SRA 111 Final

Credit score reports cost about ______.

$10

Bluetooth's rate of transmission is ____ Mbps.

1

FACTA grants consumers the right to request one free credit report from each of the three national credit-reporting firms every _______.

12 months

It is estimated that over 100 trillion e-mails are sent annually, increasing at a rate of _______ percent each year.

15

Because of a security weakness if is important that key values exceed _______ at least characters in length.

20

The SMTP server listen on port number__________.

25

The average phishing site only exists for ______ days to prevent law enforcement agencies from tracking the attackers.

3.8

If a consumer finds a problem on her credit report, she must first send a letter to the credit-reporting agency. Under federal law, the agency has ____ days to investigate and respond to the alleged inaccuracy and issue a corrected report.

30

If a consumer finds a problem on her credit report, she must first send a letter to the credit-reporting agency. Under federal law, the agency has _____ days to investigate and respond to the alleged inaccuracy and issue a corrected report.

30

From January 2005 through July 2012, over ____ electronic data records in the United States were breached, exposing to attackers a range of personal electronic data, such as address, Social Security numbers, health records, and credit card numbers.

562 million

IEEE ____ combines the best features of 802.11b and 802.11a and is still used today.

802.11g

_________ is a technology that can associate a user's identity to a public key, in which the user's public key has been "digitally signed" by a trusted third party.

A digital certificate

In an office setting, instead of using a wireless broadband router, a more sophisticated device known as a(n) ______________ is used

Access Points (AP)

_________ represent a specific way of implementing ActiveX and are sometimes called ActiveX applications.

ActiveX controls

Many attackers create a direct ____ network, a peer-to-peer network that connects a wireless device directly to another wireless device, such as the victim's laptop directly to the attacker's laptop.

Ad hoc

Spyware usually performs one of the following functions on a user's computer: ____, collecting personal information, or changing computer configurations.

Advertising

Software program that delivers advertising content in a manner that is unexpected unwanted by the user.

Adware

One of the first software security applications is ____ software.

Antivirus

Virus that first attaches itself to the end of a file.

Appender infection

Also called a remote code execution, or RCE

Arbitrary code execution

A(n) _________ is defined as something that has a value.

Asset

Most encryption for data stored on a laptop uses __________ cryptography.

Asymmetric

__________ cryptography uses two keys.

Asymmetric

E-mail ____ are documents that are connected to an e-mail message, such as word processing documents, spreadsheets, or pictures.

Attachments

_______ ensures that data is accessible when needed to authorized users.

Availability

A(n) ______________ is software code that gives access to a program or service that circumvents normal security protections.

Backdoor

A list of senders for which the user does not want to receive any e-mail.

Blacklist

_________ is an attack that sends unsolicited message to Bluetooth-enabled devices.

Bluejacking

________is an attack that accesses unauthorized information from a wireless device through a Bluetooth connection, often between cell phones and laptop computers.

Bluesnarfing

There are two major types of wireless networks that are popular today among users. These networks are Wi-Fi and ______.

Bluetooth

A _________ is created when hundreds, thousands, or even tens of thousands of zombie computers are manipulated under remote control.

Botnet

Instructions written in HTML code specify how a local computer's Web _______ should display the words, pictures, and other elements on a user's screen.

Browser

Trying to guess a password through combining a systematic combination of characters.

Brute force attack

___________ attacks are often the means by which an attacker will perform an arbitrary code execution.

Buffer overflow

"_______" involves breaking into a car's electronic system.

Car hacking

Using a standard ______ form, attackers can divert all mail to their post office box so that the victim never sees any charges made.

Change-of-address

_______________ is a group-based behavior, yet it can be used on a individual by convincing the victim that everyone else has been giving the attackers the requested information.

Conformity

Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information are sometimes known as

Cybercrime

The FBI defines ______ as any "premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by subnational groups or clandestine agents."

Cyberterrorism

Terrorists who turn their attacks to the network and computer infrastructure to cause panic among citizens are known as _______.

Cyberterrorists

One of the best defenses against attacks is to create ________ on a regular basis.

Data backups

Botnets can flood a Web server with thousands of requests and overwhelm it to the point that it cannot respond to legitimate requests. This is known as ____.

Denying services

A_____ attack begins with the attacker creating digests of common dictionary words, and then comparing those in a stolen password file.

Dictionary

Technically speaking, the process for creating a password digital representation is based on a hash algorithm, which creates a(n)_____________

Digest

A radical technology or innovation that fills a new role that an existing device or technology could not.

