Chapter 6 #3

Question 1

Section 1: Data Security

Question 2

Data Security, Privacy, and Integrity.

Question 3

Define Data Privacy.

Answer 3

The privacy of personal information stored on a computer, ensuring it is not accessed by unauthorized parties.

Question 4

What is the primary purpose of Data Protection Laws?

Answer 4

To govern the privacy and security of data through specific regulations to ensure information about individuals or organizations remains private.

Question 5

List four of the eight principles of Data Protection Laws.

Answer 5

Data must be processed fairly and lawfully.
Data processing is restricted to the stated purpose.
Data must be adequate, relevant, and not excessive.
Data should not be kept longer than necessary.

Question 6

Define Data Security.

Answer 6

The measures taken to prevent data loss or corruption and the ability to recover it if it is lost or corrupted.

Question 7

Describe the difference between the security and privacy of data.

Answer 7

Security protects data against loss.
Privacy protects data against unauthorised access.

Question 8

Define Data Integrity.

Answer 8

The accuracy, completeness, and consistency of data.

Question 9

Explain the difference between data security and data integrity.

Answer 9

1. Security is protecting data from loss/corruption.
2. Integrity is ensuring the consistency/accuracy of the data.

Question 10

Authentication & Access Control

Question 11

How can data stored on a computer be kept secure?

Answer 11

1. Install a Firewall.
2. Up to date Antivirus.
3. Use a strong password.
4. Encryption.
5. Access rights.
6. Use back-up software.

Question 12

What is a User Account in the context of security?

Answer 12

An agreement allowing an individual to use a computer or network server, often requiring a username and password to authenticate the user.

Question 13

Explain how Access Rights are used.

Answer 13

The use of authorization levels to ensure only specific users see specific data; for example, a hospital cleaner might not have access to patient data, but a consultant would.

[Past Exam Q&A adds:]
From exam Q&A (database context):
• Different accounts / logins are set up, each with different access rights e.g. read only // no access // read/write.
• Specific views can be assigned to different users (e.g. managers can only see data for their own shop).

Question 14

What are the requirements for a strong password?

Answer 14

1. It should include at least one capital letter, one number, and one special character (e.g., @, *, &).
2. It requires regular updates to maintain security.

Question 15

What is a security token?

Answer 15

A small item of hardware provided to an individual user that confirms their identity.

Question 16

What are examples of biometric authentication methods?

Answer 16

1. Fingerprint ID
2. Face ID
3. Retina Scan
   Any biological trait unique to the user.

Question 17

What is two-factor authentication (2FA)?

Answer 17

It is when two methods of authentication are used (usually one of them is a password) to authenticate a user.

Question 18

State why data needs to be secure.

Answer 18

1. To stop the data being lost/corrupted.
2. To make sure it can be recovered.
3. To prevent unauthorised access.

Question 19

Encryption & Secure Protocols

Question 20

Describe how a digital signature is used to authenticate a document.

Answer 20

1. The sender hashes the document.
2. To produce a digest.
3. The sender encrypts the digest with a private key to create the digital signature.
4. The document and the signature are sent to the user.
5. The user uses the public key to decrypt the digital signature to reproduce the digest.
6. The digital signature can only be decrypted with matching sender’s public key.
7. The receiver uses the same hashing algorithm on the document received to produce a second digest.
8. If both of the receiver’s digests are the same, the document has not been changed.

Question 21

What is encryption and what is its purpose?

Answer 21

Encryption is converting plain text (readable text) into cipher text (meaningless text) using an encryption key.
Its purpose is to prevent hackers from intercepting and understanding the data interepted maintaining data security.
It can be understood again after decryption using the decryption key.

Question 22

Contrast SSL and TLS key lengths.

Answer 22

SSL typically uses a 128-bit key, while TLS uses a 256-bit key.

Question 23

Describe the Handshake process when a browser connects to a secure website.

Answer 23

1. The browser sends a request.
2. The web server responds with an SSL/TLS certificate
3. If the browser authenticates the certificate, it sends a message to the web server.
4. Once this message is received by the web server, the server acknowledges the web browser and a SSL-encrypted two-way data transfer begins.

Question 24

What is a Digital Cirtificate and when is it used?

