5.3 Cyber Security


Cyber Threats

Bruteforce Attack

Tries every single combination until the correct one is found.

Data Interception

Involves eavesdropping to steal sensitive information and use it for attacks

DDos Attack

A Distributed Denial of Service attack is when multiple computers are used as bots. They flood a server with lots of request at the same time that the server cannot handle and crashes

Malware

Malicious software used to gain access to a system such as a , , , , , and .

Phishing & Pharming

Phishing involves sending a user an email which looks legit but takes them to a fake website to steal sensitive information. Pharming involves malware being downloaded without the users consent and also takes them to a fake website.

Social Engineering

Manipulating individuals to gain access to confidential information by gaining trust or exploiting a weakness.

Natural Causes

This can be anything from a flood, fire, or human error.

Sample answer (How can stored data be maliciously damaged?):

Hacking Viruses Malware (you are allowed to mention the different types of malware)


Cyber Defences

Access Levels

These are used to restrict data access only to authorised individuals.

Anti-Virus

Helps to detect and remove malware or malicious software from the environment by scanning all files and downloads. If malware is found it is quarantined to prevent access and then deleted.

Authentication

Methods such as biometric, fingerprints, and 2FA prevent unauthorised access.

Firewalls

A firewall can be software or hardware based. It monitors incoming and outgoing traffic and keeps a log. The user can set criteria for the traffic and all traffic is compared to the criteria. If it matches, then the traffic is accepted. If not, then it's rejected and the user is notified.

Sample answer:

Monitors incoming and outgoing traffic Checks that the traffic meets the rules set by the user It will block any traffic that doesn't meet these rules The user can create a whitelist or blacklist of IP addresses to block traffic from Can close certain ports

Proxy Servers

These are used to hide a user's IP address and location to prevent tracking. They act as a firewall and can also be used to filter web traffic.

SSL

Secure Socket Layer. Protocol used to encrypt data over the internet. For more details, go here.

Backups

Making copies of files in case something happens to the original files.

Physical Methods

This can include, CCTV, locked rooms, and security keys.

Sample answer (How to keep data secure?):

Use biometrics and 2FA Encrypt the data Create backups


Exam Questions


Last updated