Unit 6 Cyber security

Question 1

Cyber security threats that computers are vulnerable to

Answer 1

• Pharming
• Weak and default passwords
• Misconfigured access rights
• Removable media
• Unpatched and/or outdated software
• Malware including viruses
• Social engineering

Question 2

Cyber security

Answer 2

Covers the different processes, practices and technologies that protect the following from attack, damage or unauthorised access:
- Networks
- Computers
- Programs and data

Question 3

Password policy

Answer 3

Passwords are often checked as they are created to make sure that they conform to the parameters given in a required policy. Organisations and computer systems will often have password policies. These will make sure that your chosen password has features like:
- Minimum length of characters
- Include at least one lowercase letter
- Include at least one uppercase letter
- Include at least one symbol
- Change password every month

Question 4

Misconfigured access rights

Answer 4

• Each user in an organisation is assigned individual access rights, according to their role
• For example, most network users should not have access to setup and configuration settings
• As people change roles within an organisation, or new roles are created, these rights have to be carefully managed
• No one should have access to areas of folders that they do not need to do their job, as this can create a security weakness

Question 5

What is pharming?

Answer 5

A cyber attack that redirects a user to a fake website

Question 6

How does a pharming attack happen?

Answer 6

• When your computer requests a website, it asks a DNS (Domain Name System) server for the IP address
• The DNS server replies with the IP address
• Your computer then sends a HTTP request to that IP address
• If a hacker can change the entry on the DNS server, then they can make it point to a fake website that they control. The DNS server has been ‘poisoned’
• The fake website may appear the same as the real website, however, it’s aim is to collect personal details, such as the log in to a bank account
• The hacker can now use this to transfer money to themselves

Question 7

What is removable media?

Answer 7

Any storage device that can be inserted and removed from a computer

Question 8

What can removable media be used for?

Answer 8

• Steal documents and files from a company
• Introduce malware

Question 9

How could malware get onto removable media?

Answer 9

• Being present on a home computer and then infecting the removable media device when inserted
• Alternatively, a hacker could leave an infected USB flash drive in a car park or reception of a business. An interested employee can then put it into a computer

Question 10

What is unpatched software?

Answer 10

• Software needs to be regularly patched or updated
• Many updates will contain fixes to known security issues
• Hackers will be aware of these known security issues, making computers that haven’t been updated an easy target

Question 11

Which types of software are the most important to update?

Answer 11

Operating system
- operating system updates often contain security updates
- it is crucial that the operating system is kept as secure as possible as it has full control of the computer or server

Anti-virus or anti-malware software
- needs to be updated regularly or daily so that it can detect new malware

Question 12

Which types of software are the most important to update?

Answer 12

Operating system
- operating system updates often contain security updates
- it is crucial that the operating system is kept as secure as possible as it has full control of the computer or server

Anti-virus or anti-malware software
- needs to be updated regularly or daily so that it can detect new malware

Question 13

Explain how pharming poses a risk to computer systems, data or networks

Answer 13

A DNS server is compromised so that it points to a fake website which can then obtain personal information such as usernames and passwords

Question 14

Explain how weak and default passwords pose a risk to computer systems, data or networks

Answer 14

Make it easy for hackers to gain access using password lists or brute-force attack

Question 15

Explain how misconfigured access rights pose a risk to computer systems, data or networks

Answer 15

The give users to much access which they can then misuse

Question 16

Explain how unpatched or outdated software pose a risk to computer systems, data or networks

Answer 16

Leave security holes open

Question 17

Explain how removable media poses a risk to computer systems, data or networks

Answer 17

These can be used to introduce malware or remove confidential documents

Question 18

What is social engineering?

Answer 18

The ability to obtain confidential information by manipulating people for it

Question 19

What techniques can hackers use to gain information via social engineering?

Answer 19

• Blagging, using an invented scenario to target someone
• Phishing, using email or SMS (text) message to obtain information
• Shouldering, observing information as it is entered

Question 20

What is shoulder surfing?