Disruptive technology

_______________ involves digging through trash receptacles to find information that can be useful in an attack.

Dumpster diving

One of the first viruses found on a microcomputer

Elk Cloner

An AP or another computer that is set up by an attacker designed to mimic an authorized Wi-Fi device.

Evil twin

The _______ of 2003 contains rules regarding consumer privacy.

Fair and Accurate Credit Transactions Act

True or False: Data backups only protect data against computer attacks.

False

True or False: FACTA grants consumers free access to their credit score.

False

True or False: In a well-run information security program, attacks will never get through security perimeters and local defenses.

False

True or False: Most viruses can spread to other computer by themselves.

False

True or False: Password are still considered a strong defense against attackers.

False

True or False: Protecting your personal computer has become a serious challenge unless you are an advanced computer user.

False

True or False: There is a straightforward and easy solution to securing computers

False

True or False: To address the vulnerabilities in operating systems that are uncovered after the software has been released, software vendors usually deploy a software "fix" to address the vulnerabilities.

False

True or False: Web sites use the standard HTTP protocol for sending data through the Internet because this protocol is secure and ensures that an attacker cannot view the contents of the transmission.

False

True or False: Whereas tablets are designed for performance, laptops are focused on ease of use.

False

True or False: Wi-Fi networks operate in basically the same way as cellular telephony networks that are designed, installed, and maintained by the wireless telephone carries.

False

True or False: With blocked low-level domain lists, e-mail from entire countries or regions can be blocked and treated as spam.

False

A(n) __________ is a method used by operating system to store, retrieve, and organize files.

File system

_________ cookies can be used to reinstate regular cookies that a user has deleted or blocked .

Flash

In the last year, over 600,000 Apple Macs were infected with a malicious software called

Flashback

_____ requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.

GLBA

Results in attack tools that can vary their behavior so the same attack appears differently each time.

Greater sophistication of attacks

Under the ____, health care enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format.

HIPAA

In the past, the term _______ was commonly used to refer to a person who uses advanced computer skills to attack computers.

Hacker

A(n) ___________ is a false warning, often contained in an e-mail message claiming to come from the IT department.

Hoaxes

____________ allow users to jump from one area on the Web to another with a click of the mouse button.

Hyperlink

In the field of computer networking and wireless communications, the most widely known and influential organization is the ____.

IEEE

The current version of IMAP is _______.

IMAP4

____ involves stealing another person's personal information, such as a social security number, and then using the information to impersonate the victim, generally for financial gain.

Identity Theft

_______ involves using someone's personal information, such as a Social Security number, to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and ruining their credit rating.

Identity theft

________ uses graphical images of text in order to circumvent text-based filters.

Image spam

Social engineering _____ means to create a fictitious character and then play out the role of that person on a victim.

Impersonation

The term______ is frequently used to describe the tasks of securing information that is in a digital format.

Information security

______ ensures that information is correct an no unauthorized person or malicious software has altered that data.

Integrity

The ___________ is a worldwide set of interconnected computers, servers, and networks.

Internet

A(n) ______ is a business from which purchase Internet access.

Internet Service Provider

________ is a complete programming language that can be used to create stand-alone applications.

Java

_________ is a scripting language that does not create standalone applications

JavaScript

A ____________ silently captures and stores each keystroke that a user types on the computer's keyboard.

Keylogger

It is vital to have ______ security on all of the personal computers to defend against any attack that breaches the perimeter.

Local

A(n) _______________ is a series of instructions that can be grouped together as a single command.

Macro

Written in a script to automate a complex series of tasks into one command.

Macro virus

_______ is a general term that refers to a wide variety of damaging or annoying software programs.

Malware

Automatically blocks over 80 different types of file attachments that may contain malware.

Microsoft Outlook

It is important that action be taken in advance in order to _______. This may involve keeping backup copies of important data stored in a safe place.

Min loss

Malware that is specifically directed at tablets and smartphones is sometimes referred to as ____________

Mobile Malware

A __________ device is similar to portable USB hard drive except it has additional "intelligence" that allows all devices connected to the computer network to access it.

Network attached storage

____ identify individuals within the organization who are in positions of authority.

Organizational charts

Any secret combination of letters, numbers, and/or symbols that serves to validate or authenticate a user by what she knows.

Password

A _______ is a program that lets a user create and store multiple strong passwords in a single user database file that is protected by one strong master password.

Password management application

The best approach to establishing strong security with passwords is to use a _______.

Password management tool

A security _________ is a general software security update intended to cover vulnerabilities that have been discovered since the program was released.

Patch

Information (contained on the devices) is protected by three layers: products, ____, and policies and procedures.