Answer 24

If an incoming transmission is an email, there can be a concern about the authenticity of the email’s sender.
The solution is to insist on the sender attaching a digital ciertificate to the email.

The digital cirtificate can also be an electronic document confirming the identity and security-ability of a web page on the internet.

It is defined as an electronic document used to prove the ownership of a public key (used for encryption).

Question 25

What information is typically found in a Digital Certificate?

Answer 25

Information about the encryption key. Information about the owner's identity. A serial number An expiry date. A digital signature of an entity that has verified the contents of the cirtificate.

Question 26

What is a Firewall?

Answer 26

It can be digital software or a physical device and it serves as the main defense mechanism for computers/networks.

Question 27

List the tasks carried out by a Firewall.

Answer 27

1. Examining incoming and outgoing traffic between the user's computer and the internet. 2. Checking if incoming or outgoing data meets a given set of criteria. 3. If the data fails the criteria, the firewall will block the traffic and gives the user a warning that there may be a security issue. 3. Logging all incoming and outgoing traffic for later interrogation by the user.

Question 28

What are two limitations of a Firewall?

Answer 28

It cannot prevent individuals from using their own modems to bypass it, nor can it prevent employee misconduct like sharing passwords.

Question 29

Specific Malware & Threats

Question 30

Define Phishing.

Answer 30

Sending legitimate-looking emails to deceive recipients into providing personal data.

Question 31

Define Pharming.

Answer 31

Malicious code on a computer or server that redirects a user to a fake website to steal personal information.

Question 32

Define a Virus.

Answer 32

Malicious software that replicates to delete or corrupt files and requires a host program.

Question 33

Define a Worm.

Answer 33

Malicious software that spreads through networks by exploiting security weaknesses and does not need an active host program.

Question 34

What is a Logic Bomb?

Answer 34

Malicious code that stays dormant until specific conditions are met, such as a certain date, to perform harmful tasks.

Question 35

What is a Trojan Horse?

Answer 35

A malicious program disguised as legitimate software.

Question 36

What is a Bot?

Answer 36

An internet robot that can take control of a system to launch automated attacks.

Question 37

Define Spyware.

Answer 37

Software that monitors and sends user data back to the attacker, often via keylogging.

Question 38

What is the difference between Malicious Hacking and Ethical Hacking?

Answer 38

Malicious hacking is unauthorized access intended to cause harm (deleting files/stealing data), while ethical hacking is authorized testing used to identify security risks with the owner's permission.

Question 39

What is the specific mechanism of DNS Cache Poisoning?

Answer 39

It involves altering IP addresses on a DNS server to redirect users to a hacker's website instead of the intended destination.

Question 40

Comprehensive Data Recovery

Question 41

How can data be recovered from accidental loss?

Answer 41

By using back-ups in case data is deleted through an accidental operation and saving data on a regular basis.

Question 42

What are the methods to prevent data loss from Hardware Faults (e.g., HDD head crash)?

Answer 42

Use back-ups, an uninterruptible power supply (UPS) to prevent power loss malfunctions, and parallel systems as backup hardware.

Question 43

What is the primary defense against Software Faults (e.g., crashes)?

Answer 43

Use back-ups and save data on a regular basis in case the software suddenly freezes or crashes.

Question 44

How should a user prevent data loss from Incorrect Computer Operation?

Answer 44

Use back-ups and ensure correct training procedures so users are aware of the correct operation of hardware.

Question 45

Section 2: Data Integrity (Methods)

Question 46

Validation

Question 47

List all of the validation methods (7).

Answer 47

1. Range Check. 2. Type Check. 3. Length Check. 4. Presence Check. 5. Format Check. 6. Lookup Check. 7. Check Digit.

Question 48

Define Validation.

Answer 48

A method used to ensure entered data is reasonable and meets certain input criteria. It cannot check if data is correct or accurate.

Question 49

Explain the Range Check validation method.

Answer 49

Ensures data falls within a specified range, such as age being between 0 and 120.

Question 50

Define a Type Check.

Answer 50

Ensures data is of a specific type, such as only numbers or only text.

Question 51

Define a Length Check.

