Scribd
Upload
37 views6 pages

Chapter 5.3 Cyber Security Notes UPDATED

Chapter 5.3 outlines various cyber security threats including brute-force attacks, data interception, DDoS attacks, hacking, malware, phishing, and social engineering tactics. It also discusses protection methods such as access levels, anti-malware tools, authentication methods, firewalls, privacy settings, and the use of proxy servers. Additionally, it explains the importance of SSL for secure connections, detailing the steps involved in establishing an SSL-secured connection.

Uploaded by

farazz
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
37 views6 pages

Chapter 5.3 Cyber Security Notes UPDATED

Chapter 5.3 outlines various cyber security threats including brute-force attacks, data interception, DDoS attacks, hacking, malware, phishing, and social engineering tactics. It also discusses protection methods such as access levels, anti-malware tools, authentication methods, firewalls, privacy settings, and the use of proxy servers. Additionally, it explains the importance of SSL for secure connections, detailing the steps involved in establishing an SSL-secured connection.

Uploaded by

farazz
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Chapter 5.

3 – Cyber Security (Enhanced Exam-Focused Notes)

5.3.1 Cyber Security Threats

Brute-force attack
An attacker uses automated software to try every possible password or encryption key until access is gained. Weak or short passwords are especially vulnerable. Used to break into
accounts or decrypt files.

Data interception (Packet Sniffing)


Data travelling across a network can be captured using packet-sniffing tools. These tools read data packets as they move between devices. If data is unencrypted, attackers can steal:
- passwords
- bank details
- messages
- personal data
This attack often occurs on public Wi-Fi or poorly secured networks.

Distributed Denial of Service (DDoS) attack


A DDoS attack floods a server with massive amounts of traffic from multiple computers (botnets). The server becomes overloaded and cannot respond to legitimate users. Used to crash
websites, gaming servers, or company systems.

Hacking
Unauthorised access to data or systems. Hackers may alter, steal, or delete data. Often involves exploiting software vulnerabilities or weak security controls.

Malware
Malicious software designed to damage systems or steal information. Types include:

- Virus – attaches to files; spreads when files are shared/executed.

- Worm – self-replicates across networks without attaching to files.


- Trojan horse – disguised as legitimate software; gives attackers access.

- Spyware – monitors user activity, keystrokes, browsing habits.

- Adware – displays unwanted adverts; tracks activity.

- Ransomware – encrypts data; demands payment for unlocking.

Phishing
A fake email/message pretending to be from a trusted organisation. Tricks the user into clicking a malicious link or submitting personal data. Clues: urgent tone, spelling errors, suspicious
links.

Pharming
A user is redirected from a genuine website to a fake one— even when typing the correct URL. Often caused by DNS poisoning or malware. Used to steal passwords and bank details.

Social Engineering (Detailed Examples)

Instant messaging scams


Malicious links sent via chat/IM apps pretending to be software upgrades. Relies on user curiosity.

Scareware
Fake antivirus pop-ups warning of infections. Encourages user to download harmful software. Relies on fear.

Emails / phishing scams


Fake emails leading to fraudulent websites. Relies on trust in well-known companies.

Baiting
Attacker leaves an infected USB drive purposely. User plugs it in out of curiosity, installing malware.

Phone call scams


Attacker pretends to be IT support. Claims device is compromised and asks user to install remote-access malware. Relies on fear.
5.3.2 Keeping Data Safe – Protection Methods

Access levels
Users are assigned permission levels. Only authorised users can read, edit, delete, or manage sensitive data. Prevents accidental or malicious damage.

Anti-malware (anti-virus and anti-spyware)


Anti-virus removes viruses; anti-spyware removes monitoring software. Modern tools scan, quarantine, and remove threats automatically.

Authentication
Methods used to verify identity:
- Username and password: basic login method.
- Biometrics: fingerprints, facial recognition.
- Two-step verification: requires second form of authentication (SMS code, app code).

Automating software updates


Updates patch vulnerabilities that attackers could exploit. Automated updating ensures fixes are installed promptly.

Checking spelling and tone of communications


Phishing often includes poor grammar, urgent requests, unusual tone. Recognising these signs helps avoid social engineering attacks.

Checking the URL attached to a link


Legitimate secure sites begin with [Link] Fake sites may have unusual spellings, extra characters or no SSL encryption.

Firewalls (Detailed Explanation)


A firewall monitors all incoming and outgoing network traffic. It blocks suspicious or unauthorised connections. Firewalls can be:
- Hardware firewalls (physical devices between network & internet)
- Software firewalls (installed on computers)

How a firewall protects:


1. Examines each data packet using filtering rules.
2. Blocks traffic from unknown or dangerous sources.
3. Prevents malware connecting to external servers.
4. Stops hackers from gaining unauthorised access.
5. Can block specific websites or applications.

Privacy settings
Allow a user to control who can see their data, posts, contact information. Helps protect identity and reduces risk of targeted attacks.

Proxy servers
A proxy server acts as an intermediary (middle layer) between the user’s device and the websites they access. Instead of the user connecting directly to a website, all requests first go to the
proxy server, which then forwards the request on their behalf.

How a Proxy Server Protects and Helps Users

1. Hides the user’s IP address

▪ Websites only see the IP address of the proxy server, not the user’s real address.

▪ This protects user identity and location.

2. Filters web traffic

o Proxy servers can block access to unsafe or restricted websites (e.g., malware sites, social media in schools).

o Useful for schools, workplaces, and parental controls.

3. Prevents direct exposure to threats

o Because all communication passes through the proxy, harmful content can be blocked before reaching the user.

o Reduces risk of malware, phishing pages, and harmful scripts.

4. Caches (stores) frequently visited websites

o The proxy stores local copies of popular websites.

o When a user requests one, the proxy retrieves it from cache instead of the internet.

o This speeds up browsing and reduces network traffic.


5. Monitors user activity

o Organisations can track and log what websites users visit.

o Helps enforce acceptable use policies and detect suspicious behaviour.

6. Bypasses geographical restrictions

o Because websites see the proxy server’s location, not the user’s, a proxy can access blocked or region-restricted content (e.g., websites unavailable in certain countries).

7. Adds a layer of security

o Proxy servers can scan outgoing and incoming requests for malicious elements.

o Often used with firewalls for stronger network protection.

Summary (Key Points for Exams)

• Acts as a gateway between user and internet.

• Masks user identity (IP address).

• Filters, blocks, and monitors web traffic.

• Caches websites to improve speed.

• Helps bypass restrictions.

• Increases security by controlling data entering/exiting the network.

Secure Socket Layer (SSL) – Detailed Steps


SSL encrypts the connection between the browser and the web server. Used on websites handling bank card details, passwords and logins.

How an SSL-secure connection (HTTPS) is created (SSL Handshake):


1. The web browser requests a secure connection and asks the server for its digital certificate.
2. The web server sends its SSL certificate to the browser.
3. The browser checks whether the certificate is valid and issued by a trusted Certificate Authority (CA).
4. If the certificate is authentic, the browser and server exchange encryption keys.
5. A secure encrypted connection is created; data is transmitted safely.

If a certificate is NOT authentic, the browser will warn the user that the website is not secure.

You might also like