Security 8.1.4

avatar
Created by
Dylan Tappenden

Subdecks (1)

Cards (44)

  • What are the 4 overall human threats to digital systems?
    Human error
    Malicious employees
    Disguised criminals
    Targetted attacks
  • Why is human error a threat to digital system:
    It can be exploited by external threats to gain access to a digital system
  • Why are malicious employees a threat to digital systems:
    They are able to exploit their position within the company to harm it.
  • Disguised criminals are a threat to digital systems as:
    They can exploit trust to trick people into revealing info they otherwise wouldn´t
  • What do disguised criminals usually do?
    Social engineering
  • What are targetted attacks:
    Cyber attacks aimed at specific parties leading to a higher success rate on the target as it is more specific
  • What form of social engineering is commonly seen in targetted attacks?
    Spear phishing
  • What is the most dangerous form of targetted attacks?
    Advanced Persistent Threats (APTs)
  • What makes advanced persistent threats so dangerous:
    They are aimed at specific target and characterised by their sophistication and persistance, aswell as significant resources
  • What is usually the aim of APTs?
    To gain covert, continous access to a network
  • What makes whaling different from spear phishing:
    Aimed at high level executives
  • If whaling is succesful, the offender uses the credentials to access whatever due to high level access rights
  • Name 5 internal human threats:
    Unintentional disclosure of data
    Whistleblowing
    Manual overriding of security control
    Downloads from internet
    Visiting untrustworthy websites
  • What two kind of human threat could whistleblowing be?
    Malicious employee
    Social engineering
  • What kind of threat could must human threats cause by employees also be?
    Social engineering
  • Name 3 threats that are done by malicious employees, Bypassing access rights
    Inserting malicious usb devices
    Turning off security measures
  • Name 3 threats to digital systems that occur from human error,
    Unintentional disclosure of data
    Downloading malware
    Using untrusted websites
  • Human threats from disguised criminals are social engineering attacks
  • Broken authentication is where an API?
    Allows unauthorised access
  • APT is advanced persistent threat, they generally want long term unauthorised access