Ch.2 : Overview of computer crime
The use of electronic communications to harass or threaten another person is the definition of: denial of service (DoS) attack. cyberstalking. logic bomb. rainbow table.
Cyberstalking
What is meant by distributed denial of service (DDoS) attack? Correct answer: An attack in which the attacker seeks to infect several machines and use those machines to overwhelm the target system to achieve a denial of service. Malware that executes damage when a specific condition is met The use of electronic communications to harass or threaten another person A broad category of crime that can encompass many different activities, but essentially, any attempt to gain financial reward through deception
An attack in which the attacker seeks to infect several machines and use those machines to overwhelm the target system to achieve a denial of service
Bill is an accountant for a construction firm. He receives an urgent email at 5:30 p.m. on Friday that appears to be from his company's chief financial officer. The email is approving a request for funds to be moved from a corporate account to a personal account for the construction manager. The request is for the funds to be moved immediately so that the manager can purchase equipment needed for a project to be completed over the weekend. Bill notices that the sender's actual email account is from a domain that is not affiliated with the company. What type of attack is likely underway? A SQL injection attack Spyware A denial of service (DoS) attack Phishing
Phishing
_________ is a method used by password crackers who work with pre-calculated hashes of all passwords possible within a certain character space. Rainbow table Phishing SQL injection Denial of service (DoS) attack
Rainbow table is a table of pre-computed hashes. The simplest, but largest, rainbow table is created when software generates tables of all the possible keyboard combinations that could be used for a password and then creates hashes of these passwords.
Windows passwords are hashed and then stored in the __________ on the local machine. /domain/password file SAM file PSDW store Windows Registry
SAM file; When you set passwords on local accounts on Windows machines, the passwords are hashed and stored in the SAM file, which is located in the Windows\ System32 directory.
Which of the following is a denial of service (DoS) attack that includes both Internet Protocol (IP) spoofing and Internet Control Message Protocol (ICMP), resulting in saturating a target with network traffic? Phishing attack Smurf attack Wannacry attack Bounce attack
Smurf attack; uses a combination of IP spoofing and ICMP across three elements: a source site (the attacker), a bounce site, and a target site. The attacker sends a ping from the source site to the broadcast address of the bounce site that has been modified to contain the target site as the source address. When the bounce site responds to the ping, everyone at the bounce site responds to the ping and floods the target site.
Which of the following is not true of cyberstalking? The intent is to target a human victim, not a computer or network. Stalkers are often technically savvy computer criminals. It occurs via social media or email. It involves repeated, threatening behavior.
Stalkers are often technically savvy computer criminals
True or False? A denial of service (DoS) attack typically does not harm data on the target system.
True
True or False? A type of distributed denial of service (DDoS) attack is possible with Voice over Internet Protocol (VoIP) systems by using an automatic dialer to tie up target phone lines.
True
True or False? Email evidence would be useful for investigating cyberstalking but not a denial of service (DoS) attack.
True
True or False? Fraud refers to a broad category of crime that can encompass many different activities, but essentially, it is any attempt to gain financial reward through deception.
True
True or False? In the hacking community, "hacking" means to experiment with a system, whereas in most other contexts, "hacking" means circumventing a system's security.
True
True or False? Macro and polymorphic are categories of viruses.
True
True or False? Spyware is any software that can monitor your activity on a computer.
True
True or False? Spyware used in the workplace to monitor company-owned computer usage is legal.
True
True or False? The act of wrongfully obtaining another person's personal data is a crime, with or without stealing any money.
True
True or False? If an attacker does not spoof a Media Access Control (MAC) address, each packet sent in a denial of service (DoS) attack contains evidence of the machine from which it was launched.
True;
True or False? In a cross-site scripting attack, an illegitimate website allows a legitimate script to act, and deliver content, as if it comes from a legitimate website.
True; In a cross-site scripting attack, a legitimate website allows a malicious script to act, and deliver content, as if it comes from the legitimate website.
Attackers leveraging Structured Query Language (SQL) injection can be thwarted using proper programming techniques that: disallow the use of additional characters to "escape" an application reading them as text and instead process them as an instruction. force applications to return all records where the username and password are blank. bypass validation to allow for stronger security controls. force applications to consistently read true statements as false.
disallow the use of additional characters to "escape" an application reading them as text and instead process them as an instruction.
Aditya is a digital forensics specialist. He is investigating the computer of an identity theft victim. Which of the following is an attack vector that cannot be investigated on the victim's machine? SQL injection Spyware Phishing email Dumpster diving
dumpster diving; a criminal sorts through trash to derive information from documents that helps perpetrate a crime, such as identity theft. A forensic specialist cannot trace evidence of dumpster diving on a computer.
