Downloading Malicious content - When Malware is installed onto an organisation's system, usually unintentionally, Social Engineering - Techniques that trick a person into disclosing confidential information, What is an internal Security Threat? - An Internal Threat is a risk posed by employees at a company who could steal or damage data, or access and share data that they aren't supposed to access. This risk may not be intentional., What are external Security Threats?​ - External threats are security risks from people outside of your organisation, such as hackers and saboteurs. They can be much harder to deal with than internal threats, as you cannot monitor people from the outside like you can employees, Malicious Software - Software designed to harm a computer, such as Keyloggers, Adware, Ransomware, Trojans and Worms., Hacking - The act of exploiting weaknesses in a computer system to gain access and steal data., Sabotage - When services are deliberately disrupted, through the use of DDoS attacks, spreading Malware or even physically destroying computer equipment.​, General Data Protection Regulation - A regulation in EU law on data protection and privacy in the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas., Computer Misuse Act - UK law governing criminal offences committed using a computer; unauthorised access to computer material​, , Telecommunications Act - Organisations can record communications on private networks that occur as part of lawful business practice, Fraud Act - An act that makes Cyber Fraud (such as distributing hoax emails) illegal., Private key - A cryptographic key that is only held by the recipient, but is needed to decrypt the data, Public Key - A cryptographic key that is shown to everyone who wishes to access encrypted data that it unlocks.​, What is a WLAN? - Wireless Local Area Network, Configuration Problems - Many access points ship with no security configuration at all.​, Rogue Access point - An unauthorized wireless access point on a corporate or private network, which allows unauthorized individuals to connect to the network., Freeloading - When unauthorised users piggyback on your Wireless Network to gain free access. This usually isn't malicious but can slower the speed of your internet or lead to illegal content being downloaded via your server.​, Network Based Scans - Networks are scanned to identify potential cyber-attacks and find vulnerable systems on wired and wireless networks.​, Host-based scans - Servers, Workstations and other host networks are scanned for potential vulnerabilities., Wireless-network scans - An Organisation's Wi-Fi Network is scanned to focus on points of attack in a wireless network such as Rouge Access points and validate that a company's network is securely configured, Application Scans - Websites are tested to detect known software vulnerabilities and incorrect configurations in a network or web applications.​, Database Scans - Weak points in a database are identified to prevent malicious attacks such as SQL injections. ​, What is Cross-site scripting? - Code injected by malicious web users into web pages viewed by other users., Firewall - A part of a computer system or network that is designed to block unauthorized access while permitting outward communication., Anti-virus software - Software for blocking malicious (bad) programs, such as viruses or malware, from harming your computer., Intrusion Detection System - A computer program that senses when another computer is attempting to scan or access a computer or network., Patching and Updating - Computers should be set to receive patches (fixes for programs) and updates (especially for security,

Unit 11 Revision

от
Печать
Внедрить

Таблица лидеров

Визуальный стиль

Параметры

Переключить шаблон

Восстановить автоматически сохраненное: ?