Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
14 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
What is malware? |
Short for malicious software, malware is a broad-spectrum term used to describe software used to disrupt computer operation. |
|
|
|
What is a Virus? |
A virus is a computer program that is able to copy itself onto other programs often with the intention of maliciously damaging data. A virus is transmitted by 'piggybacking' on another program known as a 'vector'. |
|
|
|
What is a worm? |
Is similar to a virus but is a standalone program that replicates itself in order to spread to other computers. It does not need a vector. |
|
|
|
What is a key logger? |
Are covert programs that capture keyboard (or other input device) input and transmit this data to a third party or hold the data for collection. |
|
|
|
Describe methods of protection against malware. |
Unique username and a strong secure password - the organisation limits access to the network by ensuring that all authorised users have unique username and a strong secure password. Access rights - access to confidential files on the network is limited to authorised users only by assigning access rights to users that only allow certain users to access specified area of the network and/or specified files. Encryption - hackers are prevented from reading the confidential files even they gain access to it by encrypting the files Encryption – an encryption key is used and known only by the organisation. Firewall - the servers would be protected with firewall software blocking / checking all network traffic entering or leaving specified ports / stop programs accessing the internet Antivirus software - file servers would be protected with antivirus software which regularly scans all files stored on them for possible infection by malware Antivirus software - email server would be protected with antivirus software and all incoming emails would be scanned to see if attached files are infected Antivirus software - workstations would be protected with antivirus software and all files from external media would be scanned before they’re allowed to be accessed Accounting or auditing software – all files accessed by a user are recorded in an activity log |
Firewalls...
|
|
|
What are cookies? |
Cookies can be seen as a securityissue as they hold personal informationand this can be used or sold andtracking cookies can hold informationon the websites visited by users.
|
|
|
|
What is a DoS attack? |
A DoS attack is a deliberate attempt to prevent legitimate users of a network from accessing the services provided by the server or connected systems. The classic DoS attack will come from a single computer sending multiple requests to the server. Denial of service attacks usually aim to overload servers or systems with requests for data or access to resources like the processor or main memory. Some denial of service attacks also exploit weaknesses, either in the security system or network infrastructure. |
|
|
|
IP Spoofing |
IP spoofing is the creation of Internet Protocol (IP) packets with a false source IP address, for the purpose of hiding the identity of the sender or impersonating another computing system. |
|
|
|
Explain the need for backups and generations of files. |
Backups protect data following primary data loss. Generations of files, e.g. the grandfather-father-son regime, allows data to be restored to a previous version following catastrophic data loss. The daily or 'son' backups are saved each night for a week until there are seven 'sons'. At the end of the week, the oldest 'son' will be put aside and known as a 'father'.Each week for a period of a month a new 'father' is created.At the end of a month when there are four 'fathers' one will graduate to 'grandfather'. 12 grandfather backups will be stored each year. |
|
|
|
Explain the need for archiving files. |
Archiving is the process of storing data which is no longer in current or frequent use. It is held for security, legal or historical reasons. Benefits: - reduces data which is stored on the network or system thus making it faster to back-up- network storage space is expensive. By archiving data it frees up space for data or files which are currently in use.- improves the performance of the system since less files stored. |
|
|
|
What is an acceptable use policy and what are some typical rules one may include? |
An acceptable use policy is a 'contract' that each person signs before they are given access to the network. Some rules may be: Choosing secure passwords i.e. at least 8 characters and containing symbols, capital letters. Changing passwords regularly and not using the same one twice. Keeping passwords safe and not sharing them with anyone. Logging off a workstation when they are going to be absent. Not installing any software or downloading files. Not using USB sticks unless authorised |
|
|
|
Explain what is meant by a Disatster recovery policy and state it's typical contents. |
It is a policy put in place to get back the network and data should the worst happen such as a fire, flood or a complete network breakdown. It may include: Who has responsibility for performing backups. The location of the backups - which are preferably stored off site. How often the DRP needs to be tested to ensure that it is still valid. A list of the main suppliers of the hardware are so the network can be re-built. Any international standards that have been used in the current network setup. |
|
|
|
Describe methods of identifying vulnerabilities |
Footprinting • Interrogating resources on the Internet for information about systems, looking to discover what a potential attacker can also discover without an organisation's knowledge (can remove 'enticements' or 'low hanging fruit' by this method). Penetration testing • Attempting to penetrate a system's security layers in order to demonstrate security risks. |
|
|
|
What are cookies? |
A cookie is the term given to describe a small piece of code that is given to a Web browser by a Web server. The main purpose of a cookie is to identify users and prepare customized Web pages or to save site login information. Cookies can be seen as a security issue as they hold personal information and this can be used or sold and tracking cookies can hold information on the websites visited by users. |
|
