RewritingHEADmaster

1 files changed, 30 insertions, 23 deletions

diff --git a/notes/cyber.tex b/notes/cyber.tex
index efa62ff..08b3f12 100644
--- a/notes/cyber.tex
+++ b/notes/cyber.tex
@@ -5,18 +5,19 @@ networks, and malicious threats and attacks that they are vulnerable
 to.
 
 \section{Threats}
-
-\begin{itemize}
-    \item \textit{Social engineering} involves exploiting people
+  \textit{Social engineering} involves exploiting people
         directly for access or information. \textit{Blagging} involves
         obtaining information through deception or impersonation, such
         as calling someone whilst posing as a friend.
-        \textit{Phishing} is posing as a legitimate organisation to
+
+  \noindent\textit{Phishing} is posing as a legitimate organisation to
         obtain personal information, generally through email.
-        \textit{Pharming} involves a bogus website that imitates a
+
+  \noindent\textit{Pharming} involves a bogus website that imitates a
         legitimate one. \textit{Shouldering} involves watching
         somebody enter their personal information.
-    \item \textit{Malicious code} is code written to do bad. A
+
+  \noindent\textit{Malicious code} is code written to do bad. A
         \textit{virus} does damage on a computer and spreads itself on
         a user's device over the internet. \textit{Spyware} is
         software that monitors, logs, and sends information to the
@@ -26,28 +27,34 @@ to.
         is designed to show the user advertisement and a
         \textit{Trojan} is any malware that poses as a legitimate
         software.
-    \item \textit{Weak passwords} or \textit{misconfigured access
+
+  \noindent\textit{Weak passwords} or \textit{misconfigured access
         rights} may allow an attacker easy access to unauthorised
         data. Access rights would normally restrict certain
         information from certain users.
-    \item \textit{Removable media} such as a DVD or USB flash drive is
-        a vector by which malware can easily spread, particularly when
-        distributed, such as at a public event.
-    \item Unpatched or outdated software may contain vulnerabilities,
-        as well as normal software with recently discovered
-        vulnerabilities which an attacker could exploit.
-\end{itemize}
+
+  \noindent\textit{Removable media} such as a DVD or USB flash drive is
+        a vector by which malware can spread, particularly when
+        distributed, such as at an event
+
+  \noindent\textbf{Unpatched or outdated} software may contain
+  widely known vulnerabilities, which an attacker could exploit.
 
 \section{Threat prevention}
 
-\subsection{MAC Address filtering}
+\subsection{MAC address filtering}
 
-A \textit{MAC Address} is unique to each device. Filtering MAC
-Addresses could mean only allowing authorised devices to connect to
-the network (\textit{whitelisting}) or blocking certain devices from a
-network (\textit{blacklisting}). However, this is bypassable through
-MAC address \textit{spoofing}, where a device can appear to have a MAC
-address other than its own.
+A \textit{media access control address} is unique to each device. Filtering MAC
+addresses could mean:
+\begin{itemize}
+    \item \textit{whitelisting}, or only allowing authorised devices
+    to connect to or
+    \item \textit{blacklisting} which is blocking certain devices from
+        a network.
+\end{itemize}
+However, this is bypassable through MAC address \textit{spoofing},
+    where a device can appear to have a MAC address other than its
+    own.
 
 \subsection{Firewall}
 
@@ -62,8 +69,8 @@ most common form of this is through a username and password. It can
 also be through physical objects such as cards (such as credit card)
 and through biometric methods such as fingerprints.
 
-CAPTCHA (tests that determine if a user is a human, such as by typing
-in a word in strange font) and e-mail verification (where the user
+CAPTCHA (tests that determine if a user is a human)
+and e-mail verification (where the user
 must respond to an e-mail only they could have received) can also be
 used as authentication and to ensure that the user is human and not an
 automated attack.