3.6- Cyber Security
Studied by 0 people
Learn
Practice Test
Spaced Repetition
Match
Flashcards1/38
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced |
|---|
No study sessions yet.
39 Terms
What is Cyber Security
Cyber security consists of the processes, practices and technologies designed to protect networks, computers, programs and data from attack, damage or unauthorised access
What is password policy
A policy set out by an organisation or computer system that ensure that passwords have features like:
Minimum length of characters
Include at least one lowercase letter
Include at least one uppercase letter
Include at least one symbol
Change password every month
What are the cyber security issues of weak or default passwords
• hackers could use brute force methods to crack passwords
• weak admin passwords would allow hackers to gain admin level access
• default passwords allow hackers to gain access without any effort
• default / stolen passwords published online so that everyone can find them.
How can companies protect against weak or default passwords
enforce a strong password policy, including admin accounts on all devices, across the company with passwords that are regularly changed
force users to change their passwords regularly to strong ones.
ensure default passwords are changed on all devices
implement biometric measures such as fingerprint / facial / retinal scans for user authentication
What are user access levels
The rights which a user has to a hard drive, folder or individual file. Some examples of access levels are: Read, Write, Modify, Execute and Comment
What are misconfigured access rights
When a user has access to files, folders, settings and/or drives that they should not have access to
How does misconfigured access rights cause a cyber security threat
• allows staff to access areas they are not supposed to
• network admins might not know that secure areas had been breached as no- one has ‘broken in’
• staff could reconfigure network
• staff could create new user accounts to give themselves admin access.
What can companies do to protect against misconfigured access rights
careful application of suitable access rights across the network reducing the level of access level of any one individual
make sure users only have access to the data / software they need
give read-only access instead of full access where possible
ensure that only relevant accounts have access to change DNS files.
What is a pharming attack
1. Hacker changes the entry on a DNS server to make it point to a fake website that they control; the DNS server has been poisoned
2. Computer requests the IP address of a website from a DNS (Domain Name System)
3. The poisoned DNS server sends back the IP address of a fake website
4. The fake website appears real so the user enters personal detail, like banking information
5. The hacker now has access to the user's personal information
6. The user is then redirected to a real website and told an error has occurred; they often have no idea that something has happened
This can be prevented using an up to date virus checker
How does a pharming attack provide a cyber security threat
Data Theft – Users enter sensitive details (e.g., login credentials, financial information) into a fake website, allowing attackers to steal them.
Identity Fraud – Stolen personal data can be used to commit fraud or impersonate individuals.
Financial Loss – Cybercriminals may use stolen bank details to withdraw money or make fraudulent purchases.
Difficult to Detect – Unlike phishing (which requires users to click a fake link), pharming works behind the scenes, making it harder for victims to recognize.
What can companies do to protect against pharming attacks
Use up-to-date antivirus and anti-malware software
Check for HTTPS and security certificates on websites
Avoid clicking on suspicious links or pop-ups
Use a trusted DNS provider
Removable Media
Any storage device that can be inserted and removed from a computer. These can be used to steal documents and files from a company and introduce malware
How does removable media provide a cyber security threat
Malware Transmission – Infected removable media can introduce viruses, ransomware, spyware, or worms to a system when plugged in.
Data Theft – Attackers can use removable media to steal sensitive data by copying files from a device without authorization.
Unauthorized Access – If lost or stolen, removable media can allow unauthorized individuals to access confidential files, leading to data breaches.
Bypassing Security Measures – Some organizations use network security tools to protect against cyber threats, but removable media can be used to introduce malware offline, bypassing these protections.
Insider Threats – Employees may intentionally or accidentally use removable media to transfer or leak sensitive information, violating data protection policies.
How can companies protect themselves from removable media related cyber security threats
Disable or restrict the use of USB ports where unnecessary
Use encryption to protect data stored on removable media
Scan removable media for malware before use
Implement policies to regulate the use of external storage devices
Unpatched software
Software that hasn't been updated and may contain security issues
How can unpatched software cause a security threat
could allow staff or hackers to exploit known weakness / flaw
known weaknesses / flaws are published online
once in a hacker could install malware.
What can companies do to protect against unpatched or outdated software
software patches and updates are applied regularly (automatically) to keep the systems up to date, ensuring any recently discovered bugs or security issues are patched.
Social Engineering
Social engineering is the art of manipulating people so they give up confidential information.
Shoulder Surfing
This is where someone watches and records\remembers a victim entering their pin or security information such as passwords. (They can then use this information to gain access to a system);
Phishing
Is where the victim receives and responds to a communication that appears to be from a valid or known source but is in fact fraudulent. (It allows the fraudster to capture private information before the victim realises);
Phishing is a technique of fraudulently obtaining private information, often using email or SMS.
Phishing identifiers
Greeting is not personalised
Senders address is not personalised
Forged Link
Request for personal information
Sense of urgency
Poor spelling and/or grammar
Blagging (Pretexting)
This is where a victim is tricked/persuaded by a fraudster to give their details or payment information for a false reason/purpose;
Confidence Tricks
Malware
Software that is intentionally designed to cause disruption, leak information or gain access to a system normally without the user knowing.
Virus
A type of malware that infects computers by replicating its code in other programs and causing harm to the computer by deleting, corrupting or modifying files. They can also infect other computers via the network or via email. Viruses:
Attach themselves to legitimate files or programs, so that when the infected files are executed, the virus spreads
It can corrupt or delete files, slow down performance, or make the computer unusable
Some viruses replicate themselves and spread to other files, making them difficult to remove
Trojan
A type of malware that is normally a program, game or cracked file that is something that the user wants and can cause damage, take control or provide access to a computer
Spyware
A type of malware that is normally installed without the users knowledge with the aim to spy on users activities via a website tracker or a keylogger
Anti-Malware Software
A type of software that will detect malware and help the computer to patch the vulnerability
Anti-Malware Software Procedure
1. When a virus or new malware is detected it is sent to the anti-virus company
2. They verify it is malware then create a signature of the virus
3. They then add it to their virus database and tell computers to run an update
When a file is downloaded, it is scanned by the software; if any of the files in the downloaded package match the signature of malware in the database, the file is quarantined before it can cause harm. The user is then notified and can stop the download
Passwords
A method of authenticating that a user is allowed to access a system and help to apply the correct user permissions to the users account
Biometric Authentication
The use of a person's physical characteristics in order the verify their identity. The most common methods of biometric authentication is fingerprint and facial recognition
Software Update
A type of software that patches bugs and offers security updates. This is normally done automatically
Email Authentication
The use of an email as a method of authenticating a user's identity. It can be used for verification of the user or a method of resetting user information
CAPTCHA
A method of authenticating whether a user is a computer. Stands for "Completely Automated Public Turing test to tell Computers and Humans Apart"
When would CAPTCHA be used
• account registration;
• account access;
• online voting systems;
• ticket purchasing / transaction completion;
• on pages where comments / reviews can be posted;
• on parts of the website where fraudulent click-throughs may be possible;
Penetration Testing
The practice of deliberately trying to find security holes in your own systems
Goals of Penetration Testing
Identify the targets of potential attacks
Identify possible entry points
Attempt to break in
Report back the findings
White Box Penetration Testing (malicious insider)
when the person or team testing the system has knowledge of and possibly basic credentials for the target system, simulating an attack from inside the system (a malicious insider)
Black Box Penetration Testing (external attack)
when the person or team testing the system has no knowledge of any credentials for the target system, simulating an attack from outside the system (an external attack).