Answer 51

Ensures data is a specific number of characters, such as a 10-digit phone number.

Question 52

Define a Presence Check.

Answer 52

Ensures that mandatory fields in a form are not left blank.

Question 53

Define a Format Check.

Answer 53

Ensures data follows a specific pattern, like a date in DD/MM/YYYY format.

Question 54

What is a Lookup Check?

Answer 54

Ensures data matches a value from a pre-defined set list, such as country codes.

Question 55

What is a Check Digit?

Answer 55

An additional digit appended to a number to check if the entered data is error-free.

Question 56

List three types of errors a Check Digit can detect.

Answer 56

Incorrect digit entry, transposition errors, and phonetic errors.

Question 57

Verification & Error Correction

Question 58

List all of the verification methods (7).

Answer 58

1. Visual Check. 2. Double Entry Verification. 3. Checksum. 4. Parity Bit (Odd/Even) 5. Parity Block. 6. Hash Totaling. 7. Automatic Repeat Request (ARQ).

Question 59

Define Verification.

Answer 59

A method used to ensure data is correct by comparing it to the original source or using double entry.

Question 60

What is a Visual Check?

Answer 60

Comparing the data entered on the screen against the original paper document.

Question 61

What is Double Entry verification?

Answer 61

Data is entered twice, often by two different people, and then compared to check for errors. Can be done during or after data entry process.

Question 62

Verification During Data Transfer

Question 63

Explain how a Checksum works during data transfer.

Answer 63

1. A calculation is done, using an algorithm, on a block of data to produce a value. 2. The result is transmitted with the data. 3. Calculation repeated at receiving end using the same algorithm. 4. Results are compared. 5. If the values are different an error has occurred.

Question 64

Define Even Parity and Odd Parity.

Answer 64

Even Parity ensures a binary number has an even number of 1-bits. Odd Parity ensures an odd number of 1-bits.

Question 65

An odd parity is used to detect errors in data transmission. Explain how the odd parity check detects errors.

Answer 65

1. The number of 1 bits are counted. 2. A parity bit is added to each byte (7 bits BEFORE transmission). 3. The bit is added to make the sum of the 1 bits in each byte odd. 4. After transmission, if the number of 1 bits is odd, no error is detected. 5. After transmission, if the number of 1 bits is even, an error is detected.

Question 66

What is a Parity Bit?

Answer 66

An extra bit added to a byte to ensure it matches the agreed parity protocol (even or odd).

Question 67

What is a Parity Block and Parity Byte?

Answer 67

A Parity Block uses horizontal and vertical parity checks; a Parity Byte is the additional byte sent to enable this vertical checking.

Question 68

Data received can contain errors that are not detected using parity bits. Explain how this can happen.

Answer 68

1. Errors in an even number of bits (in the same row or column). 2. Prevents error being identified. 3. Could appear to be correct.

Question 69

Explain how an ARQ operates using a positive acknowledgement method.

Answer 69

1. A timer is started when sending decice transmists a data packet to receiver. 2. Receiving device checks the data packet for errors (using any error checking method). 3. Once the receving device knows that the packet is error free it sends an acknowledgement back to sending device. 4. The next packet is sent. 5. If the sending device does not receive an acknowledgement before the timer ends. 6. A time out occurs. 7. The data packet is resent. 8. Until acknowledgment is recieved or maximum number of attempts reached.

Question 70

Describe the process of using a Hash Total.

Answer 70

1. Total of several fields of data is calculated using a hashing algorithm. 2. Including fields not usually used in calculations. 3. The result is transmitted with the data. 4. Calculation repeated at receiving end using the same algorithm. 5. Results are compared. 6. If the values are different an error has occurred.

Question 71

Give two similarities and at least one difference between spyware and a virus.

Answer 71

Similarities: 1. Both are pieces of malicious software. 2. Both are downloaded / installed / run without the user's knowledge. 3. Both can pretend to be / are embedded in other legitimate software when downloaded // both try to avoid the firewall. 4. Both run in the background. Differences: 1. A virus can damage computer data; spyware only records / accesses data. 2. A virus does not send data out of the computer; spyware sends recorded data to a third party. 3. A virus replicates itself; spyware does not replicate itself.