IST110 ch 3 study

¡Supera tus tareas y exámenes ahora con Quizwiz!

The _________________________ is an industry association focused on eliminating the identity theft and fraud that result from phishing and email spoofing.

Anti-Phishing Working Group

What is the term associated with going through a target's trash to see what information an organization throws out.

Dumpster diving

Bluetooth transmits data in a ________________________________ and can include devices such as mobile phones, laptops, and printers.

Personal area network

__________ phishing sends customized emails to a specific person. The criminal researches the target's interests before sending the email.

Spear

logic bombs triggers can be:

User account deletion Times Dates

An ______[a]_______ is a deliberate exploitation of a discovered weakness in computer information systems, either as specific targets or merely as targets of ______[b]______.

attack, opportunity

Network administrators use sniffers to analyze network traffic, identify __________________ issues, and troubleshoot other network issues.

bandwidth

A _________________ is a container that holds classified or sensitive documents for later destruction by fire.

burn bag

Ransomware holds a computer system, or the data it contains, _____[a]_____ until the target makes a payment. Ransomware usually works by _____[b]_____ data in the computer with a key unknown to the user.

captive, encrypting

To prevent DoS and DDoS attacks, block external Internet _______________ Protocol (ICMP) packets at the network border.

control message

A _________________ is any type of offensive maneuver used by cyber criminals to target computer information systems, computer networks, or other computer devices.

cyberattack

Scareware forges pop-up windows that resemble operating system __________ windows. These windows convey forged messages stating that the system is at risk or needs the execution of a specific program to return to normal operation.

dialogue

When defending against attacks, configure firewalls to _______________ packets from outside of the network that have addresses indicating that they originated from inside the network.

discard any

Malware is a term used to describe software designed to ____[a]____ computer operations, or gain access to computer systems, without the user's ____[b]____ or permission.

disrupt, knowledge

Computer viruses usually spread from:

downloads off the Internet removable media email attachments

A _________________ download is a program that automatically downloads to the computer when a user visits a web site or views an HTML email message.

drive-by

The first computer virus, called __________________________ , was created as a teenager's harmless prank, displaying random messages to users and played subtle tricks when an infected floppy disk was booted

elk cloner

Methods for dealing with spam include filtering ____[a]____, educating the ____[b]____about being cautious towards unknown email(s), and using host/server ___[c]___.

email, user, filter

Systems can prevent falling victim to a replay attack by _____[a]_____ traffic, providing _____[b]_____ authentication, and including a _____[c]_____ with each portion of the message.

encrypting, cryptographic, time stamp

The most common goal of SEO poisoning is to increase traffic to malicious sites that may host malware or perform social _____________.

engineering

Rootkit Privilege ______________ takes advantage of programming errors or design flaws to grant the criminal elevated access to network resources and data.

escalation

An ____________________ attack uses a criminal's access point improved with higher power and higher gain antennas to look like a better connection option for users.

evil twin

t or f A Trojan horse binds itself to executable files

false

t or f Cyber criminals succeed by continuously searching for and identifying systems with clear vulnerabilities. Common victims include patched systems.

false

t or f Defending against fast-moving Zero-Day Attacks attacks requires network security professionals to adopt a more simplistic view of their network architecture.

false

t or f Most viruses do not require end-user initiation

false

t or f SEO poisoning uses SEO to make a malicious website appear lower in search results.

false

t or f The frequency, modulation, and power of an RF jammer needs to be less than that of the device that the criminal wants to disrupt in order to successfully jam the wireless signal.

false

t or f With MitM users are generally aware that a modification to a messages has occurred.

false

Scareware persuades the user to take a specific action based on __________.

fear

As Flash-based content grew and became more popular, criminals examined ___________ and software, determined vulnerabilities, and exploited Flash Player.

flash plugins

Social engineers often rely on people's willingness to be ______________ but also prey on people's weaknesses.

helpful

The term zero _____________ describes the moment when someone discovers a zero-day attack.

hour

A criminal, posing as an IRS employee, tells a victim that they owe money to the IRS. The victim must pay immediately through a wire transfer. Failure to pay will result in an arrest. What type of cyber attack is most closely being perpetrated?

impersonation

Spyware is software that enables a criminal to obtain ________________________ about a user's computer activities.

information

Spam, also known as __________________, is unsolicited email. In most cases, spam is a method of advertising.

junk mail

A virus is malicious executable code attached to another executable file, such as a _____________ program.

legitimate

Phishing occurs when a malicious party sends a fraudulent email disguised as being from a ____________, trusted source.

legitimate

Keyboard logging is a software program that records or ___________ the keystrokes of the user of the system.

logs

A criminal performs a _________________________________________ attack by intercepting communications between computers to steal information crossing the network.

man-in-the-middle

___________________________ takes control over a mobile device. The infected mobile device sends user-sensitive information to the attackers.

man-in-the-mobile

A ______________________ prevents piggybacking by using two sets of doors. After individuals enter an outer door, that door must close before entering the inner door.

mantrap

What is one of the 8 worst 8 computer viruses in history?

melissa virus

Spam may have text with ________________ words or strange punctuation.

misspelled

In order to avoid detection, a virus may _____________.

