Unit 5.3 - cyber security

Question 1

What does it mean when a computer system has a vulnerability + consequences?

Answer 1

There is a weakness in the system that allows unauthorized individuals to access it.
This can have consequences such as loss of data, loss of availability to systems, identity theft, financial implications, loss of confidence among stakeholders.

Question 2

Name 7 different malware + definition

Answer 2

Hostile intrusive software written to infect computers and commit crimes.
1. Worms - automated, self-executing, self-replicating programs which spread quickly and exploit weaknesses in network security
2. Virus - like worms but not self-executing; requires human assistance in spreading. Often hidden in other applications/files
3. Trojan - disguised as legitimate software. When installed, can do harm like install back doors, initiate attacks, install other malware, etc.
4. Ransomware - victims’s files on computer are encrypted, and hacker forces them to pay to access them
5. Spyware - secretly obtains personal information on victim’s computer and sells it to advertisers, data firms, etc.
6. Rootkit - malware designed to remain hidden/unnoticeable on computer. May give attacker remote access to system
7. Adware -

Question 3

What is a brute-force attack + how to prevent?

Answer 3

Automated, trial and error method used to decode encrypted data or using data known about user (e.g. birthday, pet, etc).
Prevent by having long password with mix of symbols; using 2 factor authentication; don’t reuse passwords

Question 4

What is data interception + how to prevent?

Answer 4

Monitoring data streams to and from target to obtain confidential information. Any data transmitted over a network can be intercepted. Typically uses software called packet sniffer.
Prevent by using end-to-end encryption when transmitting data over a network.

Question 5

What is a DDoS + how to prevent?

Answer 5

A distributed denial of service attack attempts to disrupt normal traffic of server/network by overwhelming/flooding it with Internet traffic. This can knock the server/network offline due to strain on bandwidth, CPU and other resources. Usually carried out by thousands of computers.
Not preventable but have systems and firewalls that detect DDos attacks which reduce its effects by directing traffic to other servers.

Question 6

What is hacking?

Answer 6

Any unauthorized access to a system for criminal purposes

Question 7

What is social engineering?

Answer 7

The use of manipulation to get people to give up personal information. Exploiting and tricking people is often easier than finding weaknesses in computer systems.

Question 8

What are 9 types of social engineering?

Answer 8

1. Baiting - leaving malware infected device (USB drive) in place where it is likely to be found and used.
2. Pharming - sends/redirects user to fake website by hijacking the DNS
3. Phishing - sending legitimate-looking emails in hopes of getting personal information. Spear phishing targets a specific individual
4. Vishing - over the telephone
5. Dumpster diving - going through bins to find personal information like phone numbers, access codes, etc.
6. Piggybacking/tailgating - walking into secured building by following someone with access
7. Watering hole - compromising group of people by infecting a website they use regularly
8. Quid pro quo - call employees of a company pretending to be tech support offering to help fix an issue, and gather information in the mean time
9. Scareware - tricks user into believing they installed malware/illegal data, hackers offer to come fix it, download actual malware

Question 9

State 8 methods of protecting digital systems

Answer 9

1. Controlling access levels - protects sensitive data and minimizes misuse by only giving people access to the systems they need for work
2. Anti-malware software - keeps computer & files safe from malware. Most operating systems have built-in anti-malware
3. Authentication - 3 methods: username & password; biometrics (fingerprints, retina scan, etc); 2 step verification(2 separate authentication methods performed one and another)
4. Automatic software updates - popular software is often target of attacks. Applies patches & bug fixes; product is is kept up to date and security flaws are fixed ASAP without need for manual intervention
5. Firewalls - piece of software/hardware or both configured to only let certain traffics through. unwanted traffic is not allowed onto LAN
6. Privacy settings - designed to limit who can view & access your content; e.g. do not track, privacy browsing
7. Proxy servers - separate intermediate device between user and remote web server that traffic must pass through; gateway between the browser & the Internet.
8. SSL - secure socket layer security protocol provides secure communication channel between 2 devices. Used to secure credit card transactions & data transfer.

Question 10

How to catch phishing e-mails?

Answer 10

• If they are unexpected or contain instructions to click link/download attachment
• poor spelling and urgent, pressuring tone
• generic greeting
• demanding taking action now
• check URLs of links attached as well as protocol
• links hidden behind text or images

Question 11

What are 4 functions of proxy servers?

Answer 11

Allows traffic to be filtered/blocked, keeps user IP address secret, caches frequently used websites. reduces impact of DDOS attack