Security

avatar
Created by
Savya Kotak

Cards (27)

  • what is malware?
    software that can be damaging/malicious to a computer/network
  • what are viruses?
    malware which harm a network/computer by attaching to files
    • can affect all components of an OS
    • can damage or delete data
  • what are worms?
    malware which replicates itself to spread to other computers on a network
    • exploits vulnerabilities in a network
    • does not need to attach to files
  • what is a trojan horse program?
    software designed to access a computer by misleading users of its intent
  • what is social engineering?
    Manipulating people to gain unauthorized access to information or systems
  • what is phishing?
    form of social engineering which is designed to acquire sensitive info
  • what is telephone (IVR) phishing?
    phone calls where someone pretends to be an official service to gain personal data
  • what do scammers need to open a credit card in your name?
    • full name
    • date of birth
    • mother's maiden name
  • how can data be intercepted?
    packets can be intercepted in the air
    • data can be intercepted physically via theft
  • how does encryption help when data is intercepted?
    people who have unauthorised access cannot understand the scrambled data as they do not have a key
  • what are dictionary attacks?
    form of brute force attack where each letter/digit is cycled through until it is correct
  • what is brute force attack?
    a method of gaining access to passwords with trial and error
  • how can brute force attacks be avoided?
    add a cap on the number of attempts when trying a password
  • what is DoS?
    • Denial of Service
    • a server is flooded with requests and becomes overwhelmed
    • can deter genuine clients
    • can happen accidently when a website has high demand
  • what is a DDoS attack?
    Distributed Denial of Service
    • large botnets send many requests to a website so the singular IP cannot be blocked
  • what is a botnet?
    collection of zombie computers that have been infected with code that gives the virus owner the ability to control it
  • what is an SQL injection?
    • an attacker can execute malicious SQL statements to manipulate a website's database
    • can be used to access customer data
  • how can a SQL attack be prevented?
    clean data inputted by removing special characters
  • what is penetration testing?
    tests are performed in a controlled environment by an authorised person to test for any vulnerabilities. may use tools to help them
  • what is a white hat hacker?
    someone who has permission to act as a penetration hacker
  • what is a grey hat hacker?
    a hacker that performs penetration testing without permission and inform the organisation for a fee
  • what is a black hat hacker?
    someone who hacks without permission and with malicious intent
  • what is anti-malware software
    software which can help to prevent malware from infecting a system
  • what is a firewall?
    software that forms a barrier between a potential attacker and the computer to prevent unauthorised access
  • what are user access levels?
    allow a system admin to set up a hierarchy of users, and limiting the access of lower level users
  • adv of biometrics
    • don't rely on memory
    • faster
    harder to hack
  • what is physical security?
    used to prevent physical access to devices e.g. locking doors, CCTV, guards etc