CS449 Study Guide

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

According to the IRS, the domestic US tax gap in 2013 was?

$450 billion

What is the approx. going rate for a zero-day exploit?

$50,000 - $100,000

There is one metadata element that is completely excluded from web metadata standards protocols such as the Dublic Core. What is it?

Authenticity and reliability standards

What was the "payload" of the SCDOR hack?

Email phish bait containing a link to online malware

(T / F) The Federal Government was responsible for the SCDOR hack.

F

(T / F) The perpetrators of the SCDOR hack were the Chinese.

F

(T/F) Evidence used for cyber attribution have to abide by the rules of evidence.

F

(T/F) In general, claims of cyber attribution are testable and repeatable.

F

The label that the author uses to describe the irrational belief in the security of a computing/network system that was not build around a robust security model.

Faith-based security

The Payeck GPS starter interrupt system is used for what purpose?

Financing and used car dealerships can immobilize the car if payments become delinquent

What injections strategies were used in Stuxnet?

Flame platform auto-run exploit through infected USB drives, using four command-and-control servers to update the code and used a .LNK injector

Define criminogenic.

Likely to cause criminal behavior

Name three sources that state sponsors may use to obtain cyber weaponry.

State sponsored agencies, Multimillion dollar greyware market, individual hackers

Have air gaps ever been an effective deterrent to protecting LAN-based computers?

Stuxnet proves that air gaps are ineffective

(T / F) The SCDOR hack used 33 unique pieces of malware and data management utilities.

T

(T / F) The use of rolling code algorithms defeat replay attacks against keyless entry systems.

T

(T/F) Edward Snowden's legacy is that he showed that the public was justified in being suspicious of the government.

T

Why did the Ninth Circuit Court rule that the Operation G-Sting convictions were illegal?

Tampering with OnStar violated the OnStar terms of service

What exactly did OOG/Stuxnet do?

Targeted the S7 software on Windows computers, which regulate S7 controllers used by uranium centrifuges

To what extent was information about the Struts vulnerability known before the attack?

They knew a patch needed to be applied to the Apache software and was supposed to be applied within 48 hours

Was Equifax aware that a patch was available? If so, how much time did they delay in applying the patch?

They knew of the vulnerability 3 months before they were compromised and applied the patch after they were compromised

Name 2 dark web services.

Tor and I2P

Which would be harder to implement, a trollbot or chatbot?

Unlike chatbox texts, trollbot output possesses weaker requirements for coherence and continuity from its context

The OOG/Stuxnet code base shared DNA with what three pieces of malware?

W32.Duqu, Flame, Tilded

Give two examples of a money service business.

Western Union and check cashing services

Name one dark web domain.

.onion

What penalties did the CEO of Equifax receive from the board of directors?

???

What is an air gap?

A computer security measure where the secure network is physically separated from unsecure networks

What was Operation Olympic Games/Stuxnet?

A covert campaign of cyber disruption directed at Iranian nuclear facilities by the US and Israel

What is representative money?

A guarantee by the issuer that the money can be used as legal tender

What was Silk Road?

A site to facilitate the sale of illegal substances and contraband, money laundering and murder-for-hire schemes

What was the nature of the Equifax vulnerability?

A vulnerability in the Apache Struts Server software

What information is in principle accessible to Black Box OBD devices?

Accelerometer, Speed, GPS

Define the visible web.

Accessible by http and indexed by search engines

Define the deep web.

Accessible by http but not indexed by search engines

List two uses of the dark web you find acceptable.

Anonymity and untraceable location

What is a trollbot?

Automated troll

Which is more vulnerable to hacking, a modern mobile phone or a modern automobile's computer system?

Automobile's computer system

List two types of traditional money exchange.

Bank accounts and letters of credit

Name 3 organizations responsible for producing the lion's share of data breaches.

Banks, healthcare organizations and colleges

How is suspicion different than belief?

Beliefs arise in a realm of human understanding where perception and reason are fairly reliable and predictable. With suspicion, there must be an additional assumption that perception is unreliable/incomplete and therefore unreasonable.

Describe the "too big to fail era".

Certain corporations are so large that their failure would be disastrous to the greater economic system, so they must be supported by the government when facing failure

Compare the cognitive load for detection and prevention of trolling vs. deploying trolling.

Cognitive load for detection and prevention is considerable. There's little cognitive load for tribalists.

"Humans tend to be _____ in that they search for the simplest explanation of events consistent with their disposition, biases, and world views."

Cognitive misers

What did the so-called Holder Memorandum outline?

