(new) C5 - The internet and its uses

What is the Internet?

A very large global network to allow users to access the World Wide Web

What type of network is the Internet?

Wide area network

Who made the World Wide Web and why?

Tim Berners-Lee as he would need to access different computers for different information so he shared information using hypertext

What is the World Wide Web?

Collection of webpages and websites

What is Uniform Resource Locator (URL)?

Text-based address for a website

What does web browser?

Software that retrieves and displays web pages

How does a user accesses a webpage?

The user types the URL into the web browser

What are the components of a URL?

Protocol, domain name, webpage file name

How is a web page requested and retrieved by a computer?

• The user opens the web browser an types the URL into the address bar

• The web browser sends the URL to the domain name server (DNS)

• The DNS stores the IP address to the domain name

• If the IP address was not found in the DNS, it sends the domain name to the second DNS

• This happens till the domain name is found

• If it is not found a message is sent back to the web browser saying that the website is not found

• The web browser receives the IP address

• The web browser sends a request to the web server

• When the web server receives a request to the web page, its sends the data for the website HTML, CSS and javascript to the web browser using HTTP

• The web browser renders HTML and CSS and runs the javascript

What does HTTPS do?

Add an extra layer of security that encrypt data that is transferred by using a digital certificate

What is a digital certificate?

A certificate awarded to a website if they can prove they are a real organisation

What is the certificate authority?

Awarding organisation that checks if another organisation is real and secured before giving additional certificate

How is a layer of security added?

Before web browser send a request to Web servers for the webpage it sends a request to the web server for digital certificate

Server send a copy of Of the digital certificate to browser

Web browser check if the certificate is authentic

If the certificate is authentic web browser allows communication to continue with WebServer and data transmitted is encrypted

If certificate is not authentic, the web browser will report that the website is not secure

What does HTTPS protocol use?

Secure socket layer or transport layer security

What is the main purpose of a web browser?

A software application allowing you to access information available on the worldwide web

What does render mean?

Processing webpage data like HTML to display a webpage

What is a cookie?

Small text file that is used to your personal data by a web browser

What are examples of what cookie store?

String usernames and passwords for accounts

String bank card details for buying products online

Storing products in a virtual shopping cart

Help formatting websites

Track content you are looking at in the worldwide web for advertisement

what are the two types of cookies?

Session and persistent cookies

What are session cookies?

Deleted when the browser is closed

What are persistent cookies?

Cookie stored by web browser until deleted by user or expired

Where are persistent cookies stored in?

Hard drives

What are risks of cookies?

Invasion of privacy

Identity being stolen

How can you reduce the risks of cookies?

By limited cookies by changing the settings of your web browser

What is digital currency?

exists electronically then physically

How is payment encrypted?

Using hTTPS protocol

Where are payment details stored in?

Persistent cookies

What is cryptocurrency?

Additional currency that uses encryption and not managed by central authority

What is Blockchain?

A method used to track transactions made with cryptocurrency

What is Digital ledger?

Database that is a list of transactions recorded by Blockchain

How does Blockchain work?

When a payment is made a record is added to the ledger, including a digital signature with the time, and the payment was made is encrypted and cannot be changed, but anyone can view the data

What are digital currencies?

exist electronically then physically

How was payment encrypted?

Using HTTPS Protocol

Where are payment details stored in?

Persistent cookies

What is cryptocurrency?

Digital currency that uses encryption and not managed by central authority

What is Blockchain?

A method used to attract transaction made with cryptocurrency

What is digital ledger?

Database that is a list of transactions recorded by Blockchain

How does Blockchain work?

When a payment is made a record is added to the ledger, including additional signature with the time and date the payment was made. The data is encrypted and cannot be changed, but anyone can view the data.

What is brute-force attack?

Type of cyber threat involving repeatedly inputting a password until the correct one is found to break into a device

Why is brute force attacked done?

To steal personal data or use it to buy the items

How to avoid brute force attack

Strong Password

Limiting number of attempts allowed to enter the password

Biometric passwords

Two-step verification

What is a biometric password?

Type of password that uses biological data

What is two step verification?

A process that involves inputting two different kinds of data

Why biometric passwords good

They are unique to us

Why are two step verification good?

The attackers also need access to another device increasing difficulty

What is a packet sniffer?

Piece of Software used to examine contents of data

What is Datta interception?

Data packets are intercepted and examined through packets sniffers

What is data interception used for?

Interception is used to steal data for fraud or theft

How was Datta interception avoided?

Using encryption and checking URLs

How does DDoS attack happen?

Creates a botnet by sending malware to many computers

Bot sent multiple request to access Web servers at the same time

This flood, the web server with too many requests and struggles with dealing with each request

The web server slows down and eventually crashes

Web server denied service to a normal request

Why is DDOS done?

To demand a company to pay to stop the attack punish the company as an active revenge or activism

What is a proxy server?

Method of cyber security examining request sent by devices to access pages

How does proxy server help with DDoS?

It is used as a barrier by getting all requests for a Web server to pass through proxy servers

If there are too many requests, it passes them at a slower rate so web servers are not flooded with requests

Cashing - once request has been sent from an IP address. It can stop repeated request for a short time from the same IP address.

What is anti Malware?

Type of software that scans a device to find and remove malware

How does anti Malware work?

By comparing each file with a known list of malware, if there is a match, it puts the file into quarantine area and tells the user a malware has been found

How to avoid DDoS?

By using proxy servers and anti-malware

What does hacking mean?

Gain unauthorized access to data to steal or corrupt data

Why is hacking done?

To steal data and identity, corrupt or leaked data about a company or has an act of revenge or activism

What is a firewall?

A cyber security method used to examine incoming and outgoing traffic from a computer

How does a firewall work?

By giving it a set of criteria to examine the data, the data is sent through a firewall is compared with the criteria firewall can either accept or reject the data and stop it from passing through Or stop certain ports

What are security solutions for hacking?

Firewall automatic software updates, strong, passwords, and two-step verification

Why are software updates necessary?

As hackers try to explore software software companies, develop updates to solve the issue

What is malware?

Malicious software used to disrupt Computers

What is a virus?

Once downloaded in replicates and corrupt data or Uses all memory into computer, crashing it

What is a worm?

Replicate itself by finding vulnerabilities in the network and clog the network slowing it down

What is spyware?

Software that spies on users action, while using a computer spyware works by using a key logger to record key presses on a good keyboard this is sent to attackers where it is analyze to find patterns in the data

What is Trojan horse?

Disguises itself to look harmless but contains malware

What is Adware?

Designed to automatically create pop-up adverts

What is ransomware?

Download it to encrypt data and stopped access so the creators demand money to the crypt

What is Datta back up?

Copy of data store separately

How do you protect against malware?

Anti-malware

Firewall

Being cautious

Creating backup of data

Typing passwords in other ways – drop-down boxes or virtual keyboards Or typing random letters from the password

What is farming??

Download a software that redirect request aimed at a genuine website and redirect to a fake website instead

What is farming used for?

To steal personal data

What should you do if you see a website is fake

You should change your password immediately

How do you protect against farming?

anti-malware, By checking websites

What is fishing?

Sending a fake email which redirect them to a fake website or respond to an email

How do you protect against fishing?

Checking the URL and checking the tone of the email

What is social engineering?

Deceiving people into giving personal data

What are access levels?

Amount of access user is given to Datta

how social engineering avoided?

By using axis levels and awareness of how social engineering happens

What is the username?

Textbased identification, given to users identifying the level of access they have

Why are acess levels good?

Because if an employee is targeted, the attacker only gains access to a limited amount of data