| what is data security? | Prevention of unauthorized access and destruction of data |
| What is data integrity? | Safeguarding the accuracy of the data |
| What is a password? What is a strong password? | A set of characters that are needed to be entered in order to get access to a computer system or file
A strong password is a password that is difficult for the hackers to workout |
| What are the features of a strong password? | 8 or more characters
Combination of uppercase, Lower case, digits and symbols
Should be regularly changed |
| What is a firewall? What are the functions of the firewall? | A combination of hardware and software which attempts to prevent unauthorized access over network
-It inspects all incoming and outgoing data, to see if it follows the rules given by the user
-Prevents the data from entering if it does not follow the rules
-Keeps a log of all incoming and outgoing data
-Prevents viruses from accessing the computer
-Prevents user from accessing undesirable websites |
| What are the disadvantages of a firewall? | The firewall can be mistakenly switched off
The firewall can be bypassed
The firewall will not protect you against operator error |
| What are the uses/features of Anti-Hacking software? | Monitors the computer for anything suspicious
May issue a warning if the firewall is switched off or an attempt is made to enter incorrect password 8 times
Monitors network traffic and issues a warning for unusual drops in network speed |
| What is hacking? Give examples | Unauthorized access of a computer system or file
Eg:
1) Personal data is stolen and a person pretends and does things such as apply for a job or loan
2)Modification of data |
| What are the methods of prevention against hacking? | Password
Firewall
Ant-Hacking software |
| What is cracking? | Altering the software to bypass its security and use it illegally
This may include violating its copy protection features |
| What is a virus? What are its effects? | A program which replicates itself without the permission of the user
Causes the computer to crash(computer becomes unresponsive)
Corrupts the data, deletes data or formats the hard disk |
| What are the methods of prevention against virus? | Install and run antivirus software, update the software regularly
Be careful when opening emails/attachments from unknown sources
Be careful when accessing/downloading files from unknown websites/sources |
| What is phishing? What are the effects of phishing? | The victim gets an email from what seems to be a trusted source, which convinces to disclose personal information. The email may contain a link, which the user may be required to follow, to type details
Identity theft- By stealing personal details and preventing to be him, it is possible to apply for loans and jobs
Bank and credit card information can be stolen and used for other reasons |
| What are the methods of prevention of phishing ? | ISB filters out phishing emails
Do not reply to emails asking for personal information without confirming with the sender itself |
| What is pharming? what are the effects of pharming? | Malware delivered through a email causes the browser to be redirected to a fake website that looks like original, when the user types his personal data it is stored
Identity theft- By stealing personal details and preventing to be him, it is possible to apply for loans and jobs
Bank and credit card information can be stolen and used for other reasons |
| What are the methods of preventions against pharming? | Install anti-malware software
Check the URL before typing the data |
| What is war driving? What are the effects of war-driving? | Using up your victims data capacity
The victims personal data might be stolen |
| What are the methods of prevention against war driving? | Put a password to your wi-fi access point |
| What is a spyware? What are the features of a spyware? | Collects personal information about the user and sends it to the person who installed the spyware |
| What are the features of a spyware? | Records key presses (keylogger)
Takes screenshot of the desktop
Records audio and video |
| What are the methods of prevention against spyware? | Install and run antispyware
Use on screen keyboard |
| What are cookies? | Cookies are small files downloaded from websites which collects anonymous information about the user, this includes: sites visited, products purchased, and articles read |
| What are the uses of cookies ? | Personalize the websites for the user preference
Advertising
They create an anonymous user profile which holds information about the user that cannot be used to identify |
| What can be done to safeguard from accidentally deleting data? | Make the file read only
Give only authorized people the right to delete data
Save the data regularly
Use of backups |
| What are hardware faults? | Disk head crash- READ/WRITE head hits the surface of the disk
Loss of power |
| What can be done to safeguard against hardware faults? | Have uninterrupted power supply
Back up the data regularly
Use cloud back up( Back up onto your google drive- the internet) |
