unit 6 - cybersecurity

Question 1

what is cyber security?

Answer 1

the different processes, practices and technologies that protect networks, computers, programs and data from attack, damage or unauthorised access

Question 2

what kind of threats are computers vulnerable to?

Answer 2

• malware including viruses
• social engineering
• pharming
• weak and default passwords
• misconfigured access rights
• removable media like a USB
• unpatched and/or outdated data

Question 3

why is it important to secure data?

Answer 3

• millions of organisations store data and it is very valuable
• also very vulnerable

Question 4

what are password policies?

Answer 4

• passwords are often checked as they are created to make sure that they conform to the parameters given in a required policy
• organisations will often have password policies and this makes sure that the password has specific features

Question 5

what are some examples of password policies?

Answer 5

• minimum length of characters
• include at least 1 lowercase letter
• include at least 1 uppercase letter
• include at least one symbol £$%&*@
• have to change the password every month

Question 6

what are default passwords? and why do they make devices vulnerable if not changed by the user?

Answer 6

• the initial passwords that come with a device when it is bought
• most devices come with a default password or PIN to gain access eg. 0000, 1111 and 1234

threat; makes it easy for hackers to gain access using password lists or a brute force attack

Question 7

what are default passwords? and why do they make devices vulnerable if not changed by the user?

Answer 7

• the initial passwords that come with a device when it is bought
• most devices come with a default password or PIN to gain access eg. 0000, 1111 and 1234

threat; makes it easy for hackers to gain access using password lists or a brute force attack

Question 8

what are user access levels?

Answer 8

• access rights may be set on hard drives, folders and even individual files
• alters what a specific user can see

Question 9

why do misconfigured access rights serve as a threat?

Answer 9

• each user in an organisation is assigned individual access rights, according to their role eg. network users shouldn’t have access to the setup and configuration settings
• these rights have to be carefully managed so that no one has access to areas that they don’t need to do their job as it can become a security weakness

threat; these give users too much access which they can then misuse

Question 10

what is pharming?

Answer 10

a cyber attack that redirects a user to a fake website

Question 11

how does a pharming attack take place?

Answer 11

if a hacker can change the entry on the DNS (domain name system) server, then they can make it point to a fake website that they can control, meaning the DNS server has been ‘poisoned’
→ the fake website might appear the same as a real website
→ its real aim is to collect personal data like bank details
→ the hacker can then use this to transfer money to themselves

Question 12

what threat does a pharming attack pose?

Answer 12

a DNS server is compromised so that it points to a fake website which can then obtain personal information like usernames and passwords

Question 13

what is removable media? and how can they be a threat??

Answer 13

any storage device that can be inserted and removed from a computer

• such as, USB flash drives or SD cards
• removeable media can be used to steal documents and files from a company or introduce malware

Question 14

how can malware get onto removable media?

Answer 14

• malware could get onto the removable media by:
  
  • being present on a home computer and then infecting the removable media device when inserted
  • also, a hacker could leave an infected USB flashdrive somewhere and it may accidentally get inserted into a computer

threat; these can be used to introduce malware or remove confidential documents

Question 15

why must software be regularly patched or updated?

Answer 15

• many updates contain fixes to known security issues
• hackers will be aware of these known security issues, making computers that haven’t been updated an easy target

Question 16

what are the most important software updates?

Answer 16

• operating system: updates often contain security updates
  
  • it’s important to update the operating system is kept as secure as possible as it has full control of the computer or server
• antivirus or anti-malware software needs to be updated regularly or daily so that it can detect new malware

threat; leaves security holes open

Question 17

what is social engineering and what are some examples of this?

Answer 17

the ability to obtain confidential information by manipulating people for it

• blagging
• phishing
• shouldering

Question 18

what is phishing?

Answer 18

using email or a text message to obtain information
- emails, texts or phone calls are sent to users pretending to be from a trustworthy organisation (like a bank or website)
- these messages attempt to gain things such as: usernames, passwords, credit card details and other info

Question 19

what are the features of a phishing email?

Answer 19

• greeting: generalised greeting, no personalisation
• sender’s address: a variation of a genuine address
• forged link: looks like a genuine link but redirects you to a different website
• request for personal information: genuine organisations will never ask for such details over an email
• sense of urgency in the mail
• poor spelling, grammar and punctuation

Question 20

what is shouldering?

Answer 20

• the ability to get information or passwords by observing as someone types them in
  
  • using a CCTV camera
  • looking over someone’s shoulder
  • overlooking a phone unlock pattern

Question 21

what is blagging?

Answer 21

• the act of creating and using an invented scenario to engage a targeted victim - often makes use of tricks to get the target to do something that they wouldn’t under normal circumstances
• used to obtain personal information or money from a victim by creating a sense of urgency

Question 22

what is malware? and what are some types of malware?

Answer 22

malicious software; executable programs that run on a computer

• viruses
• trojans
• spyware
• ransomware
• worms

Question 23

what are viruses and what do they do?

Answer 23

• replicates their code in other programs (hence infecting)
• they infect other computers
• they harm the computer by deleting, corrupting and modifying files

Question 24

what is a worm?

Answer 24

• they replicate themselves in order to spread to other computers
• they don’t cause damage to the attacked computers but use up their resources
• they slow down networks and computers

Question 25

what is a trojan?

Answer 25

- they have a program, game or cracked file which is something a user wants - they have negative program code which causes damage, takes control or provides access to the computer

Question 26

what is spyware?

Answer 26

- installed without the user knowing it - it spies on them by: tracking them as they visit websites or installing a keylogger that can read passwords and personal info - personal data is then sent back to the hacker often through the use of cookies

Question 27

whata re some methods of protecting devices from threats?

Answer 27

- pen testing - anti-malware software - anti-virus software - biometric measures (especially mobile devices) - password systems - CAPTCHA - email confirmation to confirm identity - automatic software updates - authentication, encryption, firewalls and MAC address filtering

Question 28

what is anti-malware software and what does it do?

Answer 28

- will detect malware such as viruses, worms, trojans and spyware - when a virus or new malware is detected it is sent to the anti-virus company - they verify that it is malware and then create a signature of it - then add it to their database and tell the computers to run an update

Question 29

how can viruses avoid detection?

Answer 29

they can morph which makes it harder to create a signature

Question 30

what do passwords do?

Answer 30

- prevents unauthorised access - applies correct permissions to each user

Question 31

how does biometric authentication work?

Answer 31

- measures a person’s physical characteristics to verify their identities → eg. fingerprints/face - facial recognition; commonly used for phones and tablets - retinal scans: used in high security organisations - matching the face to the voice

Question 32

what do automatic software updates do?

Answer 32

- updates your software whenever they make a change - necessary to fix bugs or edit security

Question 33

what does CAPTCHA do?

Answer 33

- prevents hackers from sending multiple submissions to webpages so they don’t make log in attempts or add spam posts - they are easy for humans, but hard for computers

Question 34

what happens if the CAPTCHA is read incorrectly?

Answer 34

- another CAPTCHA is usually given so the user can try again - after many attempts, the website may block access for a while to prevent any brute-force attempts

Question 35

what is penetration testing?

Answer 35

- trying to find weaknesses/security holes in the system so as to prevent cyber attacks before they happen - white box pen testing simulates an insider with knowledge of the system - black box simulates an internal hacking or cyber attacking

Question 36

what are the aims of penetration testing?

Answer 36

- identify possible attacks - identify possible entry points - attempt to break in - report findings

Question 37

what are the rules of CAPTCHA?

Answer 37

- skew the angles - rotate the characters - vary the sizes and fonts - lines through the letters - obscured/fuzzy