mutate

A DoS attack results in some sort of interruption of ______________ services to users, devices, or applications

network

Worms are malicious code that replicates by independently exploiting vulnerabilities in ________________.

networks

When establishing Bluetooth pairing, both devices use the same _________________.

passkey

Cyber criminals use a packet sniffer and run WPA2 attacks offline on the ____________________.

passphrase

_________________ is when an attacker calls an individual and lies to them in an attempt to gain access to privileged data.

pretexting

A Trojan horse exploits the _____________ of the user that runs it.

privileges

Try not to display your email address in _______________. That includes on blog posts, in chat rooms, on social networking sites, or in online membership directories. Spammers use the web to harvest email addresses.

public

An attacker requests personal information from you in exchange for a gift. This is an example of ____________________.

quid pro quo

Radio frequency (RF) jamming disrupts the transmission of a __________ or satellite station so that the signal does not reach the receiving station.

radio

A few common backdoor programs are Netbus and Back Orifice, which both allow ________ access to unauthorized system users.

remote

Piggybacking occurs when a criminal tags along with an authorized person to gain entry into a secure location or a _______________ area.

restricted

A __________ access point can also refer to a criminal's access point.

rogue

SEO Poisoning is short for _____________________________ Poisoning.

search engine optimization

Spyware often bundles itself with legitimate software or with Trojan horses.. Many ___________ websites are full of spyware.

shareware

Any sensitive information should be properly disposed of through __________ or the use of burn bags.

shredding

The key to an effective antivirus solution is to keep malware ______________ updated

signatures

___________________________ uses Short Message Service (SMS) to send fake text messages.

smishing

__________________ occurs when attackers examine all network traffic as it passes through their NIC, independent of whether or not the traffic is addressed to them or not

sniffing

The authors of grayware usually maintain legitimacy by including an application's capabilities in the small print of the ____________________________ agreement.

software license

A zero-day threat is a computer attack that tries to exploit software vulnerabilities that are unknown or undisclosed by the ________________________.

software vendor

Criminals can implement keystroke loggers through _____[a]_____ on a computer system or through _____[b]_____ attached to a computer.

software, hardware

Some adware only delivers advertisements, but it is also common for adware to come with _______________.

spyware

An attacker can be in close proximity to his victim or the attacker can use binoculars or closed circuit cameras to shoulder ________.

surfing

A ___________ is the possibility that a harmful event, such as an attack, will occur.

threat

Spyware often includes activity _____[a]_____, keystroke _____[b]_____, and data capture.

trackers, collection

A logic bomb is a malicious program that uses a _______________ to awaken the malicious code.

trigger

Criminals may have authorized users unknowingly run a _______________ program on their machine to install a backdoor program.

trojan horse

Ransomware propagates as a ________________ and is the result of a downloaded file or some software weakness.

trojan horse

t or f A backdoor bypasses normal authentication used to access a system.

true

t or f A browser hijacker is malware that alters a computer's browser settings to redirect the user to unintended websites.

true

t or f A rootkit modifies the operating system to create a backdoor.

true

t or f Cyber criminals launch offensive maneuvers against both wired and wireless networks.

true

t or f DoS attacks are relatively simple to conduct, even by an unskilled attacker.

true

t or f Grayware includes mobile applications that behave in an annoying or undesirable manner.

true

t or f Keyboard loggers can be legitimate, commercial software.

true

t or f Logic Bombs have the ability to destroy hardware components via forced overheating.

true

t or f Malware has become an umbrella term used to describe all hostile or intrusive software.

true

t or f MitM allows the criminal to take control over a device without the user's knowledge.

true

t or f Most spam comes from multiple computers on networks infected by a virus or worm.

true

t or f Most viruses activate at a specific time or date.

true

t or f Opening an infected file can trigger a virus.

true

t or f Other than an initial infection, worms do not require user participation.

true

t or f Payment through an untraceable payment system is always the criminal's goal with ransomeware.

true

t or f Physical security is important in preventing the introduction of sniffers on an internal network.

true

t or f Spam may looks like correspondence from a legitimate business.

true

t or f Tailgating is another term for Piggybacking

true

t or f WPA2 is susceptible to attack because cyber criminals can analyze the packets going between the access point and a legitimate user.

true

t or f Worms usually slow down networks.

true

t or f worms require a host program to run

true

t or f There is no provision for key management with WEP, so the number of people sharing the key will continually grow.

true

Spoofing is an impersonation attack, and it takes advantage of a _____________ relationship between two systems.

trusted

A _______________ is a weakness that makes a target susceptible to an attack.

vulnerability

___________________________________ is a security protocol that attempted to provide a wireless local area network (WLAN) with the same level of security as a wired LAN.

wired equivalent privacy

What are the three most common types of malware?

worms Trojan horses viruses

An attacker builds a network of infected hosts, called a botnet, The the infected hosts are called _______________________.

zombies


Conjuntos de estudio relacionados

Ch. 13: Personal Selling and Sales Promotion

View Set

Sociology Chapter 3: Doing Sociological Research

View Set

Economics Unit 1 (Complementary & Substitute Goods)

View Set

Exam 2 Adult Health, Immune, Musculoskeletal, Neurological Disorders. final

View Set

Changes in family roles and relationships

View Set