Starter quiz
- What is the primary purpose of the Data Protection Act 2018?
- to regulate traffic laws
- to protect wildlife
- to improve public transport
- to govern personal data handling ✓
-
- What is social engineering?
- a method to trick people into revealing private data ✓
- a type of software
- a cybersecurity tool
- a form of encryption
-
- What is a name generator attack?
- a method of encrypting data
- a method of collecting personal data through questions ✓
- a way to secure data
- a type of data backup
-
- What is the term for a social engineering technique that involves inventing a scenario to convince someone to hand over data or money?
- 'blagging' ✓
- What is the term for the act of observing someone's private information, such as a PIN or password, by looking over their shoulder?
- 'shouldering' ✓
- Why is electronic data vulnerable?
- It is always encrypted.
- It is stored physically.
- It can be easily duplicated.
- It can be accessed remotely. ✓
-
Exit quiz
- What is illegal hacking in the context of cybersecurity?
- accessing a computer system with permission
- gaining unauthorised access to a computer system ✓
- installing antivirus software
- creating secure passwords
-
- Match the terms with their definitions:
- ethical hacking⇔legally testing the security of a system to protect it from attacks ✓
- hacktivist⇔a person that uses hacking to promote a political or social agenda ✓
- unethical hacking⇔accessing systems or data without permission for malicious purposes ✓
- data theft⇔the unauthorised copying, transfer or retrieval of data from a system ✓
- What does a DDoS attack aim to do?
- improve website performance
- protect user data
- disrupt online services ✓
- enhance cybersecurity
-
- What is the primary difference between a DoS attack and a DDoS attack?
- DoS attacks target multiple systems, while DDoS attacks target a single system.
- DoS attacks are legal, while DDoS attacks are illegal.
- DoS are from a single source, while DDoS are from multiple sources. ✓
- DoS attacks cause permanent damage, while DDoS attacks are temporary.
-
- Order the steps in a typical brute force attack.
- 1⇔identify the target
- 2⇔attempt multiple password guesses
- 3⇔monitor for successful login attempts
- 4⇔gain unauthorised access
- True or false? Unauthorised access to a computer system is considered a crime under the Computer Misuse Act 1990, even if done as a joke.
- True ✓
- False
Worksheet
Loading worksheet ...
Presentation
Loading presentation ...
Video
Lesson Details
Key learning points
- Hacking, in the context of cybersecurity, is gaining unauthorised access to, or control of, a computer system.
- The Computer Misuse Act 1990 defines what is considered as unlawful access to computer systems.
- DDOS attacks can be used to disrupt online services.
- A brute force attack is a trial and error process to gain access to protected resources.
Common misconception
Hacking a computer system of someone you know as a joke is considered legal.
Even if there is no intention to commit a crime by accessing the computer system of someone you know, the fact that the access is unauthorised is considered a crime.
Keywords
Hacking - accessing a computer system without permission
Ddos - Distributed Denial of Service, an attack used to disrupt communication
Brute force attack - accessing a protected resource by repeatedly attempting to guess the key to how it is protected
+