Final
The John S. and James L. Knight foundation awarded 50 million dolls of new funding to 11 Universities in order to research
How social media can influence education
Overseas Money Transfer Scam
This type of scam is specifically tricky, where the scammer sends you money under a guise of payment. Once a device is compromised, hackers have access to everything on it: contact, emails, passwords, photos, and any other information. To make matters worse, they can also leave victims with costly bills.
Cyber-enabled Crimes
Traditional crimes which can be increased in scale or reach by the use of computers, computer networks or other forms of ICT (such as cyber-enabled fraud and data theft).
Data Encryption
Translates data into another form, or code, so that only people with access to a secret key (formally called a decryption key) or password can read it.
Revenge Porn and Sextortion can have devastating impact on the victims which include
psychological distress, anxiety, depression, suicide
Wide Area Network (WAN)
Connect networks in larger geographic areas, such as Florida, the United States, or the world. Dedicated transoceanic cabling or satellite uplinks may be used to connect this type of global network.
Campus Area Network (CAN)
A computer network made up of an interconnection of local area networks (LANs) within a limited geographical area. The networking equipment (switches, routers) and transmission media (optical fiber, copper plant, Cat5 cabling etc.) are almost entirely owned by the campus owner.
IT Risks
Any type of risk interconnected to information technology. The possibility that a given threat will make use of the vulnerabilities of an asset and thus cause damage to the organization. Evaluating the possibility of the prospect of several sorts of incidents with their projected effects that occur is a great way to evaluate IT risks.
In what year was ARPNET turned on?
1969
A major difference between a LAN and a WAN is that
A WAN connects larger geographic areas
Metropolitan Area Network (MAN)
A computer network that interconnects users with computer resources in a geographic area or region larger than that covered by even a large local area network (LAN), but smaller than the area covered by a wide area network (WAN). The term is applied to the interconnection of networks in a city into a single larger network (which may then also offer efficient connection to a wide area network). It is also used to mean the interconnection of several local area networks by bridging them with backbone lines.
Data Breaches
A data breach is a theft of data by a malicious actor. Motives for data breaches include crime (i.e. identity theft), a desire to embarrass an institution (e.g. Edward Snowden or the DNC hack) and espionage.
Symmetric Encryption
A form of encryption that involves only one key for to both encrypt and decrypt the data. The entities communicating via a symmetric data encryption must be able to exchange the key between them so that it can be used in both the encryption and decryption process.
Hacking
A form of intrusion targeted at computers, including mobile phones and personal tablet devices. It is the unauthorized use of, or access into, computers or networks by exploiting identified security vulnerabilities. Can be used to gather personal data or information of use to criminals to deface websites; or launch DoS or DDoS attacks.
Ransomware
A form of malware that confines your right to use to your computer and exhibits a message that request payment in order for the restriction to be detached. It is a malicious software from crypto-virology that impends to publish the victim's data or continually block access to it except a ransom is paid.
Spear Phishing
A more sophisticated form of phishing where the attacker learns about the victim and impersonates someone he or she knows and trusts.
Local Area Network (LAN)
A network that is confined to a relatively small area. It is generally limited to a geographic area such as a writing lab, school, or building.
Encryption
A process that encodes a message or file so that it can be only be read by certain people. Encryption uses an algorithm to scramble, or encrypt, data and then uses a key for the receiving party to unscramble, or decrypt, the information. The message contained in an encrypted message is referred to as plaintext. In its encrypted, unreadable form it is referred to as ciphertext.
RootKit
A program or, more often, a collection of software tools that gives a threat actor remote access to and control over a computer or other system. While there have been legitimate uses for this type of software, such as to provide remote end-user support, most rootkits open a backdoor on victim systems to introduce malicious software, such as viruses, ransomware, keylogger programs or other types of malware, or to use the system for further network security attacks.
RSA
A public key encryption algorithm, this is one of the most commonly-used tools for sending encrypted data over the internet. It's used in key protocols like PGP and is regarded as very tough to break.
Point-to-Point Tunneling Protocol (PPTP)
A standard that was developed by Microsoft, 3Com, and other large companies to provide encryption. Microsoft has added it to Windows 98 and later releases. This made it seem a likely candidate to be the major standard for widespread encryption technology, but some major flaws were discovered in PPTP, which limited its acceptance.
Internet of Things (IoT)
A system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.
Spear phishing involves
A targeted attack toward one specific individual
Mousetrapping
A technique used by some websites to keep visitors from leaving their website, either by launching an endless series of pop-up ads—known colloquially as a soggy biscuit—or by re-launching their website in a window that cannot be easily closed (sometimes this window runs like a stand-alone application, and the taskbar and the browser's menu become inaccessible). Many websites that do this also employ browser hijackers to reset the user's default homepage.
