Show:
Physical and Software Security Controls
Auditing and Penetration Testing
Software security and data vulnerabilities
Web Application Risks
Legislation
100

To confirm that an user can access a specific resource


What is User Authentication?

100

A security flaw or weakness found in software code that could be exploited

Software Vulnerability 

100

Malicious software designed to infiltrate and damage computer systems without authorisation

Malware

100

Computer program used to prevent, detect, and remove malware

Antivirus Software

100

Laws created in the Australian Parliament house that apply to the whole country

Federal Laws

200

Turn the plaintext into ciphertext

Encrypt


200

Take advantage of a vulnerability

Exploit

200

Pretending to be a reputable entity or person in order to induce the disclosure of sensitive information


Pishing

200

Allows malicious script to be inserted into a regular web page form to gain access or information.

Cross-site scripting (XSS)

200

The preparing and enacting of laws

Legislation


300

An encoded message

Ciphertext

300

 Strategies to identify and minimize potential risks

Software auditing and Penetration testing

300

Eavesdropping attack where communication and data are exposed to an unauthorised third party

Man-in-the-Middle-Attack

300

Record keystrokes from a computer and send passwords or sensitive information to unauthorised attackers.

Keyloggers


300

Original work is the property of the person who created it

Copyright Act 1968

400

The same key is used by the receiver and sender for secure communication over the internet.

Symmetric Encryption

400

Simulated cyber attack to check for vulnerabilities within a computer system

Penetration Testing

400

Personal information is accessed, disclosed without authorisation, or is lost.

Data Breaches

400

Redirects users to false websites that imitate the legitimate URL

Pharming

400

At a federal level, law is concerned with how information about people can be used.

Privacy Act 1988

500

Git/Github to manage changes to source code over time

Version Control System

500

To uncover any issues or problems of a software

Software Auditing


500

Tricking the victim into clicking 'accept' with admin permissions or into giving the attacker physical access to a device

Social Engineering


500
Standard set of instructions that can manipulate a database server

SQL injection


500

Privacy and Data Protection Act 2014 applies to these entities

Centrelink, VicRoads, WorkSafe