CIE IGCSE ICT: Safety and Security

Study online at quizlet.com/_48t6y8

1. Biometrics: automated methods of recognizing a person based on a physiological (body) or behavioral characteristic
2. Biometrics include:: - Fingerprint scans
- Signature recognition
- Retina scans
- Iris recognition
- Face recognition
- Voice recognition
3. Computer Virus: program code or software that can replicate itself with the intention of deleting or corrupting files on a computer; they
often cause the computer to malfunction
4. difference between moderated and unmoderated forums and the relative security of these: Moderated Forum
- Online forum where posts are checked by an administrator before they are allowed to be posted
- Can easily prevent spam, and filter posts that are inappropriate, rude, or offensive, even those that wander off topic
- Less chance of being exposed to spam
Personal Data is more secure as 'moderators' won't allow phishing attempts to be posted

Unmoderated Forum
- The internet is an example of this, as no one owns the internet
- Need a separate cooperation (usually voluntary) to act as safeguards between users and network operators
- However, most social forums or groups have a set of rules that members must follow in order to stay in the forum.
- Personal Data is more at risk because there are no measures taken to prevent phishing/spam
5. Digital Certificates: are an electronic passport that lets a person, computer or organisation exchange information securely using the
internet.
6. Encryption: It makes the data meaningless unless the recipient has the decryption key. It is used to protect data in case of hacking or
illegal access.
7. Face recognition: Identification done by identifying specific individual's faces from a digital image by analysing and comparing patterns
8. Face recognition (Advantages and disadvantages): Advantages
- Non-intrusive
- Relatively inexpensive
Disadvantages
- Affected by changes in lighting, hair, age and whether or not glasses are worn
9. Facial recognition
- Comparative accuracy
- Comparative cost
- Devices Needed
- What can interfere w/ procedure: Comparative accuracy:Medium- low
Comparative cost: Medium
Devices Needed: Digital camera
What can interfere w/ procedure: Facial hair/ glasses
10. Features of retina or iris scan: - Retina scans use infrared light to scan unique pattern of blood vessels in the retina.
- Requires a person to sit still for 10 to 15 secs while scanning.
- It it very secure as nobody has found a way to duplicate blood vessels patterns.
11. Firewall: A software/hardware that sits between the user's computer and an external network (internet) and filters information coming in
and out of the user's computer.
12. Hacking: The act of gaining unauthorised access to a computer system
13. Hacking can lead to:: - identity theft or misuse of personal information
- deletion, change or corruption of data from a user's computer
- using your computer or your email contacts to send spam
14. How are passwords and IDs used to increase the security of data?: - Anyone without the correct user ID or password is denied
access
- because the user ID and password must match up to allow a user to gain access to data
15. How do you prevent pharming?: - Check the URL of any site that asks you to provide personal information. Make sure your session
begins at the known authentic address of the site, with no additional characters appended to it.
- Maintain effective, up-to-date virus protection.
- Use a trusted, legitimate Internet Service Provider. Rigorous security at the ISP level is your first line of defence against pharming.
- Check the certificate. On many Web browsers, go to "File" in the main menu, select "Properties", or right click your mouse anywhere
on the browser screen and, from the menu that pops up, click on "Properties". Next click on "Certificates" and check if the site carries a
secure certificate from its legitimate owner.
16. how it is possible to be the subject of fraud when using a credit card online?: Causes:
+ Hackers gaining access to user's computer through spyware, phishing or pharming
The user may be tricked to give personal and financial information, allowing the hacker complete access to the user's account and
lead to unauthorised purchases or withdrawal of money from an account if undetected for a few days.
+ Breaking of passwords
- If passwords are weak or no encryption is used then illegal access to bank or credit card accounts
- Fake URLS
- Sometimes the web address is altered very slightly and the user ends up visiting a fake website. It is possible that in these sites, the
user is asked to give personal info.
+ Wireless technology
Internet access must be password controlled since hackers can tap in quickly without it.
+ User log-ins in public places (eg. Wi-Fi hotspots in airports)
Risk of someone monitoring internet usage in the area and trying to tap into the data which is going into and from any computer using
the wireless link
17. how it is possible to recognise when someone is attempting to obtain personal data, report the attempt and avoid the disclosure
of information: Phishing
- They will ask for your bank details and passwords over email (Banks NEVER do this)
Promise you an enormous reward
Pharming
- Check the URL as there will be some difference to the legitimate website
Legitimate website tend to be protected by SSL (so look for the https)
Smishing
- SImilar to Phishing but via SMS, they will ask for your account details
18. How to Prevent computer viruses: - Install anti-virus software and update it regularly
- Don't use software from unknown sources
- Be careful when opening emails or attachments from unknown senders
19. How to prevent phishing?: - Be cautious when opening emails or attachments
- Many ISPs or web browsers filter out phishing emails
- Don't click on executable attachments (.exe, .bat, .com)
- Don't give out personal details
20. How to prevent spam mail?: - Use the junk email filter
- Block images (web beacons) in HTML messages, linked to an external web server that is placed in a HTML-formatted message and
can be used to verify that your email is valid when downloaded
- Look out for check boxes when buying items online (e.g. agreeing to sell or give email address to third party users)
- Do not sign commercial mailing lists
- Do not reply to an email or unsubscribe from a mailing list that you did not sign up for in the first place
21. How to recognise spam mail: - You don't know the person who sent the email
- You are being asked to buy something/ send money
- You are being asked to send passwords, bank details, or other personal data
- Email is full of grammar or spelling errors
- You are asked to carry out the task immediately (as spam emails have to be changed frequently so they don't get caught)
- Email contains a link you have to click on (re-direct you to pharming website)
- Addressed by 'Dear Customer' or 'Valued
- Member' instead of your actual name (spammers don't know your name)
22. Measures to protect data from hacking:: - Use firewalls
- Use authentication techniques such as usernames, passwords & biometrics
- Use encryption: makes the data unreadable to the hacker but it can still be deleted, altered or corrupted
23. Password: A sequence of letters and/or numbers used as additional security when logging onto a network or single computer
24. Pharming: an attempt to steal personal or confidential information by redirecting users to a fake website without them knowing
25. Phishing: the activity of defrauding an online account holder of financial information by posing as a legitimate company
26. The potential for the malicious use of technology to collect personal data: + Phishing- sending an email to gain bank account and
credit details for fraud or identity theft
- Smishing and Vishing are similar to Phishing but using mainly SMS and Voicemail respectively
+ Pharming- using fake websites to gain credit card & banking details leading to fraud or identity theft
27. Precautions for fraud when using a credit card online?: - Use varied and complex passwords for all your accounts
- Check accuracy of bank accounts continually and resolve any discrepancies immediately
- Only provide personal info on sites which have 'https' in the web address or have the padlock icon in the browser
- Don't provide personal info to any unsolicited requests for info
- Don't open emails or attachments from unknown senders
- Delete any messages from your spam folder regularly
- Report any suspicious phishing activity to the company that is used by the perpetrator
- Only download files and software from trusted websites
28. Security Sockets Layer (SSL): A type of protocol that allows data to be sent and received securely over the internet.
-When a user logs on to a website, SSL encrypts the data - only the user's computer and the web server are able to read/ process the
data being transmitted. SSL is shown by the 's' in 'https' or a small padlock in the status bar
29. Signature recognition: Identification done by scanning a signature and comparing it to data stored in a library of known signatures
30. Signature recognition (Advantages and disadvantages): Advantages
- Non-intrusive
- Requires little time to verify (5 seconds)
- Relatively low cost

