Cyber security consists of the processes, practices and technologies designed to protect networks, computers, programs and data from attack, damage or unauthorised access.
1. Cyber security threats
2. Social engineering
3. Malicious code
4. Detection and prevention
• social engineering techniques
• malicious code
• weak and default passwords
• misconfigured access rights
• removable media
• unpatched and/or outdated software.
Penetration testing- white and black box penetration testing.
White box penetration test is to simulate a malicious insider who has knowledge of and (possibly) some basic credentials for the target system.
Black box penetration test is to simulate an external hack or cyber warfare attack.
Define the term social engineering.
Describe what social engineering is and how it can be protected against.
Explain the following forms of social engineering: • blagging (pretexting)
• phishing
• pharming
• shouldering (or shoulder surfing).
Define the term 'malware'.
Describe what malware is and how it can be protected against.
Describe the following forms of malware:
• computer virus
• trojan
• spyware
• adware.
Understand and be able to explain the following security measures:
• biometric measures (particularly for mobile devices)
• password systems
•Completely Automated Public Turning Test to tell Computers & Humans Apart. (CAPTCHA)
• using email confirmations to confirm a user’s identity
• automatic software updates