Digital security basics. Types of password attacks.
Give the definition of digital security.
Digital security refers to the protection of digital information and systems from unauthorized access, disruption, theft or damage.
Give the definition of authentication protocol.
Аuthentication protocol is passwords, user IDs and biometric measures used to verify a person's identity.
Name the types of malware. (3 or more)
Worms,Trojans,Ransomware,Spyware,Adware, Keyloggers, Rootkits
What are the possible ways of infection with a computer virus?
Email attachments, infected files, infected removable storage devices, malicious websites
Name the basics of digital security.
Physical security, information security, Security in information technology (IT), application security, countermeasures.
How to create a strong password?
To create a strong password, you should:
indicate your phone number;
use a variety of symbols (alphabet letters, numbers,etc);
provide your personal contact info;
use two-factor authentication;
What is malicious software and why is it created?
Malware, or malicious software, is a type of software specifically designed to cause harm, damage, or unauthorized access to computer systems, networks, or user data. Malware is typically created with malicious intent, such as stealing personal information, compromising system security, disrupting normal operations, or extorting money from victims.
How to ensure the confidentiality of your personal information on the Internet? (3 or more)
Create strong passwords for your online accounts and avoid using the same password across multiple platforms.
Use a VPN to encrypt your internet connection.
Keep your operating system, applications, and devices up to date with the latest security patches
Be mindful of the information you share online. Avoid sharing sensitive personal details, such as your full address or financial information, unless necessary.
What is backup, and what is it for?
A backup is a copy or duplicate of important data, files, or information stored on a computer or other digital devices. It serves as a safeguard against data loss, accidental deletion, hardware failures, malware attacks, or other unforeseen events that can compromise or destroy the original data.
Name and describe the types of biometric authentication (3 or more)
Fingerprint Recognition: This method analyzes the patterns and ridges on an individual's fingerprint to verify their identity.
Facial Recognition: Facial recognition technology identifies individuals by analyzing and comparing their facial features.
Voice Recognition: Voice recognition systems analyze various vocal characteristics, such as pitch, tone, and speech patterns, to authenticate a person's identity.
Retina Recognition: Retina recognition technology examines the blood vessel patterns at the back of the eye to establish an individual's identity.
What is a Ransomware and how does it work?
Ransomware is a type of malicious software (malware) that encrypts or locks files on a victim's computer or network, rendering them inaccessible. The attackers behind the ransomware then demand a ransom payment, typically in cryptocurrency, in exchange for providing the decryption key or releasing the locked files. Ransomware often spreads through phishing emails, malicious downloads, or exploiting vulnerabilities in software or systems.
How to prevent computer theft? (3 or more)
Never leave your portable computer unattended, especially when you at a coffee shop, the library or the airport. Use tracking and recovery software, such as CyberAngel and LoJach for Laptops.If your computer got stolen, get IT department to wipe it remotely.If you have to leave your portable computer in your car, never leave it in plain view. Lock it up in the boot or cover it up.
Describe these types of attacks: Brute force attack, Keylogger attack, Sniffing Dictionary attack.
Brute force attack is a method of breaking encryption code by trying all possible encryption keys.
Keylogger is software that secretly records a user's keystrokes and sends the information to a hacker.
Sniffing is a process of monitoring and capturing all data packets passing through a given network. Attackers use sniffers to capture data packets containing sensitive information such as passwords, account information, etc.
A dictionary attack helps hackers guess your password by stepping through a dictionary containing thousands of the most commonly used passwords.
What is a password manager and how does it work?
Password manager is software that keeps track of sites at which a user has registered and the password that corresponds to each site. When you initially register for an account with a Web site or app, the password manager may display the user ID you typically use; usually it is your email address. You are then asked if you would like to enter a password or use an auto-generated password.
What is the difference between a Trojan and a worm?
Trojan is not designed to spread itself to other computers and it doesn't replicate itself. Trojans are stand-alone programs that masquerade as useful utilities or applications, which victims download and install unaware of their destructive nature.
Worm is a self-replicating type of malware that has the ability to spread and replicate itself without requiring user intervention. It takes advantage of security vulnerabilities in computer systems or networks to propagate.
What is a common preventive measure to avoid malware infections when downloading files from the internet?
A common preventive measure to avoid malware infections when downloading files from the internet is to use reputable sources or official websites, and to always scan the downloaded files with up-to-date antivirus software before opening or executing them. This helps detect and remove any potential malware or viruses that may be embedded within the files, ensuring the safety of your computer and data.
Describe the actions to HARM your computer. (3 or more)
Spill liquids on your computer;expose your computer to extreme temperatures; disassemble your computer without proper knowledge; wash the internal components of your computer with water and soap; hit the computer if it doesn't work.
What is two-factor authentication and how does it work?
Two-factor authentication (2FA) is a security method that requires users to provide two different forms of identification to verify their identity. It adds an extra layer of protection by combining something the user knows (like a password) with something they have (like a mobile device or security key). This two-step verification process makes it harder for unauthorized individuals to access an account, even if they have the user's password.
What is a botnet? How are they created?
A botnet is a network of compromised computers or devices that are under the control of a malicious actor or a group of attackers. Botnets can be used for various malicious activities, such as launching distributed denial-of-service (DDoS) attacks, spreading spam emails, distributing malware, etc. Botnets are created by compromising multiple computers or devices. Attackers exploit vulnerabilities in software, operating systems, or networks to gain unauthorized access. Once access is gained, the attacker installs specialized malware on the compromised devices. This malware establishes a connection between the infected devices and a command-and-control (C&C) server operated by the attacker.
How the Internet of Things affects cybercrime?
The Internet of Things (IoT) has a significant impact on cybercrime. With the increase in interconnected devices, the attack surface expands, providing more opportunities for cybercriminals. Insecure IoT devices can be compromised and used to launch attacks, such as botnets or distributed denial of service (DDoS) attacks. Furthermore, IoT devices often have weak security measures, making them easier targets for hackers. It is crucial for individuals and organizations to prioritize IoT security by implementing strong passwords, keeping devices updated with the latest firmware, and regularly monitoring and patching vulnerabilities to mitigate the risks associated with IoT-related cybercrime.
Suggest and describe your POSSIBLE way of hacking the local network of the BSUIR in order to cause the greatest harm to the system.
Thanks for your answer)