Name the 4 Purposes of cyber security - CIA - to protect information and data, to keep information and data confidential, to maintain the integrity of information and data, to maintain the availability of information and data, Name targets for cyber security attacks - individuals, data/information, equipment, organisations, Name the 4 types of cyber security incidents - data destruction, data manipulation, data modification, data theft, Identify 2 types of cyber security incidents where data is lost? - data destruction, data theft, Some of the data stored in an accounts spreadsheet has been deliberately changed. Identify the type of cyber security incident that has occurred. - Data modification, Identify the type of cyber attacker who "sends emails asking a person to click a link" - Phisher, Name 5 Types of cyber attacker - cyber criminals, cyber terrorists, hackers, phishers, scammers, Name 4 Motivations for a cyber attacker - financial gain, publicity, fraud, espionage, Many organisations use the cloud to store files and folders. Identify one reason why files and folders stored in the cloud should be kept secure. - To prevent them from being accessed by unauthorised users., What Legislation could be used to prosecute cyber attackers - Computer Misuse Act, What term is given to the manipulation of people to disclose confidential information. - Social Engineering, What vulnerabilities which can lead to a cyber security attack? - Environmental vulnerabilities, such as natural disasters, flooding, earthquakes etc., Physical vulnerabilities such as theft, System vulnerabilities such as DoS, botnet, malware etc., Name the 3 main impacts of a cyber security incident - Loss, Disruption, Safety, How can a cyber incident, where loss has occurred, affect individuals and organisations? - Financial, data, reputation, intellectual property, How can a cyber incident, where disruption has occured, affect individuals and organisations? - Operational, financial, commercial, Where a threat to safety has occurred, what can be affected? - Individuals, equipment, finances, Name 8 Logical protection measures? - 1. access rights and permissions,2. anti-virus software,3. authentication,4. encryption,5. firewalls,6. secure backups of data,7. token authentication,8. user name and password, Name 3 purposes of Logical Protection Measures - 1. to secure a network from a cyber attack, 2. to protect data and information, 3. to protect software, Name 4 Physical protection measures? - 1. biometric access devices, 2. locks on doors, 3. device locks, 4. RFID security badges, What are the characteristics of a RFID security badge? - entry to areas based on swiping a staff badge, What are the purposes of Physical Protection Measures? - to protect a network and hardware, to provide a log of access to buildings/areas, to protect physical data information, Name 9 Organisational policies, procedures and agreements - 1. Acceptable Use (email and internet), 2. access management, 3. clean desk, 4. Code of Conduct, 5. document and file control, 6. password protection, 7. social media and blogging, 8. physical security, 9. risk assessment, Explain how a Firewall helps protect an organisation? - Firewalls block incoming threats based on a set of pre-programmed rules that also can dictate which users can access specific network areas. As part of your first line of defense against cyberattacks, firewalls offer essential monitoring and filtering of all network traffic to ensure only safe content passes to your secure environment. This includes outgoing traffic, application-layer traffic, online transactions, communications and connectivity, and dynamic workflows., Explain how Encryption helps protect data/information? - A method that is used to attempt to ensure data security by use of encrypted (secret) code. In order to read the contents of an encrypted message or file, someone must have access to a secret key or password that will enable them to decrypt the message or file, Explain what a DOS attack means? - A Denial of Service is an attempt to disrupt a network/business/organisation by issuing more requests than a system is able to cope with, it can be performed with malicious intent or as a protest, What is a Hacker? - A hacker is a person who gains unauthorised access to a computer system/network, for any reason – good or bad., What is a Phisher? - A phisher is an individual that attempts to acquire personal information, often for malicious reasons, such as fraud, by pretending to be a known and trusted individual or organisation, What is a Scammer? - A scammer (or script kiddie) is someone who uses existing computer scripts or codes to hack into computer systems. They do not have the expertise to write their own code, What is a Cyber Terrorist? - A cyber terrorist is person who uses computers and the Internet to cause deliberate fear and disruption for political reasons, What is a Cyber Criminal? - A cyber criminal is an individual who commits illegal activities using computers and the Internet.,

Exam Practice

Drukuj
Osadź

Tabela rankingowa

Fiszki jest szablonem otwartym. Nie generuje wyników w tabeli rankingowej.

Motyw

Opcje

Zmień szablon

Przywrócić automatycznie zapisane ćwiczenie: ?