Midterm 3 Chpts 8.4-8.6

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

A _____ SCAM (or _____ SCAM) is a particular scam where the scammer establishes CONTACT with an individual to HELP with a business transaction like transferring money out of a country, for which the individual will SUPPOSEDLY RECEIVE a LARGE ____.

419 Nigerian Payment

A _____ is an Internet scam where a SELLER RECEIVES an email from a BUYER offering to BUY an item.

Craiglist Scam

_____ involves CONVERTING a message into an UNREADABLE form (______), and converting that message back into a READABLE form (_____), using SECRET conversion techniques that only the SENDER and intended RECEIVER know.

Cryptography Encryption Decryption

A DoS ATTACK using MULTIPLE (distributed) computers is also known as a _____, or ____, attack.

Distributed DoS / DDoS Attack

TRUE or FALSE 1)Depositing a check means payment has been received. 2) Craigslist insures sellers against loss.

False A bank will accept a check that appears reasonable, but learning that the check writer has insufficient funds may take many days. False Craigslist just provides a place for people to list items for sale.

TRUE or FALSE 1)About 10% of spam emails advertising a product result in purchases. 2) Spammers may advertise a legitimate business. 3) The UCSD research study showed that a spam campaign on a particular botnet yielded a total of about $2700 in pharmacy sales in a month. 4) The UCSD research study estimated that the botnet was infecting about 5 new computers per day with malware. 5) Although success rates for spam are tiny, the massive quantity of spam still results in some success for spammers.

False Actually, only a tiny fraction of spam emails result in purchases (about 0.00001% for the UCSD study). Most spam is filtered or ignored. True False Actually, the $2700 was for just a fraction of the campaign that was observed by the researchers. False The number was closer to 5,000 per day. True As spam filters improve, laws strengthen, enforcement increases, and users become wiser, perhaps spam will decrease.

TRUE or FALSE 3) If a user subscribes to Netflix, and Netflix then sends unsolicited email to the user about other products without an unsubscribe option, Netflix is violating U.S. spam law. 4) Anti-spam laws have had a dramatic decrease on the amount of worldwide spam traffic.

False Emails from companies to existing customers are not covered by the U.S. spam law. False Spam laws in the U.S. and many other countries are not strongly enforced. Spam makes up more than half of all email traffic on the Internet.

TRUE or FALSE 1) 419 email scammers have yet to make any money, but continue to try. 2) A common phishing scheme involves emails that inform a user of a frozen financial account, and require the user to provide information to unfreeze the account.

False 419 ("Nigerian") scams are surprisingly effective, "earning" billions of dollars. True

TRUE or FALSE 1)The U.S. spam law disallows unsolicited marketing emails. 2) The U.S. spam law requires unsolicited email to have an unsubscribe mechanism (with some exceptions).

False Unsolicited marketing emails are indeed allowed; True

_____ is the use of computer networks to PROMOTE a SOCIAL or _____ cause.

Hacktivism Political

TRUE or FALSE 1)In symmetric-key cryptography, the sender and receiver use _____ keys. -identical -differing 2) For sending a credit card number to a website, a likely approach for the sender and receiver to both know the secret key is _____. -for the sender to email the secret key to the receiver -for the receiver to post the secret key on the website -for the receiver to somehow securely send the secret key to the sender 3)TRUE or FALSE Symmetric-key cryptography ensures only the sender and receiver know the contents of a message.

Identical for the receiver to somehow securely send the secret key to the sender False Governments sometimes require a company to share the secret key, for surveillance reasons.

An _______ is a dishonest scheme or fraud using the Internet.

Internet Scam

A ____ is a NUMBER (or text string) used to ENCRYPT or DECRYPT messages. In _________, the sender and receiver use the SAME KEY for encryption and decryption (symmetric refers to both sides being the same, in this case the sender and receiver keys both being the same).

Key Symmetric-key cryptography

____ is an Internet scam that BAITS a user to SHARE sensitive information like a password or credit card number. Whats the most common way of this action?

Phishing email

______ uses two keys: A ____ key the sender uses to create ENCRYPTED messages, and a ____________ key that the RECEIVER can use to DECRYPT messages encrypted by that public key.

Public Key Cryptography Public Mathematically related private

What type of cryptography uses TWO KEYS? What are the 2 keys?

Public Key Cryptography Public and Mathematically-related private Key

How do Spammers make money?

Referrals Operate a Business Botnets

1)A receiver creates public and private keys that are _____ to each other. -related -unrelated 2) If an eavesdropper steals a public key, the eavesdropper can do _____ damage. -extensive -no 3) Mary posts a public key that matches a private key only she knows. Joe encrypts a message using that public key. To whom can Joe now send encrypted messages for successful decryption? -Mary only -anyone

Related no Mary only

3) A DoS attack often uses a _____. -botnet -hammer -helicopter 4) A legitimate user that tries to access a website that is under a DoS attack might notice _____. -slow response or no response -nasty messages from the attacker

botnet slow response or no response

A ______ (DoS) attack is achieved by submitting ____ numbers of access requests _____ to one target website, causing that site's web server to be _____, thus preventing legitimate requests from being handled (those requests are "denied service"). This type of attack may be used to try to hurt a company's _____, to hassle an _____, to express dissatisfaction with a government, etc. is this type of attack illegal in most countries?

denial of service huge simultaneously overloaded business organization yes

1) A DoS attack involves first installing _____ onto the target website's server. -a virus -a trojan -nothing 2) A DoS attack involves multiple simultaneous _____ of a target website. -logins -accesses

nothing accesses


Ensembles d'études connexes

Women/Childbearing Family Nursing Ch 10-19

View Set

Maternal Child Exam 4: Prep U Questions (Chapters 39-42)

View Set

Business Statistics Chapter 12 & 13

View Set

The Child with Endocrine Dysfunction

View Set

chapter 9 maternal and fetal nutrition pg 211-217

View Set