Understanding IT Security and Cryptography

Phishing is a common IT security threat that deceives individuals into providing sensitive information, often through fake emails or websites. It specifically targets personal data, making it the correct answer.

The correct answer is 'Denial of Service' (DoS), which is a network-based threat that floods a system with excessive traffic, rendering it unavailable to users. Other options like spyware and ransomware serve different malicious purposes.

The primary goal of information security is to protect data confidentiality, integrity, and availability, ensuring that sensitive information is safeguarded against unauthorized access, alteration, and loss.

The General Data Protection Regulation (GDPR) is a key legal requirement in the UK that mandates strict data protection and privacy measures, directly impacting the security of IT systems handling personal data.

A security breach can lead to significant loss of customer trust, as clients may feel their data is not safe. This often results in financial loss due to decreased sales and potential legal costs, making it the most impactful consequence.

Confidentiality is the principle that ensures only the intended recipient can read a message, protecting it from unauthorized access. This is crucial for secure communication.

Symmetric encryption uses the same key for both encryption and decryption, making it efficient for secure data transmission. In contrast, asymmetric encryption uses a pair of keys, and hashing is a one-way function, not for encryption.

Online banking uses cryptography to secure transactions and protect sensitive information, ensuring that users' financial data remains confidential and safe from unauthorized access.

Encryption is the technique used to protect data by converting it into a secure format, making it unreadable to unauthorized users. Compression, fragmentation, and defragmentation do not provide data security.

Firewalls are effective in preventing unauthorized access to or from a private network, acting as a barrier between trusted and untrusted networks. They do not eliminate all threats or increase data transmission speed.