Unit 4 - Network security & system software

Question 1

What is malware?

Network threats

Answer 1

• comes from 2 words: malicious software
• executable programs that run on a computer

Question 2

What are different types of malware?

Network threats

Answer 2

• Viruses
• Worms
• Trojans
• Ransomware

Question 3

How do viruses work?

Network threats

Answer 3

Computer viruses infect computers by:
- replicating their code in other programs
- infecting other computers
- harming the computer by deleting,
corrupting or modifying files

Question 4

How do worms work?

Network threats

Answer 4

• replicates itself in order
  to spread to other computers
• may cause no damage to the attacked computers
• slow down networks
  and computers

Question 5

How do computer trojans work?

Network threats

Answer 5

• a program, game or cracked file that user wants
• they have a negative programs code which causes damage, takes control, or provides access to the computer

Question 6

How does ransomware work?

Network threats

Answer 6

Software which:
- holds a computer hostage by locking or encrypting access to it
- if the data is encrypted, not even a cyber security professional will be able to recover the data unless backups are available.
- the access will only be restored if the ransom is paid.

Question 7

What are 2 ways hackers can exploit technical vunerabilities?

Network threats

Answer 7

• unpatched software
• out-of-date anti-malware

Question 8

Why are unpatched software vulnerable?

Network threats

Answer 8

if software updates and security updates are not installed then the software will be vulnerable

Question 9

Why are out-of-date anti-malware vulnerable?

Network threats

Answer 9

if software, such as antivirus software, isn’t regularly updated then it won’t be able to detect the latest viruses

Question 10

What is social engineering?

Network threats

Answer 10

Social engineering is the ability to obtain confidential information by asking for it.

Question 11

What is sholder surfing?

Network threats

Answer 11

Shoulder surfing is the ability to get information or passwords by observing as someone types them in.

Question 12

What is Phising?

Network threats

Answer 12

Phishing is a type of social engineering technique, emails, texts or phone calls are sent to users commonly pretending to be from a bank or website.

Question 13

How can phising be spotted?

Network threats

Answer 13

• Greeting: greeting is not personalised
• The sender’s address is often a variation on a genuine address
• Forged link: The link looks genuine, but it may not link to the website given.
• Poor spelling and grammar
• Request for personal information: Genuine organisations never do this
• Sense of urgency: Criminals try to persuade you that something bad will happen if you don’t act fast

Question 14

What is a denial of service (DoS) attack?

Network threats

Answer 14

In a denial of service attack, a hacker will use or infect a computer so that:
- it sends as many requests to the server as it can (known as a flood)
- the server can’t respond fast enough so slows down or goes offline

Question 15

What is a distributed denial of service attack (DDoS)?

Network threats

Answer 15

many computers are used to send the requests

Question 16

What is a man-in-the-middle attack (MITM)?

Network threats

Answer 16

allows the attacker to intercept communications between the user and server and:
- eavesdrop to find passwords and personal information
- add different information to a web page or other communication such as email

Question 17

What are some threats to digital devices?

Network threats

Answer 17

• losing mobile phone can lead to loss of all data in it
• malware can allow malicious users to acces device
• some apps are malicious and lead to fraudelent charges

Question 18

Methods to protect mobile phone:

Network threats

Answer 18

• use strong password
• encrypt data
• dont follow links in sus emails
• dont install apps without researching them
• delete all info on phone before discarding

Question 19

What is a brute force attack?

Network threats

Answer 19

In a brute force attack, a hacker will try every combination of password until the correct password is found.

Question 20

What is a SQL injection and how does it work?

Network threats

Answer 20

uses web forms to add SQL instructions to a query that cause data loss or the revealing of personal information

Question 21

What is penetration testing?

Preventing vulnerabilities

Answer 21

The practice of deliberately trying to find security holes in your own systems.

Question 22

How does penetration testing work?

Preventing vulnerabilities

Answer 22

testing to:
- identify the targets of potential attacks
- identify possible entry points
- attempt to break in
- report back the findings

Question 23

What is an anti malware software?

Preventing vulnerabilities

Answer 23

Anti-malware software will detect malware such as viruses, worms, trojans, and spyware

Question 24

How does anti malware software work?

Preventing vulnerabilities

Answer 24

• When a virus or new malware is detected it is sent to the anti-virus company.
• malware is verifies, then a signiture of malware is crated
• signiture is added to virus database and tell computers to run an update

Question 25

What is encryption? | Preventing vulnerabilities

Answer 25

Encryption is a way of securing data so that it cannot be read without the encryption key.

Question 26

How does encryption work? | Preventing vulnerabilities

Answer 26

Passwords stored by websites are almost always stored in an encrypted form, if a hacker obtains the data in the password database, they won’t be able to easily read the passwords

Question 27

How is transmitted data encrypted? | Preventing vulnerabilities

Answer 27

Websites using HTTPS encrypt the connection to the server: your web browser sends its key and form data, encrypting it with the server’s key, the server encrypts the web page you request using your web browser’s key.

