Show Menu

Cyber Security - AQA Computer Science Cheat Sheet by [deleted]

What is 'cyber security'?

Methods and techno­logies designed to protect networks, computers and data from attack, damage and unauth­orised access.


Weak­/de­fault passwo­rds
These are easily guessed or found through brute force decryp­tion.
Misc­onf­igured access rights
This means that system­s/files that should be secure can be accessed by other users.
Remo­vable media (e.g. USBs)
This can bypass security measures (like firewa­lls), so malware can be installed more easily.
Outdated software
Software that has not been patched is vulnerable to attackers.
In addition to this, mali­cious code and social engine­ering techniques also pose threats.

Cyber Security Threats


Methods of Protection

Identity authen­tic­ation: biometric, passwords, two-step authen­tic­ation
CAPTCHA (human or robot test)
Anti-Virus software (keep up-to-­date)
Updating software and installing patches

Social Engine­ering

Social engine­ering
The process of manipu­lating people into undert­aking certain actions or disclosing confid­ential inform­ation.
Blag­ging or Pret­ext­ing
Creating a fictional scenario in order to obtain a user’s personal inform­ation, then using this inform­ation for malicious purposes.
Contacting users (usually through fraudulent emails that mimic a legitimate organi­sat­ions) to cause users to disclose personal inform­ation (e.g. usernames, passwords)
Setting up and guiding users to a bogus website that is visually identical to a legitimate one, allowing the attacker to gain login details.
Shou­lde­ring or Shoulder surfing
Spying’ on people, usually while they’re logging in to accounts or using an ATM, to find sensitive inform­ation (e.g. passwords, PINs).

Phishing and Pharming


Penetr­ation Testing

What is pene­tration testing?
Attempting to gain access to resources without knowledge of login details and other normal means of access, in order to test defences.
What is the difference between blac­k-box and whit­e-box penetr­ation testing?
Whit­e-box penetr­ation is where the tester already has some knowledge of the target system. This simulates an attack by a malicious insider. Blac­k-box is where they have no prior knowledge. This simulates external hacking or cyber warfare.


Dangerous or intrusive software.
Malicious program that duplicates itself once inside a computer or network.
A malicious program disguised as a legitimate one to trick users into installing it.
Software enabling attackers to obtain inform­ation about another's computer activities by transm­itting data from their hard drive.
Ad ware
Software that automa­tically displays advert­isments when a user is online, generating revenue for the attacker.

Help Us Go Positive!

We offset our carbon usage with Ecologi. Click the link below to help us!

We offset our carbon footprint via Ecologi


No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Bio Topic 1: Cell Biology Cheat Sheet
          Cloud Computing Cheat Sheet

          More Cheat Sheets by [deleted]