Cybersecurity Ch. 3
Sends spoofed messages across a LAN to link a criminal's physical address with the logical address of an authorized member of the network.
ARP spoofing
The _________________ is an industry association focused on eliminating the identity theft and fraud that result from phishing and email spoofing.
Anti-Phishing Working Group
____________________________ allows criminals to inject scripts into the web pages viewed by users. This script can contain malicious code.
Cross-site scripting
modifies a domain naming server to reroute a specific domain name to a different logical address controlled by the criminal.
DNS server spoofing
Logic bomb triggers can be:
Dates User account deletion Times Other running programs
The first computer virus, called __________________________ , was created as a teenager's harmless prank, displaying random messages to users and played subtle tricks when an infected floppy disk was booted
Elk Cloner
Internet Protocol packets are sent from a spoofed source address to disguise itself.
IP spoofing
To prevent DoS and DDoS attacks, block external __________ packets at the network border.
Internet Control Message Protocol (ICMP)
Occurs when one computer accepts data packets based on the physical address of another computer.
MAC address spoofing
___________________________ takes control over a mobile device. The infected mobile device sends user-sensitive information to the attackers.
Man-In-The-Mobile
This disrupts the transmission of a radio or satellite station so that the signal does not reach the receiving station.
RF jamming
SEO Poisoning is short for _____________________________ Poisoning.
Search Engine Optimization
What is one of the worst computer viruses in history?
The Melissa Virus
Always scan email attachments before opening them. (T/F)
True
___________________________ is a security protocol that attempted to provide a wireless local area network (WLAN) with the same level of security as a wired LAN.
Wired Equivalent Privacy
An ______[a]_______ is a deliberate exploitation of a discovered weakness in computer information systems, either as specific targets or merely as targets of ______[b]______.
attack opportunity
A _________________ is a container that holds classified or sensitive documents for later destruction by fire.
burn bag
With XSS, if criminals obtain the victim's web session _______________, they can impersonate that user.
cookie
A _________________ is any type of offensive maneuver used by cyber criminals to target computer information systems, computer networks, or other computer devices.
cyberattack
Restrict access point placement with a network by placing these devices outside the firewall or within a _______________________________ which contains other untrusted devices.
demilitarized zone
When defending against attacks, configure firewalls to _______________ packets from outside of the network that have addresses indicating that they originated from inside the network.
discard
Computer viruses usually spread from:
downloads off the Internet email attachments removable media
This is a program that automatically downloads to the computer when a user visits a web site or views an HTML email message.
drive-by download
The most common goal of SEO poisoning is to increase traffic to malicious sites that may host malware or perform social _____________.
engineering
Rootkit Privilege ______________ takes advantage of programming errors or design flaws to grant the criminal elevated access to network resources and data.
escalation
An ____________________ attack uses a criminal's access point improved with higher power and higher gain antennas to look like a better connection option for users.
evil twin
A Trojan horse binds itself to executable files. (T/F)
false
Bluejacking occurs when an attacker copies a victim's information from his/her Bluetooth device. T/F
false
Bluesnarfing is the term used for sending unauthorized messages to another Bluetooth device. T/F
false
Cyber criminals succeed by continuously searching for and identifying systems with clear vulnerabilities. Common victims include patched systems. (T/F)
false
Defending against fast-moving Zero-Day Attacks attacks requires network security professionals to adopt a more simplistic view of their network architecture. T/F
false
Most viruses do not require end-user initiation. (T/F)
false
SEO poisoning uses SEO to make a malicious website appear lower in search results. (T/F)
false
The frequency, modulation, and power of an RF jammer needs to be less than that of the device that the criminal wants to disrupt in order to successfully jam the wireless signal. T/F
false
With XSS the cyber-criminal argets a victim directly. T/F
false
worms require a host program to run. (T/F)
false
As Flash-based content grew and became more popular, criminals examined ___________ and software, determined vulnerabilities, and exploited Flash Player.
flash plugins
Social engineers often rely on people's willingness to be ______________ but also prey on people's weaknesses.
helpful
The term zero _____________ describes the moment when someone discovers a zero-day attack.
hour
A criminal, posing as an IRS employee, tells a victim that they owe money to the IRS. The victim must pay immediately through a wire transfer. Failure to pay will result in an arrest. What type of cyber attack is most closely being perpetrated?
impersonation
Both XML and SQL _________________ attacks exploit weaknesses in database programs such as not validating database queries properly.
injection
Spam, also known as __________________, is unsolicited email. In most cases, spam is a method of advertising.
junk mail
This is a software program that records or logs the keystrokes of the user of the system.
keyboard logger
This is a malicious program that uses a trigger to awaken the malicious code.
logic bomb
This is a term used to describe software designed to disrupt computer operations, or gain access to computer systems, without the user's knowlege or permission.
malware
A ______________ prevents piggybacking by using two sets of doors. After individuals enter an outer door, that door must close before entering the inner door.
