Chapter Twelve: Information Systems

¡Supera tus tareas y exámenes ahora con Quizwiz!

steps for how a virus infects a digital device in the correct order

- the virus arrives via email attachment, file download, or by visiting a website that has been infected - an action such as running or opening a file activates th virus - the infection spreads to other computer via infected email, files, or contact with infected web sites - the payload or the component of a virus that executes the malicious activity hits the computer and other infected devices

What percentage of malicious attachments are masked as Microsoft Office files?

38%

recently, TechJury compiled a list of cybersecurity statistics that show the impact of different malware and network attacks. what percentage of cyberattacks are aimed at small businesses?

43%

what percentage of cyberattacks at aimed at small businesses?

43%

what percentage of daily email attachments are harmful for their intended recipient?

85%

what percentage of cyberattacks are launched with a phishing email?

91%

before data security strategies are created, which questions must be answered?

Am I reducing the risk in the most cost-effective way? is this the highest priority security risk? What is the risk I am reducing?

Security risk can be calculated using the following calculation: Risk = Threat x Vulnerability x ______

Asset

a hacker uses software to infect computers, including laptops, desktops, tablets, and internet of things devices. turning each computer into a zombie.

Bot

A group of computers under the control of a hacker is referred to as a_________

Botnet

a group of computers under the control of a hacker

Botnet

Cyberattacks that originate and are executed by foreign governments is called state-sponsored ________

Cyberwarfare

A hacker launches an attack on a network that is designed to interrupt or stop network traffic by flooding it with too many requests. this would be considered a___________

DoS attack

one method organizations are using to deal with the increase in cybersecurity threats and the decrease in the effectiveness of traditional security means is through the use of behavior science in their data and network security policies. One of these methods is called UEBA.

It is true of cybersecurity that observes and records the conduct of computer and network users UEBA uses a variety of different tactics to create a map of pattern behavior including machine learning, statistical analysis, and artificial intelligence UEBA stands for user and entity behavior analytics

The technology that provides a type of firewall protection by hiding internal IP addresses is called___

NAT I(network address transition)

as reported by Andrei Ene, Tiny Banker______(TBT) is one of the worst malware attacks in the last ten years

Trojan

A program that appears legitimate, but executes are unwanted activity when activated is called a_____

Trojan horse virus

the following statements about computer viruses are true?

Viruses can destroy programs or alter the operations of a computer or network a computer virus is software that infects computers and is created using computer code

Developed by cisco and used by firewalls, routers, and computers that are part of a network and are connected to the internet, network ___ translation provides a type of firewall protection by hiding internal IP addresses

address

you are speaking with a friend about how to protect yourself from phishing scams. your friend (who works win cybersecurity) gives you some advice about what to do if you receive a phishing message. which of the following statements would be considered good advice?

banks and credit card companies will never ask you to provide personal information via email messages if you receive a suspicious message, contact the institution that the message was allegedly sent from contact US-CERT

According to Norton, which of the following steps should be taken to defend against rootkits?

be aware of phishing emails don't ignore software updates watch out for drive-by-downloads

Tips to avoid falling victim to a social engineering attack includes which of the following?

be mindful of web searches to make sure you are landing on legitimate sites make sure to research the facts contained in an email message slow down and think about the scenario

One method organization are using to deal with the increase in cybersecurity threats and the decrease in the effectiveness of traditional security means is through the use of______ science in their data and network security policies

behavioral

A________ hat hacker breaks into computer systems with the intent of causing damage or stealing data

black

what type of hacker breaks into computer systems with the intent of causing damaging or stealing data?

black hat hackers

true statements about the state-sponsored cyberwarfare

can be used to send warnings or create conflict between countries, attacks can be directly launched by a foreign government or by a group or individual who has been paid by to execute the attack, originate and are executed by foreign governments

which of the following are considered cybercrimes?

computer hacking, digital identity theft, Trojan horse viruses

Rootkits are typically used to allow hackers to do which of the following?

create a backdoor into a computer remotely control the operations of a computer

According to the Federal Emergency Management Agency which of the following are steps businesses can take to help protect systems, data, and information from natural disasters?

create a business's continuity plan, store data in different areas across the United States, Utilize off-site cloud storage

The deliberate misuse of computers and networks, _____ use malicious code to modify the normal operations of a computer or network.

cyberattack

a deliberate misuse of computers and networks via the internet that uses malicious code to modify the normal operations of a computer or network is called a_____

cyberattack

A crime in which a computer is the object of the crime or is used to commit a criminal offense is called___

cybercrime

reasons a government may choose to get involved in state-sponsored cyberwarfare?

cyberwarfare is often difficult to trace and identify, Cyberwarfare is relatively inexpensive when compared to traditional warfare, Cyberwarefare can cause widespread damage to IT infrastructure