Scareware
A type of malware designed to trick victims into purchasing and downloading useless and potentially dangerous software. It generates pop-ups that resemble Windows system messages. The messages typically say that a large number of problems such as infected files have been found on the computer and the user is prompted to purchase software to fix the problems.
Wireless Local Area Network (WLAN)
A wireless computer network that links two or more devices using wireless communication within a limited area such as a home, school, computer laboratory, or office building. This gives users the ability to move around within a local coverage area and yet still be connected to the network. Through a gateway, a WLAN can also provide a connection to the wider Internet.
In 2001 NIST set out an open competition in search of a new algorithm. Which one was the winner?
AES
The first network was developed in 1969 by
ARPANET
Cipher
An algorithm used for encryption or decryption. It is a set of steps that are followed as a procedure to encrypt information. There are two main types block ciphers and stream ciphers.
Wi-fi Eavesdropping
An electronic attack where digital communications are intercepted by an individual whom they are not intended. This is done in two main ways: Directly listening to digital or analog voice communication or the interception or sniffing of data relating to any form of communication.
Layer Two Tunneling Protocol (L2TP)
An industry-developed protocol, endorsed by Microsoft and Cisco. Although used frequently in hardware-based encryption devices, its use in software is relatively limited.
Which one is NOT a possible disadvantage of social networks
Awareness and activism
Communication
Better communication is possible over a network of interconnected devices, making the communication of devices more transparent, which reduces inefficiencies. Processes, where machine have to communicate with each other, are made more efficient and produce better, faster results. The perfect example for this is machinery at a manufacturing or production unit.
A major drawback of IoT includes
Better productivity
Symmetric keys are often used when
Both end users share the same key
Every IoT device that is connected to the internet
Can be hacked
Consequences of cybercrime include
Commercial losses and public relation problems
Internal Communications
Computer networking allows organizations to maintain complex internal communications systems. Network email can be instantaneously delivered to all users, voice mail systems can be hosted via network and made available system-wide. Collaborative scheduling software and program management tools allow employees to coordinate meetings and work activities that maximize effectiveness, while also notifying managers and co-workers of plans and progress.
Resource Sharing
Computer networking allows sharing network resources, such as printers, dedicated servers, backup systems, input devices and Internet connections. By sharing resources, unique equipment like scanners, color printers or high-speed copiers can be made available to all network users simultaneously without being relocated, eliminating the need for expensive redundancies.
Compatible Standards
Connected objects need to be able to speak to each other to transfer data and share what they are recording. If they all run on different standards, they struggle to communicate and share. The Institute of Electrical and Electronics Standards Association lists a huge number of standards being developed and worked on for different applications.
Network
Consists of two or more computers that are linked in order to share resources (such as printers and CDs), exchange files, or allow electronic communications. The computers on a network may be linked through cables, telephone lines, radio waves, satellites, or infrared light beams.
One of the major drawbacks of using encryption may be
Cost
Cyber-dependent Crimes
Crimes that can be committed only through the use of Information and Communications Technology (ICT) devices, where the devices are both the tool for committing the crime, and the target of the crime.
Drones offer farmers a cost saving solution to
Crop tracking
Triple Data Encryption Standard (DES)
Developed to replace the original Data Encryption Standard (DES) - one of the first modern encryption tools - Triple DES is a symmetric standard, using three 56-bit encryption keys. It's slowly being phased out in favor of more secure tools, but is still common.
Some of the benefits of computer networking include
Ease of administration, reduce IP use and Redundancy
The following are important contributions made by female code-breakers
Helped unravel address codes used by the Japanese army, Helped break a network of Nazi spies in South America, Uncovered a crucial pattern to break he Japanese "purple" cipher.
When conducting a forensic investigation, the device analysis shall be completed
In a controlled restricted access laboratory
A common practice by organizations following a cyber attack is
Increase security training
Which of the following is not an advantage of IoT
Increased privacy
IoT devices offer
Interoperability
Denial-of-service
Involves cybercriminals blocking individuals from accessing legitimate websites and services. Normally achieved by bombarding the websites/services with an enormous number of fabricated requests (e.g., page visits), which causes legitimate requests to be dropped or the organizations websites/services to crash under the load.
Hashing
Involves replacing the contents or summary of a file with a fixed-length value based on a mathematical formula. It's often considered an encryption method, but this isn't entirely accurate, as there are a few important differences. A key feature of hashing is that the data is not intended to be decrypted, so the process should ideally be irreversible. Instead, it is used as a verification method.
