong password
Make sure data is encrypted
dont follow suspicious links (i.e., links in emails)**
Think before you post personal details
dont install apps without research
Delete all info on the device before discarding it
What are the types of attaks that can be used against your network
Brute force attack
SQL injection
DoS attack
What is an SQL injections
Using web forms to add SQL instructions to a query that can cause data loss or revealing of personal info
What is penetration testing and what are the goals
deliberately hacking into your own system to find security holes
GOALS:
Identify targets of potential attacks
identify possible entry points
attempt to break in
report back findings
Black box and white box testing
Black box testing
testers are given no more information than a potential hacker
White box testing:
testers are given as much information as an ‘insider’ would have, in order to determine how much damage a rogue employee could do
What are 3 hats shown in ethical hacking
Black hat hackers
Hack for criminal intent
White hat hackers
Ethical hackers employed to find system vulnerabilities before any black hat abuses them and get rewarded
Grey hat hackers
Hack without consent to find system vulnerabilities and won’t do anything with it themselves but might send out a ransom or they would broadcast the information on the Internet
What data is shown in an audit trail and who can use it to their advantage
Who attempted access
What did they do
Where did they look
When did they do it
Why did they do it
Network forensics can use this to their advantage to solve data mysteries
What is a network policy and an example
A user policy that is used to make sure nothing bad happens on a network (ie: an AUP (Accept User Policy)
What are the methods used to protect data and their features
Anti Malware Software
Prevents malware from being opened on your computer
Firewall
Software which checks incoming data from internet/network and will block it if its harmful
Only certain packets that meet set filtering rules are allowed to pass through
User Access Levels
Software which allows different users to access/view/edit data depending on the user
Encryption
Encoding data so it can’t be understood
Physical security
Hardware used to protect data/information from someone (ie: CCTV cameras)
What is the need for a UI
Without it we would have to use binary to communicate so the UI gives us an easy way to communicate with the PC
5 types of UI with examples + features
GUI (Graphical user interface)
WIMP (windows icons menus pointer) in Windows
Users can click on icons with pointer
Menu Driven interface
ATMs
It is less prevalent but still exists
CLI (Command Line Interface)
command prompt
All commands must be typed in as text
no graphics
quicker for experts
doesn’t take ram
Voice activated
Siri
Real Time
Sensors detecting inputs
What is the use of memory mansgement
To run an app, the PC must copy the program into the main memory from storage
OS keeps a record of where each program is stored so it doesn’t overwrite existing programs
Whats an interrupt, hardware and software and give examples
signals sent to CPU by external devices to indicate an event needs action so the CPU stops what its doing to notify the user
Hardware interrupt is generated by hardware devices (ie: Printer out of paper)
Software interrupt is generated by programs (ie: divide by 0 error)
What is a peripheral and how does the os manage it (likr a printer)
You will need to install a device driver first which is what the OS uses to communicate with the peripheral (all devices outside CPU)
For printers the computer sends data to a printer buffer which is where all the requests wait to be printed
How does the OS do disk/file management
the OS:
manages where on the disk files are written
keeps track of where they are so they can be retrieved
Makes sure no file overwrites another
How does OS manage user management
OS organises user login/passwords
It will also manage access rights and may include encryption of some files
What are all the functions of an OS
Provides a UI
Memory management
Multitasking
Disk/Peripheral management
User management/security
File management
