Cyber Security Oxford Home Study Centre Page: 1

Cyber Security Tools & Techniques

1. Give short answers for the following questions: (15)

i. What is meant by ‘authentication’? Provide an example.
Authentication refers to the process of ensuring that a person attempting to gain access to a
system is the person they claim to be. The most common example of authentication with
computer systems being the requirement to enter a username and password.
There are also some systems and organizations that take things a step further, using ‘two-factor’
authentication to bolster the security of their systems. Examples of additional security checks
within a two-step authentication process include fingerprint scanners, voice recognition
software and additional personal information that must be entered manually. A physical token
(such as an access card) may also be required to authenticate the user.
The greater the extent to which businesses worldwide operate using centralised servers and
connected technology, the greater the importance of effective authentication. Today, the vast
majority of employers are required to connect to one or more internal and/or external
networks, in order to go about their daily business. In doing so, it is essential that they confirm
they are the person they claim to be, rather than an unauthorized user. It is just as important for
an individual to verify their identity when accessing an in-house intranet as it is a remote worker
logging on from an external location.

Wiki : Authentication is important because it enables organizations to keep their networks secure by
permitting only authenticated users (or processes) to access its protected resources, which may
include computer systems, networks, databases, websites and other network-based applications or
services. Once authenticated, a user or process is usually subjected to an authorization process as
well, to determine whether the authenticated entity should be permitted access to a protected
resource or system.

ii. Briefly describe the concept of encryption and its benefits.

The term ‘encryption’ refers to the process of transforming data into an unintelligible format
during transit. Roughly translated, the data is translated into an unreadable language prior to
being transmitted, only to then be unencrypted when delivered to the intended recipient. It is
something of a lock and key technique - only the authorized recipient has the key to translate
the code back into a readable form. Complex mathematical algorithms are used to encrypt and
decrypt the data, which happens automatically. At the highest level, encrypted data cannot be
unencrypted manually - it could even take an automated algorithm several years to crack the
code. These days, the vast majority of sensitive data (such as payment information) transmitted
online is safeguarded using encryption.

Wiki :

In cryptography, encryption is the process of encoding information. This process

converts the original representation of the information, known as plaintext, into an
alternative form known as ciphertext. Only authorized parties can decipher a
ciphertext back to plaintext and access the original information. Encryption does not
itself prevent interference but denies the intelligible content to a would-be
interceptor. For technical reasons, an encryption scheme usually uses a pseudo-
random encryption key generated by an algorithm. It is possible to decrypt the
message without possessing the key, but, for a well-designed encryption scheme,
considerable computational resources and skills are required. An authorized recipient
can easily decrypt the message with the key provided by the originator to recipients
but not to unauthorized users. Historically, various forms of encryption have been
used to aid in cryptography. Early encryption techniques were often utilized in
military messaging. Since then, new techniques have emerged and become
commonplace in all areas of modern computing. Modern encryption schemes utilize
the concepts of public-key and symmetric-key. Modern encryption techniques
ensure security because modern computers are inefficient at cracking the encryption.

iii. What is a digital signature?

This is a technique for validation of data. Validation is a process of certifying the content of a
document. The digital signatures not only validate the data, but also used for authentication.
The digital signature is created by encrypting the data with the private key of the sender. The
encrypted data is attached along with the original message and sent over the internet to the
destination. The receiver can decrypt the signature with the public key of the sender.
Now, the decrypted message is compared with the original message. If both are same, it
signifies that the data is not tempered and that the authenticity of the sender is verified as
someone with the private key (which is known to the owner only) can encrypt the data which
was then decrypted by their public key. If the data is tampered with during transmission, it is
easily detected by the receiver as the data will not be verified. Moreover, the massage cannot
be re-encrypted after tampering as the private key, which is possessed only by the original
sender, is required for this purpose.

Qiki :
A digital signature is a mathematical scheme for verifying the authenticity of digital
messages or documents. A valid digital signature, where the prerequisites are
satisfied, gives a recipient very strong reason to believe that the message was
created by a known sender (authentication), and that the message was not altered in
transit (integrity).