Attacks on IoT Devices
IoT devices like industrial sensors are vulnerable to multiple types of cyber threats. These include hackers taking over the device to make it part of a DDoS attack and unauthorized access to data being collected by the device. Given their numbers, geographic distribution and frequently out-of-date operating systems, IoT devices are a prime target for malicious actors.
A major benefit of a VPN is that
It provides encrypted traffic between two nodes
Trojans
Malicious computer programs that present themselves as useful, routine, or interesting in order to persuade a victim to install it. This malware can perform functions, such as stealing data, without the user's knowledge and may trick users by undertaking a routine task while actually undertaking hidden, unauthorized action.
Asymmetric encryption
Means that keys come in pairs. This means that you have two keys, one key encrypts and the other decrypts. Often, the keys are interchangeable, but this is not always the case.
Private Key (or Symmetric Key)
Means that the encryption and decryption keys are the same. The two parties must have the same key before they can achieve secure communication.
Public Key
Means that the encryption key is published and available for anyone to use. Only the receiving party has access to the decryption key that enables them to read the message.
Lieutenant Rocherfort and a team of code breakers assisted in which battle
Midway
Malware on Mobile Apps
Mobile devices are vulnerable to malware attacks just like other computing hardware. Attackers may embed malware in app downloads, mobile websites or phishing emails and text messages. Once compromised, a mobile device can give the malicious actor access to personal information, location data, financial accounts and more.
Mobile Security
Mobile phones are one of the most at-risk devices for cyber-attacks and the threat is only growing. Device loss is the top concern among cybersecurity experts. Luckily, there are tools that lock all use of mobile phones (or enact multi-factor passwords) if phone loss occurs.
The [ ] prepares and sends data, receives data, and controls the flow of data.
NIC
File and Data Sharing
Sharing files instantaneously across the network, whether with one user or with hundreds. Employees across departments can collaborate on documents, exchange background material, revise spreadsheets and make simultaneous additions and updates to a single central customer database without generating conflicting versions.
Ease of Administration
Network systems allow the IT professional to maintain uniform versions of software, protocols and security measures across hundreds or thousands of individual computers from one IT management station. Instead of individually upgrading each computer in a company one at a time, a network administrator can initiate an upgrade from a server and automatically duplicate the upgrade throughout the network simultaneously, allowing everyone in the company to maintain uniform software, resources and procedures.
Data Protection and Redundancy
Networking computers together allows users to distribute copies of important information across multiple locations, ensuring essential information isn't lost with the failure of any one computer in the network. By utilizing central backup systems both on- and off-site, unique documents and data can be gathered automatically from every computer in the network and securely backed up in case of physical computer damage or accidental deletion.
Man-in-the-Middle Attack (MitM)
Occur when criminals interrupt the traffic between a two-party transactions. For example, criminals can insert themselves between a public Wi-Fi and an individual's device. Without a protected Wi-Fi connection, cyber criminals can sometimes view all of a victim's information without ever being caught.
The benefits of Care Angel include
Offers guidance to Seniors, Ability to share information with health care providers, Ability to send health alerts to family members
Once a file is encrypted, it is
Once a file is encrypted, it is
Viruses
One of the most well-known types of malware. They can cause mild computer dysfunction, but can also have more severe effects in terms of damaging or deleting hardware, software or file. They are self-replicating programs, which spread within and between computers. They require a host (such as a file) in a computer to act as a carrier, but they cannot infect a computer without human action to run or open the infected file.
Distribution Computing Power
Organizations that demand extraordinary computing power benefit from computer networking by distributing computational tasks across multiple computers throughout the network, breaking complex problems into hundreds or thousands of smaller operations, which are then parceled out to individual computers. Each computer in the network performs its operations on its own portion of the larger problem and returns its results to the controller, which gathers the results and makes conclusions no computer could accomplish on its own.
PlayStation 3 used Elliptic Curve cryptography that was broken by hackers. Why?
Poor implementation by Sony
Algorithm
Procedure that the encryption process follows. The specific algorithm is called the cipher, or code. There are many types of encryption algorithms. The encryption's goal and level of security determines the most effective solution. Triple DES, RSA and Blowfish are some examples of encryption algorithms, or ciphers.
Secure Socket Layer (SSL)
Protocol designed specifically for use on the Web, although it can be used for almost any type of TCP communications. SSL provides data encryption, authentication on both ends, and message integrity using certificates. Most of the time, SSL is used when connecting to a Web server so that we know the information we send it is being protected along the way.
