10 Markers

avatar
Created by
Sophie _Xx

Cards (26)

  • Evaluate the likely impact on your family member if they clicked on a link in a phishing email?
    • Identity theft
    • Financial loss
    • Changing of password to lock out of bank accounts
    • If master password was used the attacker can gain other accounts
    • Find Location of memeber
  • Discuss why a company needs to understand the techniques used by attackers who accessed customers information

    • To know what part in the system was accessed by the attacker to identify which data was accessed so customer can be notified
    • To determine where responsibilities lie within the company
    • Determine if laws have been broken
    • Profiling the attacker so that if a similar attacker tried, they will be prepared and secure
  • Evaluate the preventative measures you could take when connecting your tablet or laptop to an unsecure Wi-Fi hotspot
    • Install a VPN to provide a more secure link
    • Ensure Firewall works
    • https websites not http
    • don't enter bank details or make transactions connected to the Wi-Fi
    • Look for password locked Wi-Fi
    • Ensure personal password is strong and hard to guess
  • Evaluate the benefits to a company of using monitoring and control systems for cyber security
    • The cost of the system must match the usefulness of it
    • Monitoring systems only show events after the've happened
    • Allows you to determine what happened and prevent it from happening in the future
    • control systems restrict access to data
    • Cryptography takes time to decrypt if needed straight away but it is useful to have to defend against attackers
  • Discuss the use of monitoring as a method of reducing the likelihood of being hacked
    • Firewall and NIDS can detect traffic from a hacker
    • Able to see if employees are following policies and procedures
    • can allow re training to occur based on what they employees are actually doing wrong
    • Bad behaviour can be seen, such as leaving the account logged on which can lead to hacking.
  • Justify the use of testing for potential vulnerabilities as a method of mitigating
    • explain what methods the hacker is using to patch the vulnerabilities
    • Research how the network was set up to get more information about it
    • even if no vulnerabilities are detected, it mitigates risks as it removes possible attacks
  • Analyse the possible impacts of a cyber security incident on a company
    • Loss of customer data leads to breaching the DPA
    • Loss of Intellectual property so no longer at an advantage over competitors
    • Enables policies and procedures to be tested and for all members of staff to understand their responsibilities
    • Loss of customer confidence so they may move to a better company
  • How can a company identify areas at risk from cyber security incidents?
    By employing various assessment methods
    View source
  • What is one method to identify weak points in a system?
    Employ an ethical hacker or external company
    View source
  • How can social engineering be used to assess security?
    By pretending to be a customer to obtain information
    View source
  • What role does a third-party consultant play in security assessment?
    They examine policies and check implementation
    View source
  • What is a method to check for adherence to security policies?
    Consultants can go undercover to observe
    View source
  • What is a physical review in the context of cyber security?
    Assessing physical vulnerabilities on-site
    View source
  • Why is monitoring logs and firewalls important?
    To detect suspicious activity in real-time
    View source
  • How do ethical hackers contribute to cyber security?
    They identify vulnerabilities before malicious hackers do
    View source
  • What is the purpose of employing a social engineering company?
    To simulate customer interactions for security testing
    View source
  • What can be achieved through a physical review of a company?
    Identification of physical security vulnerabilities
    View source
  • What should be monitored to identify cyber threats?
    Logs and firewalls
    View source
  • How does employing a third-party consultant enhance security assessments?
    They provide an unbiased evaluation of policies
    View source
  • What is the benefit of going undercover during a security assessment?
    To see if policies are being followed
    View source
  • What is the significance of monitoring for suspicious activity?
    It helps in early detection of cyber threats
    View source
  • Describe 3 measures that a company could take to reduce the impact of an incident on its customers and business

    • Act immediately any concerns should be addressed straightaway
    • Removing customer data to offline so not accessible
    • Prevention, finding out how the hacker got in and sealing the entry point
    • Communication letting customers know what has happened
    • Publicity rebuilding reputation/appointment of high profile team
  • Evaluate the use of IDS as a method for protecting a network
    • Alarms are raised in real time which requires a network operator to be available and monitoring in order to react.
    • Hacker may use signatures that are matched within the rule base and so will not raise the alarm.
    • Signatures cannot be detected if they are not in the database
    • False positives can be flagged wasting investigation time.
    • IDS look for known weaknesses, these can be avoided by hackers
  • Justify the effectiveness of using NIDS to protect information stored on a server
    • Use of NIDS does not degrade the performance of the system allowing other tasks to run without interruption.
    • Older equipment could be used rather than purchase new equipment as it only needs storage
    • They are independent of the operating systems being used so can be used anywhere on the network.
    • They can be moved around the network targeting specific areas where there are known issues.
    • Can create alerts of potential attack allowing time to react.
  • Explain why it is an advantage to have the procedures written down

    • So no stage is missed out
    • To gather all the information
    • Required to write the report
    • Not knowing who is on site when the attack occurs might be someone not familiar with procedures
    • They will know what steps to take and prevent errors being made
    • Can act with speed to prevent further escalation
    • To identify who to contact
  • Evaluate the importance of the CSIR in preventing future cyber security incidents

    • Will highlight areas of operational weakness in the organisations which can be addressed.
    • Will show how the hack took place which allows OCR phones to patch the vulnerability.
    • Highlights bad practices in OCR phones that can be exploited and allow future hacks to take place.
    • Can be completed by external consultants who will see OCR phones with fresh eyes and not be used to exiting practices.