Collateral consequences doctrine

What was the motivation behind the dark web?

Complete anonymity of information exchange

Why was there no Computer Information Security Officer overlooking the Department of Revenue's security practices?

They felt that the $100,000 salary was too expensive

List three uses of disinformation.

Confuse, de-legitimize, intimidate

What are 3 major causes or sources of identity theft and financial fraud?

Credit/debit card fraud, hacks, lost/stolen devices

Bitcoin, Litecoin, Peercoin are examples of?

Crypto currencies

List two types of non-traditional money exchange systems used in money laundering.

Crypto currencies and charities

When people try to attribute some crime/hack/attack to someone else, the first principle should be?

Cui bono - "what agendas are hidden?"

What problem will enable trolls to circumvent legislation against trolling?

Cyber-attribution

What was the educational background of the Equifax CISO?

Degree in Music Composition

What was the educational background of the Equifax CIO?

Degree in Russian History

Define the dark web.

Designed to be concealed from search engines and casual web users

What is the difference between the objectives of disinformation and misinformation?

Disinformation is the intentional planting of false information to conceal truth or deceive. Misinformation is more relaxed regarding intention, concealment and source.

What is the US Government's System of Vulnerabilities Equities Policy and Processes document?

Document that outlines what the government does when it discovers or purchases malware that could affect the privacy and security of its citizens

How did the OOG/Stuxnet attackers cross the air gap?

Earlier Stuxnet version was not internet enabled. It propagated through shared S7 folders on Windows through LAN, USB storage devices, etc.

What is Snowden's legacy? What did he do to incur the wrath of the government?

His leaks deprived the US of plausible deniability

What was the flaw in the Windows Icon Handler within the Windows shell?

IconHandler within the Windows Shell incorrectly parses .LNK files

Trolling is confirmation of a fundamental flaw in the notional roots of the modern Internet-enabled web. What is that flaw?

Ignores any measure of authenticity and reliability

What implications does OOG/Stuxnet have for IoT? For critical infrastructures?

Implications of Stuxnet/Operation Olympic Games on the vulnerability of industrial controllers (ICs) is serious and far reaching. ICs' general purpose applicability means that the exploit potential of the Stuxnet family of malware extends to virtually the entire global infrastructure: transportation, energy, water supply, emergency services, and so on.

What is a zero-day exploit?

It is an unknown vulnerability in software that leaves no opportunity for detection

Is it possible that a forensic investigator might have biometric evidence of a cybercrime conducted by a skilled cyberwarrior? Is it likely?

It is possible, but not likely

Who is the big player in the gray market in cyber-weapons?

NSA ($25 million for covert purchases of software vulnerabilities)

Are credit reporting companies held liable for PII data loss?

No

Has there been any confirmable evidence that identifies the source of the Sony hack?

No

Was the Sony hack "one of the most vicious and malicious cyberattacks that we've known certainly in recent history"?

No

Which of the following would be considered sensitive sources and methods: {file hashes, decompiled but redacted malware, string signatures of malware, file metadata}

None

Which of the following would be considered totally reliable network forensic data: {IP address, MAC address}

None

What vehicle telematics component was exploited by the FBI in operation G-Sting?

OnStar

What is fractional-reserve banking?

Only a fraction of bank deposits are backed by actual cash on hand

What is the name of the tool developed by Samy Kamkar to run replay attacks against keyless entry systems?

OwnStar

Trolling technology is particularly well suited for two models of government. Name them.

Pathocracy and Kakistocracy

What data was leaked in the Equifax breach?

Personal data of 145 million people

What type of computer appliances are "never optimal for security-sensitive applications"?

RF (Radio Frequency)

What did the FBI Director James Comey offer in terms of justification of his accusation?

Regarding how he knew it was North Korea, he said "Trust me."

What is Samy Kamkar's program that offers replay attacks for RF based keyless entry systems that use rolling codes?

RollJam

What is money laundering?

The concealment of illegally obtained money through foreign banks or legitimate businesses

Why are disinformation and trolling expedient ways to manipulate public opinion?

They exploit a human bias toward binary choices

What was the specific attack vector in the Equifax hack?

The parser had incorrect exception handling during file uploads


Kaugnay na mga set ng pag-aaral

Chapter 1: Communication, A First Look

View Set

Lecture 16: Cleavage and Polyadenylation

View Set

Chapter 15: Legal Land Descriptions

View Set

Unit3- Circulation and Hemodynamics

View Set

Macroeconomics Practice Questions

View Set

Benchmark Adelante Unidad 3 Semana 1

View Set