Computing SLR5

penetration testing?

attempting to gain access to recourses without knowledge of passwords and other means of access

firewall?

• software or hardware

• only lets certain types of traffic through while blocking others, improving network security.

white box pt

simulates a malicous insider who has knowledge of basic credentials for the system

black box pt

simulates an externam hacking attempt against a company/organisation

user access control

• user access levels

• only someone with valid username and password will be able to gain access

malware?

software written to infect computers allowing you to conduct fraud and identity theft

• virus

• worms

• trojans

• spyware

• ransomware

• keyloggers

• etc

virus?

a piece of code capable of copying itself

• corrupting system or destroying data

• cannot spread without human interaction

worm

a piece of code that can self-replicate and spread without human interaction

Trojan

a program that appears harmless but is malicious

• when installed can create a backdoor into victims system

ransomware

a type of malware that encrypts a victim's files and demands ransom for the decryption key

Keylogger

software that obtains covert info about a users computer activities by silently monitoring and recording

pretexting

a form of social engineering where an attacker creates a fabricated scenario to obtain personal information from a victim.

phishing

sending emails that appear to be from legitimate sources to trick recipients into revealing sensitive information.

baiting

the promise of cash or goods that people with malicious intent use to entice victims

quid pro quo

a social engineering tactic where an attacker offers a service or benefit in exchange for personal information, often posing as a legitimate authority.

anti-malware software

software designed to detect, prevent, and remove malicious software from computers and networks.

→ scanning files and comparing their contents with a library of known malware

encryption

converting data into a coded format to prevent unauthorized access, ensuring that only those with the correct decryption key can read the information.