Computer Security Concepts
10 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which of the following is NOT a type of biometric identification?

  • Password (correct)
  • Iris scan
  • Voice print
  • Fingerprint

    • You can change your biometric password once it has been leaked.

    False

    What does confidentiality refer to in computer security?

    Concealment of information or resources to keep it secret from unauthorized access.

    A __________ is a weakness or design flaw in a system that can lead to security issues.

    <p>vulnerability</p> Signup and view all the answers

    Match the following terms with their definitions:

    <p>Hacker = A person who exploits a computer system for various reasons Threat = An action that might compromise security Attack = An assault on system security by a person or machine Antivirus = Software used to prevent malicious software</p> Signup and view all the answers

    What is the purpose of hashing passwords during user login?

    <p>To ensure the entered password matches the stored hash</p> Signup and view all the answers

    Hash functions allow for retrieving the original data from the hash value.

    <p>False</p> Signup and view all the answers

    Name one popular software used for file verification.

    <p>WinMD5</p> Signup and view all the answers

    Data integrity refers to the accuracy, consistency, and reliability of ______.

    <p>data</p> Signup and view all the answers

    Match the following hash functions with their characteristics:

    <p>MD5 = Widely used but not recommended due to vulnerabilities SHA-1 = More secure than MD5, but still has vulnerabilities SHA-256 = Part of the SHA-2 family, highly secure SHA-512 = Provides greater security through a longer hash value</p> Signup and view all the answers

    Study Notes

    Computer Security Elements

    • Confidentiality: Concealing information or resources from unauthorized access.
    • Integrity: Maintaining the trustworthiness of data by preventing unauthorized changes.
    • Availability: Ensuring authorized access to data and resources when needed.

    Terminology

    • Unauthorized access: Gaining access to a computer system or data without permission.
    • Hacker: Someone who uses computer systems for malicious purposes, often for financial gain or social causes.
    • Threat: An action or event that potentially compromises security.
    • Vulnerability: A weakness or flaw in a system that can exploit and lead to a harmful event.
    • Attack: An assault on a security system by a person or machine.
    • Antivirus/Antimalware: Software designed to prevent and remove malicious software.
    • Social Engineering: Manipulating individuals to disclose sensitive information.
    • Virus: Malicious software installed on a computer without consent to harm resources.
    • Firewall: Software or hardware used to control network traffic based on predefined rules.
    • Ciphertext: The encrypted form of an original message.
    • Plaintext: The original unencrypted message.

    Biometric Identification

    • Biometrics: Methods of identifying individuals based on unique physical characteristics.
    • Risks of Biometric Identification: Permanent nature, possibility of leakages, no right to refusal (like a password).
    • Examples: Fingerprints, voice prints, iris scans, retinal scans.

    Encryption/Decryption

    • Cipher: An algorithm or set of rules for encrypting or decrypting data.
    • Asymmetric Encryption: Uses two keys (public and private) for encryption and decryption.
    • Symmetric Encryption: Uses a single key for both encryption and decryption.
    • Public Key Encryption: Encryption using a public key to send messages that are decrypted by a private key.

    Passwords

    • Password Policies: Rules for creating strong and secure passwords.
    • Password Strength: Should include a large set of characters (upper/lower case, numbers, symbols), and should be changed frequently.
    • Password Management: Don't reuse passwords between different sites, do not write them down, and do not share them even with those authorized to administer the computer.

    Virtual Private Networks(VPNs)

    • VPN: A method of extending a private network across a public network
    • Benefits : Increased security (encryption) for data transmissions and protection from snooping

    Data Encryption Methods

    • Symmetric: Encryption using the same key for encryption and decryption.
    • Asymmetric: Encryption using two separate keys (public key for encryption and private key for decryption).
    • End-to-End: Ensures only the intended recipient can decrypt encrypted data.
    • Hash Function: Mathematical algorithms that produce unique outputs for any given input.

    Data Integrity

    • Data Integrity: Maintaining the accuracy, consistency, and reliability of data.
    • Key Aspects: Preventing unauthorized changes, detecting tampering, ensuring data accuracy, and securing data in transit.

    Common Threats to Data Integrity

    • Malware/Viruses: Malicious software designed to compromise data.
    • Data Breaches: Unauthorized access to sensitive data by attackers.
    • Human Error: Data breaches initiated by user error causing corruption.

    Data Availability

    • Distributed Denial of Service (DDoS) Attacks: Overwhelming a system with traffic to disrupt its services.
    • Hardware Failures: Unexpected malfunctions of hardware components.
    • Natural Disasters: Disruption of services and data centers during natural disasters.

    Information Assurance (IA)

    • IA: Protecting information assets from unauthorized access and unauthorized disclosures and ensuring timely access to valid information from authorized parties.
    • IA components: Confidentiality, integrity, accessibility, authentication, and non-repudiation.

    Security Risks

    • Physical Security: Protecting hardware and software from physical threats.
    • Personnel Security: Measures to reduce threats from staff.
    • IT Security: Using technical controls to protect data and systems.
    • Operational Security: Implementing operational procedures to maintain security within an organization.

    Cyber Security

    • Cybersecurity: The practices and protocols used to protect data and computer systems in the digital world.

    Authentication

    • Authentication Methods: Ways to verify a person's identity.
    • Examples: Something you know (passwords), something you have (tokens), something you are (biometrics), and multi-factor authentication.

    Backup Information

    • Backup Importance: Regular data backups are critical as no security measure is 100% reliable.
    • Cyber Incident Reporting: Protocol for reporting security incidents, ensuring steps are taken to contain and manage the situation.

    Computer Ethics

    • 10 Commandments of Computer Ethics: Guidelines for ethical computer use, addressing issues like stealing, harming others, interfering with others’ work, and snooping.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    Info-Assurance-review PDF

    Description

    Test your knowledge of key computer security elements such as confidentiality, integrity, and availability. This quiz also covers essential terminology including unauthorized access, hackers, and vulnerabilities. Get ready to deepen your understanding of cybersecurity!

    More Like This

    Use Quizgecko on...
    Browser
    Open
    Browser
    Browser