Security

    avatar
    Created by
    Savya Kotak

    Cards (27)

    • what is malware?
      software that can be damaging/malicious to a computer/network
    • what are viruses?
      malware which harm a network/computer by attaching to files
      • can affect all components of an OS
      • can damage or delete data
    • what are worms?
      malware which replicates itself to spread to other computers on a network
      • exploits vulnerabilities in a network
      • does not need to attach to files
    • what is a trojan horse program?
      software designed to access a computer by misleading users of its intent
    • what is social engineering?
      Manipulating people to gain unauthorized access to information or systems
    • what is phishing?
      form of social engineering which is designed to acquire sensitive info
    • what is telephone (IVR) phishing?
      phone calls where someone pretends to be an official service to gain personal data
    • what do scammers need to open a credit card in your name?
      • full name
      • date of birth
      • mother's maiden name
    • how can data be intercepted?
      packets can be intercepted in the air
      • data can be intercepted physically via theft
    • how does encryption help when data is intercepted?
      people who have unauthorised access cannot understand the scrambled data as they do not have a key
    • what are dictionary attacks?
      form of brute force attack where each letter/digit is cycled through until it is correct
    • what is brute force attack?
      a method of gaining access to passwords with trial and error
    • how can brute force attacks be avoided?
      add a cap on the number of attempts when trying a password
    • what is DoS?
      • Denial of Service
      • a server is flooded with requests and becomes overwhelmed
      • can deter genuine clients
      • can happen accidently when a website has high demand
    • what is a DDoS attack?
      Distributed Denial of Service
      • large botnets send many requests to a website so the singular IP cannot be blocked
    • what is a botnet?
      collection of zombie computers that have been infected with code that gives the virus owner the ability to control it
    • what is an SQL injection?
      • an attacker can execute malicious SQL statements to manipulate a website's database
      • can be used to access customer data
    • how can a SQL attack be prevented?
      clean data inputted by removing special characters
    • what is penetration testing?
      tests are performed in a controlled environment by an authorised person to test for any vulnerabilities. may use tools to help them
    • what is a white hat hacker?
      someone who has permission to act as a penetration hacker
    • what is a grey hat hacker?
      a hacker that performs penetration testing without permission and inform the organisation for a fee
    • what is a black hat hacker?
      someone who hacks without permission and with malicious intent
    • what is anti-malware software
      software which can help to prevent malware from infecting a system
    • what is a firewall?
      software that forms a barrier between a potential attacker and the computer to prevent unauthorised access
    • what are user access levels?
      allow a system admin to set up a hierarchy of users, and limiting the access of lower level users
    • adv of biometrics
      • don't rely on memory
      • faster
      harder to hack
    • what is physical security?
      used to prevent physical access to devices e.g. locking doors, CCTV, guards etc