identifying and preventing threats to computer systems and networks

Malware (malicious software) is any software that has been created with malicious intent to cause harm to a computer system.

A virus is a program which can replicate itself on a user's computer and contains code that will cause unwanted and unexpected events to occur, such as corrupting files, deleting data, or preventing applications from running correctly.

True. Worms are similar to viruses, with the main difference being that they will spread to other drives and computers on the network.

A Trojan, sometimes also called a Trojan Horse, is a type of malware that disguises itself as legitimate software but contains malicious code in the background.

Spyware is software that allows a person to spy on the users' activities on their devices, such as recording the screen, logging keystrokes, and gaining access to passwords.

Ransomware is a form of malware that locks your computer or device and encrypts your documents and other important files, often demanding money to receive the password that will allow the user to decrypt the files.

Social engineering is exploiting weaknesses in a computer system by targeting the people that use or have access to them.

Phishing is a form of social engineering where fraudulent emails are sent to a large number of email addresses, claiming to be from a reputable company or trusted source, to try and gain access to the recipient's details, often by coaxing them to click on a login button.

True. Human errors, such as not locking doors to computer/server rooms or sharing passwords, can lead to significant security issues.

A brute-force attack is a method where an attacker repeatedly tries multiple combinations of a user's password to try and gain unauthorised access to their accounts or devices.

A denial of service attack (DOS attack) occurs when an attacker repeatedly sends requests to a server to flood the server with traffic, causing it to overload and become unusable.

True. A distributed denial of service (DDOS) attack involves traffic coming from multiple distributed devices in a coordinated attack on a single server/network.

Data interception and theft is when thieves or hackers can compromise usernames, passwords, and other sensitive data by using devices such as a packet sniffer to collect the data being transferred on a network.

SQL (Structured Query Language) is a language used to create, access, and manipulate a database.

SQL injection is entering an SQL command into a web text field to manipulate the SQL query, with the goal of inserting, modifying, or deleting data from the database.

Penetration testing is a method of identifying vulnerabilities whereby a company employs people to try and hack their network and databases, allowing them to fix any issues found.

Penetration testing would help to prevent SQL injection attacks.

Anti-malware software is a combination of different software, such as anti-virus, anti-spam, and anti-spyware, to prevent computers from being susceptible to viruses and other malicious software.

True. Anti-malware software scans email attachments, websites, and downloaded files to search for issues and block malware based on known signatures.

A firewall is a barrier between a network and the internet that filters requests and prevents unwanted traffic from entering the network.

A firewall would help prevent hackers, malware, unauthorised access to a network, and DOS/DDOS attacks.

User access levels ensure users of a network have designated roles and access restrictions, such as unrestricted access for administrators, partial access for teaching staff, and restricted access for students.

A password is a digital lock that prevents unauthorised access to an account, often stored as encrypted text in a database.

User access levels and passwords would help prevent data interception and theft, as well as SQL injection attacks.

Encryption is a method of converting plain text into ciphered text using complex mathematical algorithms to scramble the data.

False. Encryption does not prevent attacks from occurring, but it stops the attacker from gaining access to the information.

Physical security refers to measures that physically prevent access to parts of a network, such as locked doors, biometrics, and surveillance cameras.

Physical security would help prevent data interception and theft, as well as social engineering attacks.

Anti-virus software is a type of anti-malware software specifically designed to detect and remove computer viruses.