Key
Random string of bits created specifically for scrambling and unscrambling data. These are used to encrypt and/or decrypt data. Each key is unique and created via algorithm to make sure it is unpredictable. Longer keys are harder to crack. Common key lengths are 128 bits for symmetric key algorithms and 2048 bits for public-key algorithms.
A major disadvantage of symmetric keys is that
Same key is used to encrypt and decrypt
Key Logger
Sometimes called a keystroke logger or system monitor, is a type of surveillance technology used to monitor and record each keystroke typed on a specific computer's keyboard. A key logger can record instant messages, email, and capture any information you type at any time using your keyboard, including usernames, passwords, and other personally identifiable information.
The IoT concepts means that we are
Taking all the things in the world and connecting them to the internet
Advanced Encryption Standard (AES)
The algorithm trusted by organizations including the U.S. government. A successor to DES, it offers 128-bit keys, as well as even tougher 192 and 256-bit keys for the most secure encryption. It's considered impervious to all but the biggest brute force attacks and is widely seen as a de facto standard for protecting data.
Cybersecurity
The practice of securing networks, systems and any other digital infrastructure from malicious attacks.
Phishing
The practice of sending malicious communications (usually emails) designed to appear from reputable, well-known sources. These emails use the same names, logos, wording, etc., as a CEO or company to dull suspicions and get victims to click on harmful links. Once a phishing link is clicked, cyber criminals have access to sensitive data like credit card, social security or login information.
Spyware
The primary goal of spy-ware is to extract useful information about users that can then be used by the cyber-criminal for a financial gain. There are numerous instances of such malware found on computers and smartphones.
Social Engineering
The process of psychologically manipulating people into divulging personal information. Phishing is a form of social engineering, where criminals take advantage of people's natural curiosity or trust.
Decryption
The process of switching unreadable cipher text to readable information.
Personal Area Network (PAN)
The smallest and most basic type of network, a PAN is made up of a wireless modem, a computer or two, phones, printers, tablets, etc., and revolves around one person in one building. These types of networks are typically found in small offices or residences, and are managed by one person or organization from a single device.
Frequency Analysis
The study of letters or groups of letters contained in a ciphertext in an attempt to partially reveal the message. The English language (as well as most other languages) have certain letters and groups of letters appear in varying frequencies.
Zero-day Attack
These attacks occur between a network vulnerability announcement and a patch solution. In the name of transparency and security, most companies will announce that they found a problem with their network safety, but some criminals will take this opportunity to unleash attacks before the company can come up with a security patch.
Malware
Used to describe malicious software, including spyware, ransomware and viruses. It usually breaches networks through a vulnerability, like clicking on suspicious email links or installing a risky application. Once inside a network, malware can obtain sensitive information, further produce more harmful software throughout the system and can even block access to vital business network components (ransomware).
Wi-fi Security
Using public Wi-Fi can leave you vulnerable to a variety of man-in-the-middle cyber-attacks. To secure against these attacks, most cybersecurity experts suggest using the most up-to-date software and to avoid password-protected sites that contain personal information. Arguably, the most secure way to guard against a cyber-attack on public Wi-Fi is to use a virtual private network (VPN). VPNs create a secure network, where all data sent over a Wi-Fi connection is encrypted.
In China, one of the biggest mobile payment app is
Denial of Service attack or Distributed Denial of Service Attack (DDoS)
Where an attacker takes over many (perhaps thousands) of devices and uses them to invoke the functions of a target system, e.g. a website, causing it to crash from an overload of demand.
Worms
Worms are also self-replicating programs, but they can spread autonomously, within and between computers, without requiring a host or any human action. The impact of worms can therefore be more severe than viruses, causing destruction across whole networks. Worms can also be used to drop Trojans onto the network system.
What company was affected with the largest data breach?
Yahoo
Access Information
You can easily access data and information that is sitting far from your location, in real time. This is possible because of the network of devices. A person can access any information sitting from any part of the globe. This makes it very convenient for people to go about their work, even if they are not physically present.
Cryptography
a string of characters used within an encryption algorithm for altering data so that it appears random. Like a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it.
The winner of the AARP caregiver challenge app using A.I. technology was
care angel
Many of the advantages of IoT include
cost saving, increased productivity, automation
Among many benefits, AES is
faster
Elliptic curve cryptography is used by most modern phones because of low power and
high security
One of the reasons social media has an addictive quality is
it is adaptive
Computer networks share various resources. Those resources include
printers and storage
What is the main purpose of computer networks?
share resources and data between computer systems
Cryptanalysis
to find weaknesses in them that would allow access to the information without knowing the key or algorithm