2. Discuss the difference between antivirus and firewall security measures. Why is it more
effective to combine the two, rather than relying one safeguard alone? (8)

The prevalence of malicious software (spyware, viruses, Trojans etc.) is growing all the time. As
is the threat posed by the most sophisticated forms of these malicious codes. One of the most
effective ways of protecting a computer system against such threats is to use an equally
sophisticated anti-virus suite. As the name suggests, anti-virus software is designed to identify
malicious code upon detection and prevent it from causing damage to the computer system in
general. The idea being that before it has chance to wreak havoc on the computer or the
network, it is detected, removed or ‘quarantined’ safely. The user (or network manager) is
notified that a suspected malicious file has been detected, after which they can decide what to
do with it and determine what action needs to be taken, if any. Antivirus software must be
updated regularly to keep up with the growing sophistication of cyber criminals.
In the simplest terms, a firewall is any hardware or software (or combination thereof) that builds
a virtual ‘wall’ between a computer system or network and the Internet. It is designed to
provide robust protection from anyone and anything that doesn’t have the authorisation to
bypass the firewall.

Businesses use both software firewalls of hardware firewalls to protect their systems, or in some
cases a combination of the two.
 Hardware Firewalls: Common examples of hardware firewalls include protected routers that
prevent unauthorized access to the organization’s computers and network systems.
 Software Firewalls: These are the ‘virtual’ firewalls are installed on computers and servers to
protect from unauthorized access. Operating systems like Microsoft Windows also feature their
own in-built software firewalls.

Wiki :
The major difference between Firewall and Antivirus is that a Firewall acts as a
barrier for the incoming traffic to the system. Conversely, Antivirus protects against
the internal attacks like malicious files etc. Antivirus software provides more web
protection as compared to the firewall

3. Provide five examples of strong passwords and five examples of weak passwords. Explain the
strengths/weaknesses of each and suggest ways to improve the weaker passwords. (7)

Guideline for setting secure Password

As previously touched upon, nothing matters more in most organisational settings than setting a
secure password. In addition, passwords should be changed on a regular basis for added
security. Unfortunately, evidence suggests that a surprising proportion of people continue to
choose passwords that are nowhere near secure enough. Always follow the guidelines below
when choosing or allocating passwords:
Basics
 All passwords should be a minimum of eight characters long, though should ideally consist of
12 characters or more. The longer the better, as long as the user can remember it.
 A variety of different types of characters and symbols should be used. Every password should
contain at least one uppercase and one lowercase character, along with one number and one
symbol.
 Under no circumstances should any standard word be used that appears in any dictionary,
irrespective of the language chosen.
 Using the same password twice should be strictly prohibited in all instances.

Things to avoid
 Do not take a simple word and add a single number to the end of it - e.g. "apple1"
 Never simply write the same basic word twice - e.g. "appleapple"
 Don't take an everyday word and spell it backwards - e.g. "elppa"
 Likewise, don’t use an everyday word and take away the vowels. - e.g. "ppl"
 All standardised and predictable character sequences should be avoided - e.g. "qwerty”
 Never code letters by their position in the alphabet - e.g. 123 = ABC etc.

Tips
 Your password needs to be too complex and specific for anyone else to guess, but you should
be able to remember it so that you don’t have to write it down. Under no circumstances should
you ever keep a written copy of your username or password.
 Ideally, you should also be able to type your password quickly and fluently. This will limit the
chance of somebody guessing your password by watching you type it in.

Bad Passwords
 All passwords that are based on general personal information are considered weak and should
be avoided. Examples of which include names of pets, names of spouses, nicknames, dates of
birth, towns and cities, car registrations, social security numbers and so on.

 Do not set a password based on anything within sight at the time (printer, scanner,
photocopier etc.) as these are far too easy for hackers to guess.

 Avoid the temptation to use the kinds of passwords that are already used by millions -
Password1234, Letmein9876 etc.

 Do not include any information in your password that refers to your e-mail address, your
computer name, your account name, your username or any of your credentials in general.

