Unit 6.1 Data Security

Security

Security

Measures taken to protect computer system etc. from unauthorised access/breaches.

Privacy

Rights and regulations around collection, use, dissemination of personal/sensitive info.

Integrity

Accuracy, consistency & reliability of data.

Cyber Threats

Various types of malware such as viruses, worms, spyware, Trojan horses, and ransomware that can harm computer systems and files.

Malware

Software containing malicious code that can damage computer systems and files, spread through email attachments, phishing, untrustworthy websites, or memory sticks.

Virus

Malware that corrupts/deletes/disrupts computer, unable to spread by itself, needs user action.

Computer Worm

Malware that acts similar to virus but can spread on its own.

Spyware

Malware that gathers info about users activities e.g. keystrokes

Trojan Horse

Malware that looks like genuine software but release malicious code when opened.

Ransomware

Malware that encrypts users computer and requests ransom payment for user to retrieve data.

White-Hat Hacker

Ethical hacker who identifies vulnerabilities in systems and reports them to improve security.

Grey-Hat Hacker

In between White & Black-Hat, may choose to hack without malicious intent and report vulnerabilities to org.

Black-Hat Hacker

Hacker that exploits vulnerabilities and doesn’t have permission or follow regulations

Phishing

Illegally obtaining sensitive information by tricking individuals into revealing it, often through emails or phone calls impersonating legitimate entities.

Pharming

Malware that directs user from genuine to fake website without their knowledge/consent.

Firewall

Software that checks all incoming traffic against rule before it reaches computer, if it doesn’t match it blocks access

Signature Detection

Anti-Virus that scans everything and checks it against a known virus database

Heuristic Analysis

Anti-Virus that analyses file behaviour to see if its an unknown virus

Encryption

Encoding data to prevent unauthorized access, with symmetric encryption using one key and asymmetric encryption using two keys for secure data transmission and storage.

Authentication

Confirming the identity of a person through factors like something they know (password), something they have (ID card), or something they are (biometrics like fingerprint or facial recognition).

Access Rights

Permissions that allow different users/groups to access or be denied specific parts of a network, including read, write, delete, and create actions.