1. List two examples of system and program threats that may cause damage to a system
-System threat
-Program threat
2. Write two ways you can secure your system from system or program threats
3. As you know. human security attacks are made via social engineering List any three ways you can spot social engineering attacks
1. Examples of system threats that may cause damage to a system:
- Distributed denial-of-service (DDoS) attacks: These attacks overwhelm a system or network with a flood of incoming traffic, making it unavailable to users.
- Malware or viruses: These malicious software programs can infect a system, disrupt operations, steal sensitive data, or cause damage to files.
Examples of program threats that may cause damage to a system:
- Buffer overflow vulnerabilities: These occur when a program receives more data than its allocated memory space, potentially allowing an attacker to execute arbitrary code or crash the program.
- SQL injection attacks: These involve inserting malicious SQL statements into a program's input fields, leading to unauthorized access, data breaches, or data manipulation.
2. Two ways to secure your system from system or program threats:
- Keep software and operating systems up to date: Regularly applying security patches and updates helps protect against known vulnerabilities that can be exploited by threats.
- Use strong and unique passwords: Implementing complex passwords and using different ones for each account reduces the risk of unauthorized access or account compromise.
3. Three ways to spot social engineering attacks:
- Be cautious of unsolicited requests for information: If someone you do not know or were not expecting asks for sensitive information, such as passwords or financial details, it could be a red flag.
- Verify the source and legitimacy of communications: Double-check the sender's email address, phone number, or website URL to ensure they are genuine. Phishing emails or fake websites often mimic trusted sources.
- Exercise skepticism with urgent or high-pressure tactics: Social engineers often use urgent or pressing situations to manipulate individuals into bypassing security measures. If someone is trying to rush or pressure you into providing information or taking immediate action, exercise caution.
1. Examples of system threats that may cause damage to a system:
- Denial of Service (DoS) attacks: These are attacks where an attacker overwhelms a system with excessive traffic or requests, causing it to become inaccessible to legitimate users.
- Unauthorized access: This refers to an attacker gaining unauthorized access to a system, either through exploiting vulnerabilities or by obtaining valid credentials through phishing or other means.
Examples of program threats that may cause damage to a system:
- Malware: This includes viruses, worms, trojans, ransomware, and other malicious software that can harm or disrupt a system's operations or steal sensitive information.
- Software vulnerabilities: Programs and applications may have vulnerabilities or weaknesses that can be exploited by attackers to gain control over a system or execute malicious actions.
2. Ways to secure your system from system or program threats:
- Use robust security software: Install and regularly update comprehensive antivirus and antimalware software to detect and prevent potential threats.
- Regularly update software and patches: Keep all programs, applications, and operating systems up to date with the latest security patches and updates, as these often address known vulnerabilities.
- Implement strong access control measures: Use strong and unique passwords, enable two-factor authentication, and limit user privileges to minimize the risk of unauthorized access.
- Regularly back up data: Create regular backups of important data to ensure it can be restored in case of a system compromise or data loss event.
3. Ways to spot social engineering attacks:
- Suspicious requests for personal or sensitive information: Exercise caution when receiving unsolicited requests for personal information, passwords, or financial details, especially if they come via email, phone calls, or online messages.
- Urgency or pressure to act quickly: Be wary of requests that create a sense of urgency or instill fear, as social engineering attacks often rely on exploiting people's emotions to increase their chances of success.
- Unusual or unexpected communication: Pay attention to unusual or unexpected communication methods, such as receiving a phone call or email from someone claiming to be from a company or institution you haven't interacted with before.
- Poor grammar or spelling errors in messages: Many social engineering attacks originate from non-native English speakers, resulting in common grammar or spelling mistakes in their messages.
- Phishing or deceptive website indicators: Look for signs of phishing, such as suspicious URLs, misspelled domains, or websites that don't have secure connections (indicated by HTTPS and a padlock icon).
- Trust your instincts: If something feels off or too good to be true, trust your intuition and verify the legitimacy of the request or communication before taking any action.
1. System threats refer to risks that can affect the overall operation of a computer system, while program threats are risks specifically related to software applications.
Examples of system threats include:
a) Malware infections: Malicious software like viruses, worms, or ransomware can infiltrate a system, causing damage, stealing data, or disrupting normal operations.
b) Denial of Service (DoS) attacks: These attacks overwhelm a system with excessive traffic, rendering it unable to function properly and denying access to legitimate users.
Examples of program threats include:
a) Buffer overflow: When a program receives more data than it can handle, it may overwrite adjacent memory areas, leading to crashes, system instability, or even unauthorized code execution.
b) Logic bombs: Code snippets embedded in programs that trigger specific malicious actions when certain criteria are met. These could delete files, modify data, or cause other damage.
2. Two ways to secure a system from system or program threats are as follows:
a) Install robust security software: Choose a reliable antivirus program and firewall to protect against malware attacks. Keep these programs up to date to ensure they can defend against the latest threats.
b) Regularly update software: Keep all software applications, including operating systems and programs, patched with the latest security updates. Developers frequently release these updates to address vulnerabilities and improve system security.
3. Spotting social engineering attacks relies on being vigilant and recognizing common tactics used by attackers. Here are three ways to spot social engineering attacks:
a) Suspicious requests for personal information: Be cautious when someone unexpectedly requests sensitive information, such as username, password, Social Security number, or banking details. Legitimate organizations usually don't ask for this information via unsolicited emails or calls.
b) Urgency or pressure tactics: Social engineers often create a sense of urgency to manipulate their targets. They may claim there is an immediate problem or a limited time offer to rush you into taking actions without proper consideration. Be skeptical of such demands.
c) Unexpected or unfamiliar communication: If you receive messages, emails, or calls from unknown sources asking for personal information, financial assistance, or offers that seem too good to be true, exercise caution. Verify the legitimacy of the communication through independent means, such as contacting the organization directly using their official contact information.