Level 4 Level 6
Level 5

1.6 and 1.7 Software and security

66 words_count 0 ignored

Ready to learn       Ready to review

Ignore words

Check the boxes below to ignore/unignore words, then click save at the bottom. Ignored words will never appear in any learning session.

All None

An email is sent to to a large number of people on a randomly generated address list pretending to come from a genuine organisation
Asks user to click on a link to acquire personal details such as bank account details or passwords from users, or to install spyware
How to spot a phishing email
The email will not be addressed to you personally
How to spot a phishing email
It may contain misspellings.
How to spot a phishing email
It will ask you to click on a link to receive a reward or stop something bad happening.
How to spot a phishing email
Email address may look suspicious i.e. not from company.
Operating system
Memory management � managing the running of programs
Operating system
Peripheral management� managing input and output devices' communication with the CPU
Operating system
Providing a user interface to allow communication with system
Operating system
Security � protecting the computer from hazards such as unauthorised access
Operating system
Disk and file management � manages where on the disk files are written keeps track of where they are so they can be retrieved. makes sure no file overwrites another file
The user has multiple tasks open at the same time.For example, working on an essay, listening to music and chatting on a messaging system.
The operating system has to manage how all the tasks get processor time.
The tasks all share one processor but appear to the user to be operating at the same time.
Utility program
Systems software that provides additional functionality to the operating system that helps make the operating system/computer easier to use
Anti�virus software
utility program that prevents harmful programs being installed and important files being changed If a virus does install itself, the antivirus software detects and removes it.
Disk Defragmenter
Optimises the use of the hard disk space by collecting together the separate parts of each file in one location on the disk as well as grouping together the free space.
Disk Defragmenter
Done so newly saved files do not have to be fragmented/split up. Files will be read more quickly if they are not split up and held on different parts of the disk.
software that checks data coming from the Internet or a network
Protects against Hackers accessing files on the computer/deleting files etc.
Prevents unauthorised access to your computer by people accessing it from the internet.
Configured to block traffic from specific addresses or applications but allow useful ones access.
signals sent to the CPU by external devices to indicate an event that needs immediate attention.
They tell the CPU to suspend its current activities and execute appropriate instructions
Hardware interrupts
generated by hardware devicesfor example, printer out of paper
Software interrupts
generated by programs e.g. a divide�by�zero error will cause a calculation to be abandoned and an error message displayed
Device drivers
Program that controls a peripheral device such as a printer, VDU, CD�ROM drive etc.
Device drivers
Allows communication between operating system and a device
Print buffer
Special area of memory in either the computer or the printer that stores the queue of print jobs and the required data
Access rights
Different people in organisations only have permission to do certain things on a computer system.
Physical security
Locks on doors, CCTV cameras, Finger print scanners etc
Acceptable Use Policy
Set of rules applied by the administrator of a system that restrict the ways in which the system may be used
Penetration testing
The practice of deliberately trying to find security holes in your own systems.
Penetration testing
The goal of this testing is to:identify the targets of potential attacks.identify possible entry points. attempt to break in.report back the findings
Black box testing
Testers are given no more information than any potential hacker may have
White box testing
Testers are given as much information as an �insider� may have, in order to determine how much damage a rogue employee could do to a system
Grey�hat hackers
Fall somewhere in between black and white hats.Frequently seek out system vulnerabilities without authorisation from the system owners
Audit trails
A log of information regarding how users have been interacting with the system.
Audit trails
Who attempted access? � Usernames and IP addresses.What did they do? � Download, view, delete or modify data.Where did they look? � Which computers were accessed?When did they do it? � Creates a timeline of events.Why did they do it? � Motives may begin to emerge
Network forensics
network administrators can use audit trail data to solve data mysteries.This can identify data leaks and prevent security attacks . An intrusion detection system can and alert administrators in real�time
Secure passwords
Use a minimum of eight characters.Use a mixture of numbers, lowercase and uppercase characters.Include symbols such as &, !, #, %.Do not include your name, DOB or personal details
Proxy server
Acts as an intermediary between a web browser and the Internet. It helps to improve web performance by storing a copy of frequently used web pages
User access levels
Different people in an organisation have access to permissions to view or change only certain parts of a system
encoding of data so that it can no longer be easily understood
Social engineering
art of manipulating or �conning� individuals into giving away private information or login IDs and passwords
Shoulder surfing
direct observation of a user entering their security details
Brute force attacks
a hacker may go through a list of different passwords until access to an account is gained. Alternatively, the attacker may try every combination of characters until the correct password is found
Denial of Service attack
Attempts to flood a website server with an overwhelming number of data requests so it causes it to crash.
Graphical User Interface
Uses windows, icons, menus and pointers to allow interaction between the computer and the user.Needs to more RAM to run. Easier to use.
Menu�driven interface
Just utilises menus to allow users to naviagte a system
Command Line Interface
User responds to a text prompt by typing in a command on a specified line, receives a response back from the system.
sensors detect inputs, actuators output actions e.g. Automatic doors etc
Voice activated/Natural language interface
Using speech to interact with a computer
Full back up
The entire contents of a hard drive or SSD are backed up / All the organisation�s data and software are backed up so that in the event of a disk crash, theft or natural disaster, it can be copied onto a new storage device
Incremental backup
Changes made since the last backup are copied onto a backup device
Command line interface disadvantage
Need to be an expert to use it.
Command line interface advantage
Quicker if you know commands.
Command line interface advantage
No graphics means less RAM needed.
It is a standalone program that does not need to attach itself to an existing program in order to spread.
SQL injection
takes advantage of web input forms to access or destroy data.
SQL injection
SQL commands can be input into web forms instead of the expected �real� data.
It may scan the Internet looking for vulnerable computers to infectour
SQL injection
This can be interpreted by vulnerable web applications as an additional instruction to operate in the hacker�s favour
One type of malware which is installed without your knowledge, with the purpose of doing harm.
A program which infects (embeds itself in) other programs or data files.
It is easily spread if a user innocently sends an infected file to someone else