BD308 – Cyber Security- Amelia Nurul Mupty-Modul Questions 3

Question

  1. What is the difference between a virus, a worm, and ransomware?
  2. Describe the steps of a typical phishing attack. How can a business train its employees to spot one?
  3. Explain what a Distributed Denial-of-Service (DDoS) attack is and how it impacts business availability?

Answer
1. A virus is a type of malicious software that attaches itself to a legitimate file or program and spreads when the infected file is executed by a user. It usually requires human action to activate and can damage or modify data. A worm is similar to a virus, but it spreads automatically across networks without needing user interaction, often exploiting security vulnerabilities to replicate itself. Ransomware is a type of malware that encrypts a victim’s files or locks their system and then demands a payment (ransom) to restore access. Unlike viruses and worms, ransomware focuses mainly on extorting money from victims.

2. A typical phishing attack begins when an attacker sends a fake email, message, or website link that appears to come from a trusted source, such as a bank or company. The message usually creates urgency, asking the victim to click a link or provide sensitive information like passwords or credit card numbers. When the victim responds, the attacker steals the information or installs malware. To prevent this, businesses should train employees to recognize suspicious emails, check sender addresses carefully, avoid clicking unknown links, and report unusual requests. Regular cybersecurity awareness training and simulated phishing tests can also help employees become more alert and cautious.

3.A Distributed Denial-of-Service (DDoS) attack occurs when multiple compromised computers or devices flood a target server, website, or network with excessive traffic. The large volume of requests overwhelms the system, causing it to slow down or crash. As a result, legitimate users cannot access the service. This directly affects business availability by disrupting online operations, causing financial losses, damaging customer trust, and potentially harming the company’s reputation.

done

Previous Post Previous Post
Newer Post Newer Post

Leave a comment