mantrap
Spam may have text with ________________ words or strange punctuation.
misspelled
In order to avoid detection, a virus may _____________.
mutate
A DoS attack results in some sort of interruption of ______________ services to users, devices, or applications
network
Worms are malicious code that replicates by independently exploiting vulnerabilities in ________________.
networks
When establishing Bluetooth pairing, both devices use the same _________________.
passkey
Cyber criminals use a packet sniffer and run WPA2 attacks offline on the ____________________.
passphrase
This occurs when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source.
phishing
This occurs when a criminal tags along with an authorized person to gain entry into a secure location or a restricted area.
piggybacking
_________________ is when an attacker calls an individual and lies to them in an attempt to gain access to privileged data.
pretexting
A Trojan horse exploits the _____________ of the user that runs it.
privileges
An attacker requests personal information from you in exchange for a gift. This is an example of ____________________.
quid pro quo
_____________ holds a computer system, or the data it contains, captive until the target makes a payment. It usually works by encrypting data in the computer with a key unknown to the user.
ransomware
A few common backdoor programs are Netbus and Back Orifice, which both allow ________ access to unauthorized system users.
remote
A __________ access point can also refer to a criminal's access point.
rogue
This persuades the user to take a specific action based on fear. It forges pop-up windows that resemble operating system dialogue windows. These windows convey forged messages stating that the system is at risk or needs the execution of a specific program to return to normal operation.
scareware
Spyware often bundles itself with legitimate software or with Trojan horses.. Many ___________ websites are full of spyware.
shareware
The key to an effective antivirus solution is to keep malware ______________ updated
signatures
___________________________ uses Short Message Service (SMS) to send fake text messages.
smishing
__________________ occurs when attackers examine all network traffic as it passes through their NIC, independent of whether or not the traffic is addressed to them or not
sniffing
The authors of grayware usually maintain legitimacy by including an application's capabilities in the small print of the ____________________________ agreement.
software license
This sends customized emails to a specific person. The criminal researches the target's interests before sending the email.
spear phishing
This is an impersonation attack, and it takes advantage of a trusted relationship between two systems.
spoofing
This is software that enables a criminal to obtain information about a user's computer activities.
spyware
An attacker can be in close proximity to his victim or the attacker can use binoculars or closed circuit cameras to shoulder ________.
surf
A ___________ is the possibility that a harmful event, such as an attack, will occur.
threat
Spyware often includes activity _____[a]_____, keystroke _____[b]_____, and data capture.
trackers collection
Criminals may have authorized users unknowingly run a _______________ program on their machine to install a backdoor program.
trojan horse
Ransomware propagates as a ________________ and is the result of a downloaded file or some software weakness.
trojan horse
A backdoor bypasses normal authentication used to access a system. (T/F)
true
A browser hijacker is malware that alters a computer's browser settings to redirect the user to unintended websites. (T/F)
true
A rootkit modifies the operating system to create a backdoor. (T/F)
true
Cyber criminals launch offensive maneuvers against both wired and wireless networks. (T/F)
true
DoS attacks are relatively simple to conduct, even by an unskilled attacker. (T/F)
true
Grayware includes mobile applications that behave in an annoying or undesirable manner. T/F
true
Keyboard loggers can be legitimate, commercial software. T/F
true
Logic Bombs have the ability to destroy hardware components via forced overheating. (T/F)
true
Malware has become an umbrella term used to describe all hostile or intrusive software. (T/F)
true
MitM allows the criminal to take control over a device without the user's knowledge. (T/F)
true
Most spam comes from multiple computers on networks infected by a virus or worm. (T/F)
true
Most viruses activate at a specific time or date. (T/F)
true
Opening an infected file can trigger a virus. (T/F)
true
Other than an initial infection, worms do not require user participation. (T/F)
true
Payment through an untraceable payment system is always the criminal's goal with ransomware. (T/F)
true
Physical security is important in preventing the introduction of sniffers on an internal network. (T/F)
true
Spam may looks like correspondence from a legitimate business. (T/F)
true
The the proper attack, cyber criminals can spoof an identity, modify existing data, destroy data, or become administrators of a database server. T/F
true
There is no provision for key management with WEP, so the number of people sharing the key will continually grow. T/F
true
WPA2 is susceptible to attack because cyber criminals can analyze the packets going between the access point and a legitimate user. T/F
true
Worms usually slow down networks. (T/F)
true
This is malicious executable code attached to another executable file, such as a legitimate program.
virus
A _______________ is a weakness that makes a target susceptible to an attack.
vulnerability
What are the three most common types of malware?
worms viruses Trojan horses
This threat is a computer attack that tries to exploit software vulnerabilities that are unknown or undisclosed by the software vendor.
zero-day
An attacker builds a network of infected hosts, called a botnet, The the infected hosts are called _______________________.
zombies
