Methods to Detect and Prevent Cyber Security Threats

Understand and be able to explain the following security measures:

  • biometric measures
  • password systems
  • CAPTCHA
  • email to confirm identity
  • automatic software updates

Biometric Measures

  • Makes use of a person's physical features:
    • fingerprint
    • facial recognition
    • voice recognition
    • retinal scans
  • To allow access to a system.
  • Biometric methods cannot be forgotten or stolen, making them more secure than passwords.

Password Systems

  • Currently the most common method for preventing unauthorised access to a network or computer.
  • Essential that passwords are strong and not written down.
  • Some sites/applications only ask for some of the characters from a password (e.g. 2nd, 5th and last), this makes it difficult for key-loggers to obtain the full password.

Password Systems

  • Two-step authentication is becoming more common.
  • This means the user has to enter a unique code sent via SMS, email or an authentication application after the user has entered their username and password.
  • This code is usually only valid for a short period of time making it harder for a hacker to gain access to a system.

CAPTCHA

  • A form of challenge response test used to determine whether a user is human.
  • It involves asking a user to perform a task that a software (ro)bot could not.
  • The most common form is the text CAPTCHA, where the user is show an set of distorted characters that they then have to type in.

CAPTCHA

  • Picture recognition CAPTCHAs show a series of images that the user has to select all of a certain type (e.g. cars).
  • Some CAPTCHAs only need the user to click on a check box to confirm they are human.
  • CAPTCHAs are good at preventing fake registrations on websites and other spam.
  • However, users find them irritating and can be put off accessing a site as a result.

Email Confirmations

  • Used after a user creates an online account.
  • The site might send an email for the user to click on a link, to confirm the email address is linked to the person that created the account.
  • The online account will only be confirmed once the verification link is clicked.
  • It allows the site to confirm the new account is real and not automated.
  • It also alerts users if someone is trying to illegitimately use their email address.

Automatic Software Updates

  • Keeping software up to date, helps to keep systems secure.
  • Most programs now allow automatic updates and operating systems will update and install patches as soon as they are available.
  • This means the time an exploitable weakness is on a system is kept to a minimum.
  • It also reduces the chances of the user forgetting to perform updates.

Questions

  1. Identify and describe two methods that can be used to ensure that users are real when signing up to a website.

Answers

CAPTCHAs - users are required to select a sub-set of images or enter text that has been distorted.

Email confirmation - users are sent an email with a link they need to click to confirm their email address is valid.

  1. Identify and describe two methods that can be used to ensure that users are real when signing up to a website.

6d Detect and Prevent Cyber Security Threats

By David James

6d Detect and Prevent Cyber Security Threats

Computer Science - Cyber Security - Detect and Prevent Cyber Security Threats

  • 550