Question 28

How can files be encrypted? | Preventing vulnerabilities

Answer 28

Files can be encrypted individually on a computer using a password, they can then only be viewed by people who have the password. Software such as zip files allow encryption to be applied.

Question 29

How can drives be encrypted? | Preventing vulnerabilities

Answer 29

Ordinary computer drives can be encrypted so that a password is needed to access the information, preventing hackers from understanding the contents if it is installed in a different computer.

Question 30

What is a firewall? | Preventing vulnerabilities

Answer 30

Prevents attackers from gaining access to computers on a network

Question 31

How does a firewall work? | Preventing vulnerabilities

Answer 31

- block certain malicious computers by filtering packets from a certain IP address - prevent access to certain ports on the network (port blocking) - malicious or inappropriate websites can be blocked

Question 32

What are user access levels? | Preventing vulnerabilities

Answer 32

Users will be given different levels of access to a system. They may have access to certain databases, programs or files.

Question 33

What are password policies? | Preventing vulnerabilities

Answer 33

Password policies make sure that passwords are made hard to guess and would require specific features.

Question 34

What is physical security? | Preventing vulnerabilities

Answer 34

Physical security is where hardware, software and networks are protected by physical methods.

Question 35

What are examples of physical securities? | Preventing vulnerabilities

Answer 35

- CCTV - Intruder alarms - Locks on doors or cabinets - Fences, walls, barbed wire - Security guards - ID cards and signs - Turnstiles and gates

Question 36

What does an operating system do? | Operating system

Answer 36

Operating systems manage computer hardware, users and the resources used by software

Question 37

What does operating system manage? | Operating system

Answer 37

- The user interface - Memory management - Multitasking - Peripheral management and drivers - User management - File management

Question 38

What are user interfaces and the 3 types? | Operating system

Answer 38

User interfaces provide a method for users to interact with a computer. Command line, Menu drive and graphical.

Question 39

What is a graphical user interface? | Operating system

Answer 39

a digital interface in which a user interacts with graphical components such as icons, buttons, and menus.

Question 40

What is a command line interface? | Operating system

Answer 40

Text commands are entered into the interface, requires very little processing and can save on the need for an expensive graphics card.

Question 41

What are menu driven interfaces? | Operating system

Answer 41

often used by devices that have a dedicated function including, MP3 players, ATM machines, Self service checkouts

Question 42

What is memory management? | Operating system

Answer 42

To run a program, the computer must copy the program from storage into main memory. The OS keeps a record of where each program and its data are located and makes sure not to overwrite existing programs and data.

Question 43

What is multitasking? | Operating system

Answer 43

Multi-tasking is where an operating system manages many tasks happening at the same time. The operating system decides which process will next run on the CPU and for how long

Question 44

What are interrupts? | Operating system

Answer 44

Interrupts are signals sent to the CPU by external devices to indicate an event that needs immediate attention. They tell the CPU to suspend its current activities and execute appropriate instructions.

Question 45

What is peripheral management? | Operating system

Answer 45

The operating system must manage getting inputs from and sending outputs to peripheral devices.

Question 46

What is a device driver? | Operating system

Answer 46

A device driver is a program that controls peripheral devices, each device communicates with the OS via its own driver

Question 47

What is disk management? | Operating system

Answer 47

The hard disk in a computer is a storage peripheral. The OS: - manages where on the disk files are written - keeps track of where they are so they can be retrieved - makes sure no file overwrites another file

Question 48

What are file management features? | Operating system

Answer 48

Features available on for files: - Naming files - Allocating files to folders - Moving files - Saving files - Copying files - Deleting files

Question 49

What is user management? | Operating system

Answer 49

The OS is resposible for user logins and passwords, it will store all users and their passwords in a fie or database.

Question 50

What are access rights? | Operating system

Answer 50

- If a computer is used by more than one person, each user should be able to see only their own files - Users and system administrators have different levels of access rights - Some users may be allowed to read files but not edit them

Question 51

What is a utility software? | Utility software

Answer 51

Utility programs perform extra functionality and housekeeping tasks that keep computers running efficiently.

Question 52

What are the 4 main components of utility software?

Answer 52

- Encryption software - Defragmentation software - Data compression - Disk clean-up tools, disk formatters, anti-virus software

Question 53

What is encryption software?

Answer 53

Encryption software is used to encode text so that it cannot be understood without knowing the key to decode it.

Question 54

What is disk fragmentation? | Utility software

Answer 54

When you save a large file it may not fit on the disk in consecutive memory locations. In order to read the file, the drive head will need to move to more locations.This makes it far slower to access files and programs.

Question 55

What is disk defragmentation? | Utility software

Answer 55

Defragmenting the hard disk reorganises files so they are stored together. Read times are far faster Free space is also in one place so new files do not need to be fragmented

Question 56

What is data compression software? | Utility software

Answer 56

Utilities such as WinZip enable users to compress and decompress files or folders.

Question 57

What are benefits of data compression? | Utility software

Answer 57

- reduces the amount of storage space needed on a disk - If sending the files, it reduces the amount of data that is sent - allow attachments to be sent via email that would otherwise be too large - More data can be stored on backup media