Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
DAVJ2771.4
J277 GCSE CS 1.4 THREATS TO COMPUTER SYSTEMS
| Question | Answer |
|---|---|
| What is Malware? | Software written to cause loss of data, encryption of data, fraud and identity theft: Examples are virus, worm, trojan, ransomware and spyware. Protect with: anti-malware software kept up to date |
| What is Phishing? | Sending emails pretending to be from reputable companies (eg. banks) to induce people to reveal personal information. Protect with: anti-spam filters and staff training to spot phishing emails. This is a type of social engineering |
| People as a weak point (Social engineering) - What is it? How can it be prevented? | Most vulnerabilities are caused by humans. Not locking computers, using insecure passwords, not following network policy. Allowing shoulder surfing Falling for pretexting—made up scenario . |
| What is shoulder surfing? | Someone watching you typing in your password/pin |
| What is social engineering? | People as the weak point in computer systems |
| Brute force attack—what is it? | A trial and error method of guessing passwords in order to gain access to a system. Automated software is used to generate a large number of guesses. |
| Brute force attack—How can we prevent it? | Protect with: progressive lock out after 3 attempts, delays (try again in 1 hour) and enforcing strong passwords. 2FA |
| What is a Denial of service attack - DOS | Flooding a web server with so much traffic it is unable to process legitimate requests and often crashes. |
| How do you prevent a Denial of service attack (DOS) | Protect with a firewall and detect with network forensics. |
| What is data interception and theft | Stealing computer-based information. |
| How can data interception be prevented | Encryption. If data is intercepted it won't be understood. |
| What is SQL injection? | Malicious code entered into a website form to modify the SQL statement that is executed resulting in unauthorised access to /modification/deletion of data. |
| How can SQL injection be prevented? | Protect with: validation on user input—check no sql commands, penetration testing and parameter queries. |
| What is penetration testing? | Pentesting is used to identify possible weaknesses in a network’s security. Organisations employ specialists to try and hack into their system. The results of the pentesting are then reported back so the company can resolve them |
| What is physical security? | Physical security refers to locking devices away so they cannot be accessed. Eg. locking rooms with equipment. Examples—Locks, keycard entry, alarms, cctv, security guards |
| How do you protect yourself from malware | Use anti-malware software. Update it regularly. Don’t open attachments on emails from unknown sources. |
| What is ransomware? | A type of malware. Malicious software designed to block access to a computer system until a sum of money is paid. |
| How do you prevent malware being installed? | Use anti-malware software. Update it regularly. Don’t open attachments on emails from unknown sources. |
Created by:
Davenant Computer Science
Popular Computers sets