Choosing a password
 Using quality password generator software can be a great way of creating a near impenetrable
password.
 Think of a song or poem you like, then use the first letter from each word of a sentence to
create a unique password.
 Alternate between uppercase and lowercase in a random way only you will remember - e.g.
“FaRsigHTdrIVEr3728”.
 Connector or more words with one or more symbols - e.g. "seat%tree"

Changing your password

 Once again, the importance of changing your password on a regular basis cannot be
overstated. The same password should never be used for more than a month, though in some
cases should probably be changed at least every two weeks.
 If you have even the slightest suspicion that anyone else may know your password, it is your
responsibility to ensure it is changed immediately. The same applies if you write your password
down at any time and leave it out in the open for even a few seconds.
 Never reuse any password you have used at any time in the past, or a variation thereof.

Protecting your password

 Unless it is appropriately encrypted, you must never store any of your login credentials on a
computer. This includes using the ‘save password’ or ‘keep me logged in’ options, which are to
be avoided at all costs.
 Under no circumstances should you ever tell anyone else your password - or even a colleague
 Do not send your credentials via email, or any other online channel.
 If you absolutely need to write your password down, it needs to be kept confidential and out
of sight at all times. If anyone has the chance to glance at it, your password needs to be
changed.
 Never
enter your password when you may be in view of someone else at the time.

The more complex and difficult to guess a password is, the trickier it becomes to memorise it.
However, there are things you can do to ensure you don’t forget your password, such as:
 Use a secure password manager.
 Repeat each new password to yourself several times when assigning it.
 Choose passwords that mean something important to you, but mean nothing to anyone else.

Bad Examples
Each of the following represents a password a hacker could easily guess:
 "fred8" - Based on the user’s name, also too short.
 "christine" - The name of the user’s girlfriend, easy to guess
 "kciredref" - The users name backwords
 "indescribable" - Listed in a dictionary
 "iNdesCribaBle" - Adding random capitals alone doesn't make it safe.
 "gandalf" - Listed in word lists
 "zeolite" - Listed in a geological dictionary
 "qwertyuiop" - Listed in word lists
 "merde!" - Listed in a foreign language dictionary

Good Examples
A good password isn’t difficult to assign. It’s simply a case of coming up with something you’ll
remember that nobody else would be able to guess, such as the following:
 "IwAwfF2C5885” - I wait all week for Friday to come, followed by four numbers.

How would a potential hacker get hold of my password anyway?

For the professional cyber criminal, getting hold of a password isn’t particularly difficult. The
four most common ways of doing so being as follows:
1. Steal it. It’s important to remember that you really never know who might be looking over
your shoulder at the time. It’s also worth remembering that cyber criminals these days are often
armed with devices with enormous zoom functions, meaning they could be watching every key
you press when you’re entering your username and password.
2. Guess it. You’d be surprised how easy it is for professional cyber criminals to simply guess
other people’s passwords. This is because there are common trends among certain age groups,
demographics, locations and so on - hence the criticality of 100% unique passwords.
3. A brute force attack. This refers to instances where software is used to repeatedly attempt to
Cyber Security Course Page | 10
gain entry to a system by trying different passwords, over and over again. Often, hundreds of
thousands of attempts per minute.
4. A dictionary attack. Similar to a brute force attack, this is where specialist dictionaries
containing hundreds of thousands of words, technical terms, foreign language words and so on
are used to automatically force entry to a system. Again, it’s simply a case of bombarding the
system with entries, until the correct password is found.

Alternative text……

Examples of weak passwords

 Any word that can be found in a dictionary, in any language (e.g., airplane or
aeroplano).

 A dictionary word with some letters simply replaced by numbers (e.g., a1rplan3 or
aer0plan0).

 A repeated character or a series of characters (e.g., AAAAA or 12345).

 A keyboard series of characters (e.g., qwerty or poiuy).

 Personal information (e.g., birthdays, names of pets or friends, Social Security

number, addresses).

 Anything that’s written down and stored somewhere near your computer.

Tips for keeping your password secure

 Change it regularly—once every three to six months.

 Change it if you have the slightest suspicion that the password has become known by
a human or a machine.

 Never use it for other websites.

 Avoid typing it on computers that you do not trust; for example, in an Internet café.

 Never save it for a web form on a computer that you do not control or that is used by
more than one person.

 Never tell it to anyone.

 Never write it down.