Chapter 3 Review

Sends spoofed messages across a LAN to link a criminal's physical address with the logical address of an authorized member of the network.

ARP spoofing

modifies a domain naming server to reroute a specific domain name to a different logical address controlled by the criminal.

DNS server spoofing

Internet Protocol packets are sent from a spoofed source address to disguise itself.

IP spoofing

Occurs when one computer accepts data packets based on the physical address of another computer.

MAC address spoofing

The attacker sends a packet to the host that it is unable to process. It could be full of errors or improperly formatted. This will cause the device to run slowly or crash entirely.

Maliciously Formatted Packets

the device is overloaded by an overwhelming amount of data sent by the attacker. The system is not able to handle it and will either greatly slow down or even crash.

Overwhelming Quantity of Traffic

Directing users to a fake website that appears to be official

Pharming

Text messaging

Smishing

Recorded messages that appear legitimate

Vishing

Spoofing calls from legitimate sources using voice over IP (VoIP)

Vishing

High profile targeting

Whaling

The ____ - ____ ____ ____ is an industry association focused on eliminating the identity theft and fraud that result from phishing and email spoofing.

anti phishing working group

An _____________ is a deliberate exploitation of a discovered weakness in computer information systems, either as specific targets or merely as targets of ____________.

attack opportunity

An executive opens an infected PDF that looks like an official subpoena.

authority

Network administrators use sniffers to analyze network traffic, identify _________ issues, and troubleshoot other network issues.

bandwidth

A ____ ____ is a container that holds classified or sensitive documents for later destruction by fire.

burn bag

Ransomware holds a computer system, or the data it contains, __________ until the target makes a payment. Ransomware usually works by __________ data in the computer with a key unknown to the user.

captive encrypting

Criminals create websites with fake testimonials that promote a product indicating that it is safe.

consensus

A ________ is any type of offensive maneuver used by cyber criminals to target computer information systems, computer networks, or other computer devices.

cyberattack

Logic bomb triggers can be:

dates times other programs running deletion of a user account

Scareware forges pop-up windows that resemble operating system ____ windows. These windows convey forged messages stating that the system is at risk or needs the execution of a specific program to return to normal operation.

dialogue

Malware is a term used to describe software designed to ________ computer operations, or gain access to computer systems, without the user's ________ or permission.

disrupt knowledge

A ______ download is a program that automatically downloads to the computer when a user visits a web site or views an HTML email message.

drive-by

What is the term associated with going through a target's trash to see what information an organization throws out?

dumpster diving

Methods for dealing with spam include filtering ________, educating the ________about being cautious towards unknown email(s), and using host/server ______.

email user filter

Computer viruses usually spread from:

email attachments removable media downloads off the internet

The most common goal of SEO poisoning is to increase traffic to malicious sites that may host malware or perform social

engineering

Rootkit Privilege ____ takes advantage of programming errors or design flaws to grant the criminal elevated access to network resources and data.

escalation

A Trojan horse binds itself to executable files

false

Cyber criminals succeed by continuously searching for and identifying systems with clear vulnerabilities. Common victims include patched systems.

false

Defending against fast-moving Zero-Day Attacks attacks requires network security professionals to adopt a more simplistic view of their network architecture.

false

Most viruses do not require end-user initiation

false

SEO poisoning uses SEO to make a malicious website appear lower in search results.

false

With MitM users are generally aware that a modification to a messages has occurred.

false

worms require a host program to run

false

People are more likely to do what another person asks if they like that person

familiarity

Scareware persuades the user to take a specific action based on ____.

fear

As Flash-based content grew and became more popular, criminals examined ____ and software, determined vulnerabilities, and exploited Flash Player.

flash plugins

Social engineers often rely on people's willingness to be ____ but also prey on people's weaknesses.

helpful

The term zero ______ describes the moment when someone discovers a zero-day attack.

hour

A criminal, posing as an IRS employee, tells a victim that they owe money to the IRS. The victim must pay immediately through a wire transfer. Failure to pay will result in an arrest. What type of cyber attack is most closely being perpetrated?

impersonation

Spyware is software that enables a criminal to obtain ____ about a user's computer activities.

information

An executive's secretary receives a call stating that her boss is about to give an important presentation, but his files are corrupt. The cybercriminal asks for the files to be sent immediately to him.

intimidation

Spam, also known as ____ mail, is unsolicited email. In most cases, spam is a method of advertising.

junk

A virus is malicious executable code attached to another executable file, such as a ______ program.

legitimate

Phishing occurs when a malicious party sends a fraudulent email disguised as being from a ____, trusted source.