Disadvantages
- If individuals don't sign the name in a consistent manner, there may be problems with verification
- High error rate
31. Signature Recognition
- Comparative accuracy
- Comparative cost
- Devices Needed
- What can interfere w/ procedure: Comparative accuracy: Low accuracy
Comparative cost: Medium
Devices Needed: An optical pen
What can interfere w/ procedure: Signatures change over time
32. Smishing: a combination of 'SMS' and 'Phishing' uses mobile phone messages to trick readers into providing usernames, passwords and
banking details
33. Spam: Unwanted emails that are automatically sent out to a random mailing group. These emails are obtained from chat rooms,
websites, newsgroup, and even certain viruses that harvest contacts.
34. User ID: A sequence of characters that identifies a user when logging onto any network or computer
35. Voice recognition: Identification done by recognising the voice of a particular person
36. Voice recognition (Advantages and disadvantages): Advantages
- Non-intrusive
- Requires little time to verify (less than 5 seconds)
- Relatively inexpensive

Disadvantages
- A person's voice can be recorded easily and used without authorisation
- Low accuracy
- An illness (e.g. common cold) can change a person's voice ∴ identification becomes difficult/ impossible
37. Voice recognition
- Comparative accuracy
- Comparative cost
- Devices Needed
- What can interfere w/ procedure: Comparative accuracy: Medium
Comparative cost: Medium
Devices Needed: Microphone
What can interfere w/ procedure: Background noise/ change in voice (e.g. cold)
38. What are the Effects of computer viruses: - can cause the computer to 'crash', stop functioning normally or become unresponsive
- can delete files or data on a computer
- can corrupt operating systems files, making the computer run slowly or even 'crash'
39. What are the features of a web page that identify it as using a secure server?: - Has 's' in its url: 'https'
- Has a padlock next to the url
40. What measures needed to be done in order to protect against hacking?: - Use firewalls
- Use strong passwords and User IDs
- Use intrusion and detection software
41. Why are firewalls used?: + Examine the 'traffic' between user's computer (internal network) and a public network
+ Checks whether incoming or outgoing data meets a given set of criteria
- If data fails to meet criteria, firewall blocks the 'traffic' and warns the user of security issues
- Criteria can be set to prevent access to undesirable sites
+ Used to log all incoming and outgoing traffic to allow later interrogation by the use
+ Possible for firewalls to prevent viruses/hackers from entering user's computer network
- Blocking the IP addresses of hackers, but hackers can still gain access if given an allowed computer
+ Used to warn user if any software is trying to access an external data source