Malware is designed to do which of the following?

destroy data, steal information, incapacitate networks and computers

A DDoS attack is when computers that have been infected by a virus act as "zombies" and work together to send out illegitimate messages creating huge volumes of network traffic. the acronym DDoS stands for______

distributed denial of service

when a hacker gains unauthorized access and control of a network of computers that are connected to the internet

distributed denial of service attack

computer viruses are not frequently disguised as attachments of funny images, greeting cards, or audio and video files

false

Hardware or software used to keep a computer secure from outside threats such as hackers and viruses by allowing or blocking internet traffic is called a______

firewall

Personal software____ are typically included with the operating system and can be configured based on user preference

firewall

what's true about how a trojan infects a computer system

hackers are Trojans to create a backdoor into a user's system which allows them to spy on the computers activities, Trojans are commonly used by hackers to gain access to systems and devices, Trojans are designed using some sort of social engineering tactic

A form of spyware that records all actions typed on a keyboard is called a _______

keystroke logger

true statements about packet sniffers

legitimate sniffers are used for routine examination and problem detection unauthorized sniffers are used to steal information

Malware is short for________

malicious software

Businesses need to take steps to protect computer systems, data, and information from_____

natural disasters

what's true about Trojan malware

often found attached to free downloads and apps, similar to viruses but do not replicate themselves, often used to find passwords & destroy data or to bypass firewalls

social engineering hacks are designed to get a victim to divulge which of the following types of information?

passwords and account information

Activities where white-hat hackers are paid to hack into private networks and applications is referred to as______

penetration testing

The illegitimate use of an email message that appears to be from an established organization such as a bank, financial institution, or insurance company is referred to as______

phishing

which of the following statements correctly describes phishing

phishing is the illegitimate use of an email message that appears to be from an established organization such as a bank phishing scams use legitimate looking email messages to con a user into giving up private information

There are multiple ways ransomware attacks can be launched. which of the following are methods of a ransomware attack can be launched?

phishing, trojan horse

malware that encrypts a computers data, forcing the victim to purchase a decryption code, is called____

ransomware

one version of this type of malware encrypts a victim's data until a payment is made. another version threatens to make public a victim's personal data unless a payment is made. this type of malware is called____

ransomware

true statements about ransomware attacks

ransomware is malware that makes a computers data inaccessible until a ransom is paid ransomware attacks invade computers via Trojan Horse Viruses, worms, or by a user opening a legitimate looking email one of the most popular methods used in ransomware attacks is through phishing

Specialized hardware or software that capture packets transmitted over a network are called packet _____.

sniffers

The use of computers and digital technology to manipulate people so they divulge confidential information such as usernames, passwords account information is called________

social engineering

true statements about keystroke loggers

software based keystroke loggers are often Trojan that is installed without the user's knowledge can be hardware devices and software applications keystroke loggers can record passwords and confidential information

Unlike phishing which does not have a specific target and is designed to reach the maximum amount of people, __________ phishing is precise type of attack

spear

what's true about spear phishing attacks

spear phishing attacks are designed to steal data and some attacks may also be designed to install malicious software on a device spear phishing is a type of email scam that is directly toward a specific person or organization

According to National Institute for Standards ________, once a cybersecurity risk assessment has been conducted and the various questions in the risk assessment have been answered, an organization will be able to decide what to protect

technology

Mohammed is experiencing issues with his work computer. He speaks to the IT department, and they identify various symptoms of a computer virus. Symptoms of a computer virus include:

the operating system may not launch properly, unexpected error messages, critical files may be automatically deleted

true statements about white hat hackers

use the same techniques and tools that are used by illegitimate hackers, the goal of white hat hackers is to find gaps in network security and to test security defenses

which of the following statements about computer virsuses are true?

viruses can destroy programs or alter operations of a computer or network; A computer virus is software that infects computers and is created using computer code

computer experts that attempts to hack into a network to ensure that it is protected against intrusions are called_____

white hat hackers

many organizations hire computer experts who test the security measures of an organizations information systems to ensure they are protected against intrusions. these experts use a variety of techniques including hacking, penetration testing, and vulnerability testing. these types of experts are known as______ hackers

white-hat

Malware is short for malicious software and is designed to steal information, destroy data, impact the operations of a computer or network, or frustrate the user. common types of malware include:

worms, viruses, Trojans


Conjuntos de estudio relacionados

Adult health Urinary/Reproductive EAQs 2

View Set

ISOM 1380 Module 2 Innovation & Society: 2.2 Standards & Dominant Design

View Set

Tener calambre - to have a cramp

View Set

Performance and Discharge of Contracts in Indiana

View Set

ch 14: community and public health and the environment

View Set

Chapter 17: High-Risk Neonatal Nursing Care

View Set