legitimate

A criminal performs a __ - - - __ attack by intercepting communications between computers to steal information crossing the network.

man-in-the-middle

A ________ prevents piggybacking by using two sets of doors. After individuals enter an outer door, that door must close before entering the inner door.

mantrap

Spam may have text with ____ words or strange punctuation.

misspelled

In order to avoid detection, a virus may ______.

mutate

A DoS attack results in some sort of interruption of ________ services to users, devices, or applications

network

Worms are malicious code that replicates by independently exploiting vulnerabilities in ______.

networks

____ is when an attacker calls an individual and lies to them in an attempt to gain access to privileged data.

pretexting

A Trojan horse exploits the ____ of the user that runs it.

privileges

Limit your exposure to SPAM. Try not to display your email address in ____. That includes on blog posts, in chat rooms, on social networking sites, or in online membership directories. Spammers use the web to harvest email addresses.

public

A few common backdoor programs are Netbus and Back Orifice, which both allow _______ access to unauthorized system users.

remote

Piggybacking occurs when a criminal tags along with an authorized person to gain entry into a secure location or a _______________ area.

restricted

Criminals offer a limited opportunity that will not last hoping to spur the victim into taking action quickly

scarcity

SEO Poisoning is short for ____ ____ ____ Poisoning. (one word per blank)

search engine optimization

Spyware often bundles itself with legitimate software or with Trojan horses. Many ____ websites are full of spyware.

shareware

Any sensitive information should be properly disposed of through ______ or the use of burn bags.

shredding

The key to an effective antivirus solution is to keep malware ____ updated

signatures

__________ occurs when attackers examine all network traffic as it passes through their NIC, independent of whether or not the traffic is addressed to them or not

sniffing

Criminals can implement keystroke loggers through __________ on a computer system or through __________ attached to a computer.

software hardware

An attacker requests personal information from you in exchange for a gift. This is an example of __________ for __________ (also known as Quid pro quo).

something something

____ phishing sends customized emails to a specific person. The criminal researches the target's interests before sending the email.

spear

Some adware only delivers advertisements, but it is also common for adware to come with ______.

spyware

An attacker can be in close proximity to his victim or the attacker can use binoculars or closed circuit cameras to shoulder ____.

surfing

Rootkits may modify:

system forensics monitoring tools system files software

A ______ is the possibility that a harmful event, such as an attack, will occur.

threat

Spyware often includes activity ______, keystroke ______, and data capture.

trackers collection

A logic bomb is a malicious program that uses a _________________ to awaken the malicious code

trigger

Ransomware propagates as a ______ horse and results from a downloaded file or software weakness.

trojan

Criminals may have authorized users unknowingly run a ____ ___ program on their machine to install a backdoor program. (one word per blank)

trojan horse

What are the three most common types of malware?

trojan horses worms viruses

A backdoor bypasses normal authentication used to access a system.

true

A browser hijacker is malware that alters a computer's browser settings to redirect the user to unintended websites.

true

A rootkit modifies the operating system to create a backdoor.

true

Always scan email attachments before opening them.

true

Cyber criminals launch offensive maneuvers against both wired and wireless networks.

true

DoS attacks are relatively simple to conduct, even by an unskilled attacker.

true

Keyboard loggers can be legitimate, commercial software.

true

Logic Bombs have the ability to destroy hardware components via forced overheating.

true

Malware has become an umbrella term used to describe all hostile or intrusive software.

true

MitM allows the criminal to take control over a device without the user's knowledge.

true

Most spam comes from multiple computers on networks infected by a virus or worm.

true

Most viruses activate at a specific time or date.

true

Opening an infected file can trigger a virus.

true

Other than an initial infection, worms do not require user participation.

true

Payment through an untraceable payment system is always the criminal's goal with ransomeware.

true

Physical security is important in preventing the introduction of sniffers on an internal network.

true

Spam may looks like correspondence from a legitimate business.

true

Tailgating is another term for Piggybacking

true

Worms usually slow down networks.

true

A "security expert" calls the victim offering advice and having the credentials to back it up.While helping the victim, the criminal discovers a "serious error" that needs immediate attention.

trust

Spoofing is an impersonation attack, and it takes advantage of a ___________ relationship between two systems.

trusted

Criminals establish a deadline for taking action based on a certain price

urgency

A zero-day threat is a computer attack that tries to exploit software vulnerabilities that are unknown or undisclosed by the software _____________.

vendor

A _______ is a weakness that makes a target susceptible to an attack.

vulnerability

An attacker builds a network of infected hosts, called a botnet, The the infected hosts are called _______.

zombies