3_6_1 Cyber Security Threats

Social engineering techniques

The humans that use a network are often the biggest threats to the security of that network. A social engineering hacker will try to gain access to a network by social means. For example, ringing and asking for a bank pin number whilst pretending to be from the bank.

Malicious code

This is any type of software that is designed to cause damage or access data on a computer.

Misconfigured access rights

A network administrator will give network users different access rights depending on their needs and levels of responsibility. If these are given inaccurately then users may gain access to information that they shouldn't be able to see.

Removable media

Memory sticks can take malware from a home PC to a network at school or a business. This is why removable media is often banned from some networks.

Memory sticks can also be lost or stolen and the data that is stored on them can be used maliciously.

Unpatched and/or outdated software

Software engineers are always updating the versions of their software when new vulnerabilities are discovered. This is why your phone and your computer want to update so much! If you don't update your software then it is open to vulnerabilities.

Weak and default passwords

Read this page: https://www.cyberaware.gov.uk/passwords

Watch the video clip below:

Penetration testing looks for weaknesses in a company's network. An ethical hacker will try and access the network to see how robust their security systems are.

There are two types; Black Box and White Box:

• BLACK BOX - is external - someone will be outside the network trying to get in
• WHITE BOX - is internal - someone will already have access to the network but will try and gain access to restricted parts of it

1. Download and print the test paper here: https://drive.google.com/open?id=0B5fLtQ0Xgr2Pb1p2QnRjNjZwdUE
2. Try the mock test yourself.
3. Use the 3.6.1 Walking Talking Mock below to guide you through answering the questions.