Cybersecurity MIX
What does "cybersecurity" mean?
Cybersecurity is the practice of protecting systems, networks, and data from digital attacks.
What is the purpose of using a password?
A password helps protect your account by verifying your identity. (preventing unauthorized access)
Which website URL is legitimate?a.https://www.payapl.com b.http://www.paypay.com.home/ c.https://www.pay.pal.com d.https://www.paypal.com/us/home
Option D
Option A spells Paypal incorrectly.
Option B spells paypal as paypay
Option C spells Paypal as Pay.pal
What is a privacy policy?
A document to inform users about how their personal data will be collected, used, and protected.
Name two examples of cybersecurity threats.
Any 2 of:
- Phishing
- Malware (Spyware, Ransomeware, Trojan Horses, Viruses, etc.)
- Distributed Denial of Service (DDOS)
- SQL injection
- DNS cache poisoning/tunneling
- Pharming
Or any other correct answers.
Which of the following would be the best password (pswd within square brackets):
a. [Summ3r2017] b.[t3chnologyRulz] c.[12345678] d. [iLm!J@c)&dl^A]
d.[iLm!J@c)&dl^A]. Since it is the only password that uses a combination of letters, numbers and symbols.
What does a ransomware ask for in return for giving back a user's data?
A Ransom
What does it mean when a website uses HTTPS instead of HTTP?
HTTPS indicates that the website is using a secure protocol to encrypt data transmit data.
What does the term firewall refer to?
A. A type of virus that spreads across networks
B. A security device that monitors and controls incoming and outgoing network traffic
C. A program that automatically updates software on your device
D. A method of encrypting sensitive data
B. A firewall monitors and controls incoming and outgoing network traffic to block unauthorized access.
What is "two-factor authentication"?
Two-factor authentication (2FA) adds an extra layer of security by requiring two forms of verification, like a password and a code sent to your phone.
Which of the following is the safest action if you receive an unexpected email with an attachment from an unknown sender?
A. Open the attachment to see if it’s important
B. Reply to the email asking for more information
C. Delete the email without opening it
D. Forward the email to a friend to check it out
Option C is correct.
Option A could result in a malicious software.
Option B informs a potential attacker that your email is active and can be attacked further.
Option D unnecessarily puts others at risk, and possibly spreads a malware.
Explain any one way to protect your online privacy when using public Wi-Fi.
Use a Virtual Private Network (VPN) or avoid accessing sensitive accounts or information over public Wi-Fi.
Or any other valid answers
What differentiates a virus from other malware?
A. It requires user action to replicate and spread to other systems.
B. It can operate independently without any user interaction.
C. It encrypts files and demands ransom for decryption.
D. It primarily targets network infrastructure rather than individual devices.
A. It requires user action to replicate and spread to other systems.
Name 4 practices that make a password strong.
Any of the following 4:
- Mix of letters, numbers and symbols.
- Avoid common words or personal information.
- At least 12 letters or longer. (Recommended by microsoft)
- Different from your previous passwords or passwords on other accounts.
- Not a word that can be found in a dictionary or the name of a person, character, product or organisation.
Or any other valid options.
What is phishing?
Phishing is a cyber attack where an attacker pretends to be a trusted entity to trick individuals into revealing sensitive information.
What is a cookie?
A cookie is a small piece of data stored on a user’s computer by a web browser that helps remember user preferences or track behavior.
Explain what a "zero-day exploit" is.
As can be derived from the name, a zero-day exploit takes advantage of a software vulnerability that is unknown to the developers, leaving no time for a fix.
What is "password encryption," and why do you think it is used?
Password encryption converts a password into a random string of characters. This means any data breached by a hacker will be non-sensical, so user/organisation data is protected.
What is a "Distributed Denial of Service (DDOS)" attack?
A DDoS attack seeks to deny a user access to an IP by overwhelming a server or network by flooding it with traffic, causing it to slow down or crash.
What are the 2 ways in which VPN's protect both the users and their data?
1. Masking their IP Address
2. Encrypting all data that is transmitted between the users.