Cyber Security Chapter 4, 5, 6, 7
. Which of the following was NOT identified as one of the main forms of international threats?
hacking or spying on city and local governments
Threats of Insiders
insiders steal data
The least common but most costly is ______ insider threat.
malicious
Which of the following was NOT identified as a type of personal information that is sought out by identity thieves?
telephone number
Access to the Internet, sexual deviance and antisociality have been found to be main explanatory factors of Internet-based child pornography offenses.
true
Syrian Electronic Army (SEA)
-Established in 2011 -Created protest against the Assad regime -Mainly targeted oppositional groups to collect information by using malware and trojan horses
Cyberwarfare
-More than 40 nation states have declared their intention to develop cyberwarfare capabilities -
Which of the following
Criminals directly ask the victim for their personal information.
. Which of the following laws does NOTapply to hackers?
Hackers are evil people.
Recover
Helping ppl return to normal, include development, coordination
______ refers to all types of crime in which someone wrongfully obtains and uses another person's personal data in some way that involves fraud or deception, typically for economic gain.
Identity theft
Which of the following characteristics of hackers is NOTtrue?
The members meet each other quite often.
Nation State threats by region
There is much distrust between nation states with regard to political goals and the use of cyber attacks
Botnets typically infect computers via ______ or drive-by-downloads.
USBs
Denial of service attack
a cyber attack in which an attacker sends a flood of data packets to the target computer, with the aim of overloading its resources -COMPROMISE AVAILABILITY OF SYSTEM
. In 1998 Congress passed the Assumption Deterrence Act making identity theft ______.
a felony crime
Economic Cyber Espionage
an actor knows his actions will benefit any foreign government 1)steals by deception 2)duplicate trade secret without authorization 3)receives a trade secret knowing that trade secret has been stolen
Groups with displeasure of government are often motivated by all of the following EXCEPT______.
aristocracy
According to the text, which of the following entities are considered a special target for botnets?
banks and financial institutions
A ______ refers to persons who attempt unauthorized access to a control system device and/or network using a data communications pathway.
cyberthreat
Edward Snowden, an American computer professional
decrypt your phone calls and text messages
. Cyber terrorism attacks often take the form of ______.
denial-of-service attacks
. According to the text, logic bombs are typically installed by outsiders of an organization or corporation.
false
According to the text, cybercrime only has one layer.
false
. Hackers who are motivated by financial gains and who conduct both bad and ethical hacking are referred to as ______.
gray hats
The most serious insider cybercrimes include all of the following EXCEPT______.
harassment
Subversion of intrusion detection systems
hidden software that create a "backdoor" known only to the hacker. system can be accesses at anytime without being noticed
Mitigate
improved surveillance to disrupt activity and apprehend perpetrators
. According to the text, cyberthreats originate mainly from all of the following entities EXCEPT______.
local governments
Threats that originate from inside the company or organization are referred to as ______.
local threats
Botnets use ______ architecture in which each workstation has the same capabilities and responsibilities.
peer-to-peer
According to the text, phishing scams typically target ______.
personal information
. All of the following are examples of social engineering EXCEPT______.
spam
Lone Wolf Terrorism
terrorist acts committed by a single individual or a single individual assisted by a small number of other people
. Advanced hackers are typically motivated by financial or political goals.
true
Hacktivists engage in political action against a certain person, group, or even nation-state. Nation-states are mainly engaging in political and economic espionage.
true
National threats originate from individuals inside the United States, aiming to attack local or national governments and infrastructures
true
The negative connotation of the word hackercould be defined as "a malicious meddler who tries to discover sensitive information by poking around. Hence password hacker, network hacker. The correct term for this sense is cracker."
true
low probability that the criminals will get caught and convicted and public exposure are some of the reasons as to why so few victims report the crimes.
true
Line of sight device
use devices that disable digital circuits at long range
typically work independently to expose security vulnerabilities or practices that endanger individuals' private data.
. Gray hats
. Which of the following countermeasures recommends that companies must complete regular data backups?
. complete regular updates
According to national surveys, ______ are the second greatest threat to a company's cybersecurity, only trumped by hackers
. insiders
Which of the following are considered small programs or sections of a program triggered by some event such as a certain date or time, a certain percentage of disk space filled, or the removal of a file?
. logic bombs
Rutgers State University DDos attack
-Online platforms shutdown -classes cancelled -cant submit assignments
Cyberintelligence
-The collection and analysis of information that produces timely reporting, with context and relevance to a supported decision maker -Relies on data collection about events or incidents relevant to issues in the cyber domain, especially cyber security -Reduces the uncertainty about planned attacks and enables a timely and efficient implementation of cyber security policies
Cybersabotage
-The invention of cyberspace has changed the face of sabotage by changing tools, techniques, and strategies of sabotage acts - hampering -Can accomplish goals that would typically require force or violence
Al qaeda
-Vocal in their plans to incorporate technology into their future attacks -Likely to target those infrastructures that are most vulnerable to cyberattacks -Recruits ppl with computer or internet experience
Cyberespionage
-the varrying geographic masking methods increase anonymity making it difficult to assign blame to a certain actor
The Identity Theft Resource Center estimates that it takes on average ______ hours to repair the damage of identity theft.