Answer 20

Shoulder surfing or shouldering is the ability to get information or passwords by observing as someone types them in

Question 21

Examples of shoulder surfing

Answer 21

• Looking over someone’s shoulder
• Using a CCTV camera
• Viewing the reflection of a keyboard as a password is typed

Question 22

Preventing vulnerabilities

Answer 22

• Penetration testing
• Anti-malware software, including anti-virus software
• Biometric measures, especially for mobile devices
• Password systems
• CAPTCHA
• Email confirmation to confirm identity
• Automatic software updates
• Network security such as authentication, encryption, firewalls and MAC address filtering

Question 23

Anti-malware software

Answer 23

• Will detect malware such as viruses, worms, trojans and spyware
• When a virus or new malware is detected it is sent to the anti-virus company
• They verify it is malware then create a signature of the virus
• They then add it to their virus database and tell computers to run an update
• Viruses can morph to avoid detection, this makes it harder to create a signature

Question 24

Describe how anti-virus software works

Answer 24

• Anti-virus software can provide real-time protection
• When a program is loaded or a file is downloaded, it is first checked to see if it contains a virus
• Parts of the file are checked and compared with virus definitions of known viruses
• If a match is found, the file can be quarantined and the user notified

Question 25

Passwords

Answer 25

• Usernames and passwords are one of the most important ways of protecting computers and servers
• They prevent unauthorised people from using the system
• They also apply the correct access permissions to the user’s account

Question 26

Biometric authentication

Answer 26

• Biometrics measure a person’s physical characteristics to verify their identity
• One common method of authentication used on portable devices is a fingerprint

Question 27

Examples of biometric methods

Answer 27

• Facial recognition, commonly now used on phones, tablets and some desktops
• Retinal scans, more commonly used in high security environments
• Palm vein recognition
• Ear recognition
• Voice recognition

Question 28

Starling Bank authentication

Answer 28

• When registering a new bank account users need to provide a photo of their driving licence or passport
• They then need to record a short video of themselves speaking a message
• This can then be used to authenticate that the person talking is the same person as that in the driving licence or passport

Question 29

Automatic software updates

Answer 29

• Many large companies such as Microsoft and Apple automatically update your software whenever they make a change to it
• This could happen on a daily or weekly basis

Question 30

Why are software updates important?

Answer 30

• Software updates fix bugs and offer security updates
• If security holes are not updated or patched, a hacker can exploit them
• Virus software needs to be set to auto-update so that it always has the latest virus definitions
• Operating systems should either auto-update, or be updated as soon as possible if a security update is released

Question 31

Email authentication

Answer 31

• On registration, an authentication email can be sent to the email address
• This contains a unique web address link which needs to be clicked
• Once the web page is visited, the web site knows that the user has access to the email account
• It can then record that the email address has been authenticated

Question 32

CAPTCHA

Answer 32

• Hackers and criminals are able to send multiple form submissions to web pages
• This may be used to make log in attempts or add spam posts
• CAPTCHAs are images that are easy for humans to interpret, but hard for computers

Question 33

Penetration testing

Answer 33

The practice of deliberately trying to find security holes in your own systems

Question 34

What is the goal of penetration testing?

Answer 34

• Identify the targets of potential attacks
• Identify possible entry points
• Attempt to break in
• Report back the findings

Question 35

White box penetration testing

Answer 35

• White box penetration testing simulates a malicious insider with knowledge of the system
• They will have permission to try to find weaknesses in the computer systems
• They may have basic credentials such as a username and password for the target system
• They will be given network and system information to help target possible attacks
• Used to identify internal threats, simulates the damage that someone with inside knowledge could do

Question 36

Black box penetration testing

Answer 36

• Back box penetration testing simulates an external hacking or cyber warfare attack
• The company or engineer trying to find weaknesses in the system has no inside knowledge of the target system such as passwords or layout of the network structure
• This simulates the damage that someone with no inside knowledge could do