Fundamentals of cyber security (Cyber Security Threats (Removable Media…
Fundamentals of cyber security
consists of the processes, practices and technologies designed to protect networks, computers, programs and dat from attack, damage or unauthorised access
Cyber Security Threats
Social engineering techniques
Weak and Default Passwords
Misconfiguration access rights
: when user accounts have incorrect permissions.
Unpatched and/or outdated software
Outdated software is more likely to have flaws that can be exploited by cyber criminals. Those security gaps are more often present in older software that’s no longer maintained, automatically updated, or supported by its maker.
the process of attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access
: aims to stimulate a malicious insider who has knowledge of and possibly basic credentials for the target system
: aims to stimulate an external hacking or cyber warfare attack
Loss of information
The physical design of removable media can result in it being misplaced or stolen, potentially compromising the confidentiality and availability of the information stored on it
Introduction of malware
The uncontrolled use of removable media will increase the risk from malware if the media can be used on multiple ICT systems
Some media types retain information after user deletion; this could lead to an unauthorised transfer of information between systems
A loss of sensitive data often attracts media attention which could erode customer confidence in the business
If sensitive information is lost or compromised the organisation could be subjected to financial penalties
: the art of manipulating people so they give up confidential information
: the act of creating and using an invented scenario to engage a targeted victim in a manner that increases the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances
: a technique of fraudulently obtaining private information, often using email or SMS
: a cyber attack intended to redirect a website's traffic to another, fake site
: observing a person's private information over their shoulder
: an umbrella term used to refer to a variety of forms of hostile or intrusive software
: A piece of code which is capable of copying itself and typically has a detrimental effect, such
as corrupting the system or destroying data.
: malware disguised as legitimate software
: Programs that secretly record what you do on your computer
: Software that displays advertisements and is integrated into another program offered at no
charge or at low cost.
Methods to detect and prevent cyber security threats
: use scanners to identify people by a unique part of their body - usually to prevent unauthorised access
: simple method of checking someone's identity - they should be strong - many characters long - use a combination of characters - be changed regularly
: designed to prevent programs from automatically doing certain things
: used by most web services that require account registration to confirm that the email belongs to the person registering
Automatic software updates
: a piece of software released by software vendors, mainly to address security vulnerabilities in their existing products. Software updates occasionally contain bug fixes and product enhancement.