Y9

HT3: Cyber Security

Revision tools
You can print this page for a quick reference guide or you can use the tools below to create printable test sheets
3a: Explain the difference between data and information
Cyber Security
KeywordDefinition
dataraw facts and figures
informationprocessed data with added meaning
3b: Critique online services in relation to data privacy
Cyber Security
KeywordDefinition
critiqueclosely analyse in a way that finds any problems
datafacts and figures
data breachwhere personal data has been shared without permission
online servicewebsite, app or web server
personal informationdata that might be used to identify someone
privacykeeping personal information private
3c: Identify what happens to data entered online
Cyber Security
KeywordDefinition
accesswho is allowed to view data once it's stored
backupstoring additional copies of data in case it needs to be recovered
datafacts and figures that a web service might need to store
removalif and when data is deleted
retentionhow long data is stored for
storagewhere and how data is stored
3d: Explain the need for the Data Protection Act
Cyber Security
KeywordDefinition
accuracykeeping data up to date
consentpermission to collect and store data
Data Protection Actlegislation (law) which determines how personal data is collected, stored and used
retentionhow long data is stored before it's removed
securityhow data is protected from unauthorised access
usagehow data is used
3e: Recognise how human errors pose security risks to data
Cyber Security
KeywordDefinition
blagginga message that tries to build up a personal relationship with someone so that they trust them enough to share money or personal data with them
name generator attackgetting people to enter personal information in a fun game or app which can then be used to guess their password or security question answers
phishinga message that often pretends to be from a trustworthy source but which contains dangerous links to steal personal information or scam people
PINpersonal identification number
security riska weakness in security due to human or technical error
shoulder surfingwatching someone as they enter a PIN or password
social engineeringtricking people into handing over personal information that can then be used for fraud
3f: Implement strategies to minimise the risk of data being compromised through human error
Cyber Security
KeywordDefinition
blacklistblocking messages from unreliable sources
data breachwhen security has been compromised so personal data has been shared without permission
data policyrules which people in an organisation or business have to stick to in order to make sure data security isn't compromised
email filterchecking all email messages to block messages that may contain security risks
human errorwhen someone makes a mistake that leads to unauthorised access to data
trainingeducating people about the risks
whitelistonly allowing messages from reliable sources
3g: Define hacking in the context of cyber security
Cyber Security
KeywordDefinition
authorised accessreading / changing data when you have permission to do so
computer systemhardware and software
hackingGaining unauthorised access to or control of a computer system
unauthorised accessreading / changing data when you do not have permission
3h: Explain how a DDoS attack can impact users of online services
Cyber Security
KeywordDefinition
DDoSDistributed Denial of Service (an attack that attempts to take down a web service, launched from multiple sources at the same time)
Denialpreventing other people from accessing
Distributedspreading out an attack so that it is launched from multiple sources
DoSDenial of Service (an attack that attempts to take down a web service)
Servicea website or online application
3i: Identify strategies to reduce the chance of a brute force attack being successful
Cyber Security
KeywordDefinition
brute forcetype of attack where all combinations of a password are tried until the correct one is found
complexityavoiding common sequences and including a variety of capitals, numbers and symbols makes passwords harder for a brute force algorithm to detect
dictionary attacktype of brute force attack where a list of common words or phrases are combined to try to guess a password
lengthlonger passwords take longer for a brute force algorithm to detect
strategiesplans and steps that can be taken
3j: Explain the need for the Computer Misuse Act
Cyber Security
KeywordDefinition
Computer Misuse ActUK law passed in 1990 which makes it illegal to misuse a computer system or network without permission
Section 1Part of the Computer Misuse Act which makes it illegal to gain unauthorised access to data
Section 2Part of the Computer Misuse Act which makes it illegal to gain unauthorised use of a computer to commit or facilitate another offence
Section 3Part of the Computer Misuse Act which makes it illegal to perform unauthorised acts with intent to impair the operation of a computer
unauthorisedwithout permission from the person who owns a computer or network
3k: List the common malware threats
Cyber Security
KeywordDefinition
Adwarea form of malware which displays adverts on a user's computer
Maliciousdeliberately harmful
Malwaremalicious software that is designed to gain access to your computer with malicious intent
Ransomwarea form of malware which encrypts user data and demands payment before they can access it again
Self replicatethe ability of some malware to copy itself and spread to infect other computers or programs
Spywarea form of malware which shares user data without their permission
Trojan Horsea form of malware that tricks you into installing it so that it can give someone else remote control over your computer
VirusA form of malware which, when run by a user, infect other programs to self-replicate and cause damage
WormA form of malware which is able to self replicate without needing to be run by the user
3l: Examine how different types of malware causes problems for computer systems
Cyber Security
KeywordDefinition
Adwaretype of malware which causes additional adverts or popups to appear which might irritate users and slow down their computer
Malwaremalicious software which might disable hardware, steal data, show unwanted adverts, send spam or demand payment
Ransomwaretype of malware which encrypts users files and demands payment before they can decrypt and access them again
Spywaretype of malware which collects and shares user data without permission
Trojan Horsetype of malware which opens a back door to your computer so hackers can control it or access your data remotely
Virustype of malware which can infect a computer by copying itself into other programs and trigger other malware
Wormtype of malware which spreads through a network using up the system's resources
3m: Question how malicious bots can have an impact on societal issues
Cyber Security
KeywordDefinition
Botautomated program that performs tasks repeatedly
bot herdera malicious attacker who controls a botnet to launch a DDoS attack
botnetnetwork of malware infected computers which can be remotely controlled
chat bothelpful bot which provides advice or support online
DDOSdistributed denial of service attack which tries to overwhelm a computer system with loads of traffic from multiple sources the same time
Malicious botautomated program that performs a malicious task repeatedly
shop botuseful bot which monitors prices of products at different online stores
web crawlerfriendly bot which constantly searches the internet for new web pages to add to a search engine
zombiea malware infected computer which can be remotely controlled as part of a botnet
3n: Compare security threats against probability and the potential impact to organisations
Cyber Security
KeywordDefinition
high impacttype of threat that can severely disrupt a business or organisation if it occurred
high probabilitytype of threat that is very likely to occur
low impacttype of threat that might not disrupt a business or organisation much at all
low probabilitytype of threat that is unlikely to occur
security threatrisk of a cyber attack occuring
3o: Explain how networks can be protected from common security threats
Cyber Security
KeywordDefinition
anti malwaresoftware which detects and removes malware on a computer
authenticationmaking users log in before they can access data
auto updatesa setting which tells a computer to keep installing the latest security updates
firewallnetwork traffic filter which allows or blocks connections to and from remote computers
permissionsrestricting access to certain files and folders based on user groups
quarantinetemporarily preventing access to certain files to prevent the spread of malware
virus definitionsdetails of how to detect viruses which need to be regularly updated to protect against recent threats
3p: Identify the most effective methods to prevent cyberattacks
Cyber Security
KeywordDefinition
anti-malwaresoftware which can detect and remove malware on a computer
auto updatestelling a computer to install the latest updates automatically so that insecure software can be fixed
biometricsusing fingerprints, iris scanning or other unique biological identifiers to log in a user
CAPTCHAcompletely automated public turing test to tell the difference between people trying to log in and malicious software trying all password combinations
cost benefit analysisworking out if it's worth spending money to get the advantages it brings
firewalla filter on network traffic which blocks or allows connections to and from computers based on a set of rules
password rulesrequirements for passwords to make them harder for hackers to guess
staff trainingeducating users how to choose secure passwords and keep their login details safe
two factor authenticationmaking a user confirm that they are trying to log in using text, phone or app after they've put in their password