cyber-security and legislation

Created by

zahra ahmed

Cards (65)

define cyber security  
practice of defending digital devices from malicious attacks
whats denial of service 
attempts to make a digital system unavailable to users by flooding with network traffic
define hacking  
finding a weakness in a established digital system and exploiting them
what are the three types of hacking 
black hat
grey hat
white hat
whats black hat hacking 
hacking with malicious intent
define grey hat hacking 
hacking into a digital system for fun/to troll
whats white hat hacking 
given permission to hack to find any weakness in system
what is malware 
malicious software thats installed on a digital system and collects info
what are the types of malware 
adware
botnet
ransomware
spyware
trojan horse
worm
virus
define adware 
generates revenue - known as advertising such as pop ups
whats botnet 
attempts to take control of digital system
whats ransomware 
holds computer system captive and demands a fee to release
define spyware 
collects data and is usually hidden from user
whats trojan horse 
designed to give full control of infected digital system
whats virus 
attempts to make computer system unreliable, replicates itself and spreads
whats worm  
replicates itself and can use a network to spread
define social engineering 
art of manipulating people so confidential information can be found out
what are the types of social engineering 
baiting
phishing
pretexting
quid pro quo
scareware
shoulder surfing
whats baiting  
tries to get victims to give cybercriminals the info they need
similar to phishing
criminals promise of goods to get information
whats phishing  
tries to get users to input card/security/log in details into a fake website, targets bank/building society
whats pretexting  
cybercriminal lies to get data/information, usually a scam where criminal pretends to need information to confirm identity
whats quid pro quo 
tries to disable anti-virus software so software updates, promise of service
whats scareware 
tries to scare people into buying/downloading software, usually popup to convince user theres a problem
whats shoulder surfing  
aims to steal data/information, when persons confidential information is seen because attacker stands close and see's their information
define data destruction  
data is destroyed by attacker and no longer exists
define data manipulation  
data is edited to meet the needs of attacker, may result to false news published
define data modification 
changes data to meet the needs of attacker eg amount of money in a bank account
define data theft 
data is stolen from a digital system, with the aim of compromising privacy
define identity theft  
personal data is stolen during an attack
what are impacts on organisations  
time delay in restoring data
reputation is negatively affected and no longer seen as trustworthy
define the prevention methods 
logical
physical
secure destruction of data
what are the physical prevention measures 
biometrics devices
firewalls
keypads
radio frequency identification (RFID)
secure backups
define biometrics devices 
owner stores biometric characteristics in the security settings
define keypads 
type of lock where correct code must be input before lock opens
define RFID 
access badge is tapped against lock then it opens
what are secure backups 
copy of data/files that are currently in use, made regularly and stored away
what are the logical prevention measures 
access rights/permissions
usernames and passwords
anti-virus and anti-malware software
two-factor authentication
encryption
define access rights and permissions 
set on files/folders
authentication and username/password can be used to do this
define username and passwords 
two part logical prevention measures
username is authorisation
password is authentication
define two-factor authentication 
user inputs username/password which is submitted and checked, when details are recognised, a token code is sent to either email address/mobile phone linked to the username/password