. 600
______ is defined as a collection of infected machines worldwide that receive commands and perform some illegal actions such as distributed denial of service attacks, among others.
. A botnet
. The ______, an underground web, allows offenders to stay anonymous and undetected, as these are not traceable by police.
. Dark Net
______ is defined as unsolicited commercial e-mail that includes any commercial emails addressed to a recipient with whom the sender has no existing business or personal relationship and not sent with the consent of the recipient.
. Spam
. The intentional, aggressive behavior toward another person that is performed through electronic means is also known as ______.
. cyberbullying
Threats to cybersecurity originate from all of the following sources EXCEPT ______.
. individual
. Human behavior that departs from compliance with established policies, regardless of whether it results from malice or a disregard for security policies, is the manifestation of a/an ______ threat.
. insider
Per the 1998 Assumption Deterrence Act, the text identified all of the following types of punishment EXCEPT______.
. probation
. According to the Federal Trade Commission, all of the following are ways that consumers can prevent identity theft EXCEPT ______.
. using easy passwords
Asset Value Assessment
1) What the value of the potential target is 2) How would contact with target be made
Homeland Security Presidential Directives
1) asset value assessment 2) threat assessment 3)vulnerability assessment
NARUC identified 8 targets vulerable to cyberterror attack
1) communication 2) electronic power system 3) gas and oil 4) bank 5) transportation 6) water supply systems 7) emergency services 8) governmental services
Cyberterror attacks may be conducted in a variety of ways including
1) destroy machines through computer manipulation 2) interfering with info technology 3)using computers to override control systems, including power plants and dams
Threat Assessment
1) existence 2) capability 3) history 4) intention 5) targeting
. One of the most persistent threats for the United States in terms of cyberattacks originates in ______.
China
prepare
Continuing process, efforts to identify threats, determine vulnerabilties
. Hackers who are motivated by personal gain or a certain cause are often referred to as ______.
black hats
The "bad guy" hackers are known as ______.
black hats
flood attacks
concentrated effort to overwhelm the computer system with connection requests
Cyberterrorism
convergence of terror and cyberspace
The use of computer networks and technologies as a means for conducting attacks that target critical national infrastructures or governmental assets has a psychological, social, political, or religious motive, causes harm to individuals or groups, or physically damages infrastructures is referred to as ______.
cyberterrorism
The posting of harassing messages aiming to cause harm to the victim is also known as ______.
denigration
. All of the following were identified as vulnerable infrastructures EXCEPT______.
education
. Hackers with their abilities to research vulnerabilities in software products and disclose them to companies that developed the software are known as ______.
ethical hackers
Vulnerability assessment
examines weakness in the target and tries to address how to mitigate the weakness
People who are "tricked" by others into giving up access information or information about themselves to an external party are known as ______ insiders
exploited
. Some of the most common insider cybersecurity crimes are cyberbullying and cyberharassment.
false
According to the Federal Trade Commission, using security software on your computer, such as antivirus, anti-spyware, and a firewall, does not help prevent identity theft.
false
International threats are those that originate from inside the company or organization.
false
Malicious insiders may delete or expose sensitive information by incident—either by pressing a wrong key or by other errors.
false
Using the same password for several accounts does not make it easy for thieves to steal a victim's information.
false
. Which of the following is NOT considered a main type of insider threat?
feared
. The exchange of insults in a public setting, such as a bulletin board or chat room, is known as ______.
flaming
Consumer crimes that include identity theft, phishing scams, and spam fall within which of the following categories?
fraud and financial crimes
Political cyber Espionage
gain access to sensitive information -motivated by collection of sensitive information from United States government
In 2015, the most common crime reported to the Federal Consumer Commission was ______.
identify theft
Which of the following countermeasures helps prevent e-mail spoofing, that is, the forgery of an e-mail header to make it appear as if it is coming from a friend or employee?
implement message authentication
respond
implement policies for federal, state, local and private sector support. Actions to preserve life, property, and the environment
. Which of the following is NOT a behavior/method that falls under the category of cyberbullying?
inclusion
. The Internal Revenue Service uses which of the following methods to contact a taxpayer?
According to the text, human trafficking consists of all of the following elements EXCEPT ______.
outcome
worm programs
slow down computer systems by taking up significant resources for their self replication
. Consumer crimes are deceptive practices that result in financial or other losses for consumers in the course of seemingly legitimate business transactions
true
Commercial e-mail is defined as any electronic mail message the primary purpose of which is commercial advertisement or promotion of products or services.
true
Insiders are people who are current or former employees of a company, contractors, or friends of employees.
true
Mail-order-brides typically come from developing countries and countries where women don't see the possibility of developing their full potential.
true
Phishing is also referred to as "brand spoofing" or "carding."
true
Social engineering is any act that influences a person to take an action that may or may not be in his or her best interest.
true
Using two-factor identification is recommended for protecting private information, such as using a password and a fingerprint or other physical device.
true