With respect to phishing, a high-quality fictitious email that is intended to steal personal data to conduct identity theft will often leave evidence in what IT system? Email server Company website server Intrusion detection system Workstation firewall
email server; emails arrive at an organization through its email servers, which accept incoming email messages. Quality messages will make it past spam filters and be received by a user through an email client.
Most often, criminals commit __________ to perpetrate some kind of financial fraud. harassment denial of service attacks identity theft cyberterrorism
identity theft; k: Most often, criminals commit identity theft to perpetrate some financial fraud; for example, a criminal might use the victim's information to obtain a credit card.
Malware designed to do harm to a system when some logical condition is reached, often triggered on a specific date and time, is called a: logic bomb. SYN attack. rainbow table. denial of service (DoS) attack.
logic bomb
The attacker's goal when executing a denial of service (DoS) attack is to: render the target system unusable. infect the target system with spyware. commit identity theft. steal corporate data.
render the target system unusable. intention of a DoS attack is to render the target system unusable, thereby preventing legitimate users from accessing the resource. Websites are the most common targets of DoS attacks.
Dean is interested in purchasing picture editing software. He performs an internet search and begins to browse the sites that are returned. He decides on an application to purchase and finds a website advertising the software for 90% off the retail price. Further research reveals that the site Dean is visiting is known for selling illegal copies of applications. What type of cybercrime is the company likely committing? Phishing Denial of service (DoS) attack Distributed denial of service (DDoS) attack Data piracy; is the distribution of illegally copied intellectual property. If a website is offering software at an exceedingly low price, it is likely that the software is being sold illegally.
Data Privacy
True or False? A logic bomb distributed randomly by a Trojan horse is reasonably straightforward to investigate.
False A logic bomb created by a disgruntled employee, versus distributed randomly by a Trojan horse, is reasonably straightforward to investigate.
True or False? Ophcrack uses cross-site scripting to crack passwords.
False Ophcrack boots to a Linux Live CD and then scans its rainbow table searching for password matches.
True or False? Identity theft refers to any software that monitors activity on a computer.
False Spyware is software that monitors activity on a computer.
True or False? Hackers break into computer systems and steal secret defense plans of the United States. This is an example of a virus.
False this is an example of cyberterrorism.
True or False? Viruses are difficult to locate but easy to trace back to the creator. True
False'; Viruses are easy to locate but hard to trace to the creator.
True or False? The term "logic bomb" refers to a set pre-calculated hashes used for cracking passwords.
False; A rainbow table is a set of pre-calculated hashes.
True or False? The process of connecting to a server and the exchange of three packets is referred to as cross-site scripting.
False; A three-way handshake involves the exchange of three packets.
True or False? Malware that executes damage when a specific condition is met is the definition of a Trojan horse.
False; Malware that executes damage when a specific condition is met is the definition of logic bomb.
True or False? The Tribal Flood Network (TFN) is one of the most widely deployed viruses.
False; TFN is a distributed denial of service tool.
_____ is defined as any attempt to gain financial reward through deception. Cyberterrorism Fraud Identity theft Hacking
Fraud Fraud is a broad category of crime that can encompass many different activities. Essentially, any attempt to gain financial reward through deception is fraud.
Which of the following are subclasses of fraud? Hacking and cyberterrorism Investment offers and data piracy Investment offers and cyberstalking Cross-site scripting and data piracy
Investment offers and data piracy
How is cyberterrorism different from other cybercrimes? Attacks are motivated purely by financial gain. It always includes a logic bomb. It is investigated by federal law enforcement. It is never leveraged by spyware programs. Feedback
It is investigated by federal law enforcement.
The main purpose of __________ is to prevent legitimate users from being able to access a given computer resource. identity theft a phishing attack a denial of service (DoS) attack a logic bomb
a denial of service (DoS) attack
What is the name of a type of targeted phishing attack in which the criminal targets a high-value target, such as a senior company executive? whaling spoofing DoS attack
whaling Whaling is a phishing attack in which the criminal identifies a specific high-value target. For example, the criminal may want to obtain credentials associated with a high-ranking C-suite member at a company, such as the CIO or CTO. The attacker may first research the target using social media platforms, such as LinkedIn, to personalize the phishing attack. The attacker may focus the content of the phishing email on a particular hobby or interest identified from that research. In this way, the emails are specific and thus more likely to look legitimate to the recipient.