| What are software faults? | Compatibility issues- Some software such as drivers which you have installed may not be 100% compatible with the rest of your hardware and software |
| What are are the safeguards against software faults? | Save data regularly
Back up data regularly |
| What is maloperation of equipment? | Removing a flash memory drive without disconnecting
Incorrect shut down of computer |
| What are the safeguards against maloperation of equipment? | Proper training to your employees
Do back up regularly |
| What is a proxy server? What are its functions? | A computer situated between the web server and user's computers
Acts as a firewall
Using a cache memory, stores commonly used pages which can be given to the user when needed, faster
Hides the IP address of the user's computer of the network from outsiders |
| What are security protocols? | A set of rules that are used to protect data while it is being detected |
| What is SSL(Secure Socket Layer)? | A security protocol used in data transmission which encrypts the entire message |
| How do you know if SSL is being used ? | A green padlock will be displayed on the screen or the URL will show "HTTPS" |
| What happens when a browser requests for webpage that uses SSL? | 1)The browser sends a request to the server to communicate
2)It also sends a signal to the server to identify itself
3)The server sends back the SSL certificate
4)The browser verifies the identity of the server using the SSL certificate
5)The browser sends a signal confirming the identity of the server
6)The sender sends an acknowledgement and the encrypted communication session begins |
| What are the disadvantages of SSL? | The entire message has to be encrypted
The SSL rules cannot be updated |
| What is TLS(Transport Layer Security)? | A more recent protocol
The browser can decide which part of the message could be encrypted
The rules can be upgraded |
| What are the two layers in TLS? | Record layer - Deals with how the data should be encrypted
Handshake layer- Deals with the initial exchange of signals to identify each other |
| What is session cracking ? | A new technology that allows you to save a communication session and then resumes it later than starting a new session |
| What is the advantage of session cracking? | This saves time when commencing a communication session |
| What is encryption? How does it work? | Encryption is converting the data into a form that cannot be understood until it is decrypted
The message is entered into the encryption program
Key is entered
The program produces the encrypted message |
| What is plain text and cypher text? | Plain text - Unencrypted message
Cypher text - Encrypted message |
| What is Asymmetric encryption? How does it work? | Encryption where two keys are used, one to encrypt and one to decrypt
1)Both sender and receiver will have two keys: one public key, one private key
2)Public keys are exchanged
3)The sender encrypts the message using receivers public key
4)Message transmitted to receiver
5)The receiver decrypts the message using the receivers private key |
| What is the application of asymmetric encryption? | Used in e-shopping websites |
| What is authentication? How is it done? | Verifying the identity of the sender
1)The sender enters the message into the hashing program
2)The hashing program produces the message digest
3)Message digest is encrypted using senders private key and the digital signal is created
4)The signature is sent along with the message to the receiver
5)The receiver decrypts the message using the sender's public key
6)If it cannot be decrypted using a sender's public key, it has not been sent by the correct person |
| What is DOS(Denial Of Service attack)? | Used to prevent genuine users from accessing a specific website
Malware is made to infect a large number of computers through email
The malware receives a signal from its creator and then attempts to simultaneously access a specific website
This prevents genuine users from accessing the site or using its services |
| What is symmetric encryption and where is it used ? | Encryption where the same key is used to both encrypt and decrypt
Instant messaging software |
| Why is longer encryption keys better? | As longer encryption keys have more possible combinations it will be harder for the hacker to workout making it safer |
| What can be done with free software ? | It can be downloaded free of charge to study and modify
It can be embedded into other software
It can be distributed free of charge |
| What cannot be done with free software ? | Cannot be used for illegal purposes
Cannot us it to produce software
Cannot use to help violate copyright law |
| What can be done with freeware ? | Can be downloaded free of charge |
| What cannot be done with freeware ? | Cannot be modified or distributed to others
Cannot be copied without permission |
| What are the features of a shareware? | Can be downloaded free of charge but the user must pay to use after a period of time
Till the software is activated all the options may not be available |
