1.4.1 Threats to Computer Systems & Networks
Studied by 0 people
Call Kai
Learn
Practice Test
Spaced Repetition
Match
Flashcards
Knowt Play1/11
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced |
|---|
No study sessions yet.
12 Terms
What is malware?
An umbrella term for hostile or intrusive software (e.g., viruses, trojans, spyware) designed to damage, disrupt, or gain unauthorised access to a computer system.
What is a computer virus (malware)?
A type of malware that attaches itself to a legitimate program/file and spreads across a network when the file is opened, often to corrupt or delete data.
What is a trojan (malware)?
A malicious program that disguises itself as legitimate software to trick a user into installing it. It can then, for example, create a backdoor for attackers.
What is spyware (malware)?
A type of malware that secretly gathers information about a user’s activity (e.g., keystrokes, browsing habits) and sends this information to the attacker.
What is social engineering?
Manipulating people into giving away confidential information (like passwords or bank details). It targets the human 'weak point' rather than the technology.
What is phishing (social engineering)?
Sending a victim a communication (e.g., an email or text) that looks genuine from a trusted source, containing a link to a fraudulent site to steal personal information.
What is a brute-force attack?
An attack that uses automated software to try thousands of possible password combinations (e.g., using a dictionary of common words) until the correct one is found.
What is a Denial of Service (DoS) attack?
An attack that overwhelms a server or network with a massive number of requests (e.g., high volumes of traffic) in a short time.
What is the purpose of a DoS attack?
To make the server or service slow or completely inaccessible to legitimate users.
What is data interception and theft?
The unauthorised act of accessing (reading) data as it is being transmitted across a network. This is easiest on unsecured networks (like public Wi-Fi).
What is SQL injection?
A technique where a malicious user enters SQL code into a website’s input field (like a search bar). If the input is not validated, the code is run by the database.
What is the purpose of an SQL injection attack?
To view, modify, or delete data from a database that was not intended to be accessed (e.g., stealing user passwords or customer data).