Score: 0/0
Question 1 of ∞
Define the term cyber security.
The {processes / practices / technologies} designed to protect {networks / computers / programs / data}
from {attack / damage / unauthorised access}.
Explain how penetration testing can be used to improve a network's cyber security.
A penetration test can be carried out to identify potential weaknesses in the network's cyber security.
The organisation can then use this information to patch or fix the weaknesses.
State the difference between the two types of penetration test, and explain which one would be more useful to protect against an insider attack.
In a black-box penetration test, the ethical hacker is not given any information about the network.
In a white-box penetration test, the ethical hacker is given normal access to the network.
Thus a white-box test would be carried out, because in an insider attack the insider knows about the network.
Explain how removable media devices could be a potential security threat to a network.
They allow users to copy malware onto a computer,
which can then spread through the network.
They also allow users to steal data from the network.
Explain how phishing emails work.
Phishing emails are used to trick people into divulging sensitive information, like passwords,
by pretending to be legitimate organisations like the victim's bank.
Explain how a firewall can prevent attacks on a school's network.
The firewall stops malware and spyware from entering or leaving the network,
by inspecting incoming and outgoing packets and blocking anything suspicious.
Suggest two requirements an organisation could impose on passwords to ensure that they are strong.
Using a mix of characters (uppercase, lowercase, numbers, symbols)
Minimum length requirement (e.g. 8 characters)
Make the users change their passwords regularly