People

Potentially the next target for attackers.

Personal medical devices

______ is sending an e-mail or displaying a Web announcement that falsely claims to be from a legitimate enterprise, in an attempt to trick the user into surrendering private information.

Phishing

______ may reveal the true level of security within the organization.

Policy manuals

The standard port for HTTP transmissions.

Port 80

Most Internet transmissions are based on _______.

Port numbers

________ means an attackers who pretends to be from a legitimate research firm asks for personal information.

Pretexting

__________ cryptography uses same single key to encrypt and decrypt a document.

Private key

Sent the first e-mail message in 1971

Ray Tomlinson

Most e-mail clients contain a ____ that allows the user to read an e-mail message without actually opening it.

Reading pane

On tablets and smartphone, it is recommended to download and install a(n) _______ app that can erase the contents of the device if lost or stolen.

Remote wipe

Known as ____, the deleted cookie's unique ID can still be assigned to a new cookie using the data stored in a Flash cookie as a backup.

Respawning

A _________ is a set of software tools used by an attackers to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms.

Rootkit

Originally the term __________ referred to a set of modified and recompiled tools for the UNIX operating system.

Rootkit

The ________ in a Wi-Fi network serves as the network name identifier.

SSID

Unsigned Java applets run in a security ____, which is like a fence that surrounds the program and keeps it away from private data and other resources on a local computer.

Sandbox

__________is software that displays a fictitious warning to be user in the attempt to "scare" the user into an action, such as purchasing additional software online to fix a problem that in fact does not exist.

Scareware

______ are individuals who want to attack computers yet they lack the knowledge of computers and networks needed to do so.

Script kiddies

ActiveX controls can be invoked from Web pages through the use of a ____ or directly by an HTML command.

Scripting language

In a general sense, __________ can be defined as the necessary steps to protect a person or property from harm.

Security

Web browsers provide the ability to use ____________ that allows the user to set customized security for zones and then assign specific Web sites to a zone.

Security Settings

AV software on a computer must have its ____ files regularly updated by downloads from the Internet.

Signature

Results in attacks that are no longer limited to highly skilled attackers.

Simplicity of attack tools

A(n) ____________ has all the tools that a feature phone has, but also includes an operating system that allows it to run third-party applications (app).

Smart phone

means of gathering information for an attack by relying on the weaknesses of individuals

Social engineering

Grouping individuals and organizations into cluster or groups based on their likes and interests is called _______.

Social networking

The Web sites that facilitate linking individuals with common interests and function as an online community of users are called ________.

Social networking sites

________ look for specific words and block e-mail messages containing those words.

Spam filters

A botnet consisting of thousands of zombies enables an attackers to send massive amounts of spam. Some botnets can also harvest e-mail addresses. this is known as__________.

Spamming

Whereas phishing involves sending millions of generic e-mail messages to users, ____ targets only specific users.

Spear phishing

Results in attackers that can launch attacks against millions of computers within minutes.

Speed of attack

A computer _______ is a person who has been hired to break into a computer and steal information.

Spy

A(n) _________ account is designed for everyday computing activities and allows for some settings to be modified.

Standard

Stolen wallets and purses contain personal information that can be used in identity theft. This is known as _______.

Stealing

______ infection injects portions of the code throughout the program's executable code instead of only at the end of the file ( any overwritten original code is transferred and stored inside the virus code for proper execution of the host program after the infection).

Swiss cheese

Private key cryptography is also called _________ cryptography.

Symmetric

HTTP is a subset of a large set of standards for Internet transmission known as the _____________.

TCP/IP

Portable computing devices with screen sizes ranging from 5 to 10 inches (127 to 254 millimeters).

Tablet Computer

On average it takes________ days for a victim for a victim to recover from an attack

Ten

A(n) ____________ -party cookie is a cookie that was not created by the Web site that attempts to access the cookie.

Third

A(n) ________ is a type of action that has the potential to cause harm.

Threat

A(n) ______ is a person or element that has the power to carry out a threat.

Threat agent

True or False: Attack tools can initiate new attacks without any human participation, thus increasing the speed at which systems are attacked.

True

True or False: Because a wireless signal can only be transmitted for several hundred feet, multiple APs are used to provide "cells" or areas of coverage.

True

True or False: Financial cybercrime is often divided into two categories. The first category focuses on individuals and businesses.

True

True or False: Most Bluetooth have a range of only 33 feet (10 meters).

True

True or False: Most users actually receive only a small amount of spam in their local e-mail inbox. The majority is blocked before it even reaches the user.

True

True or False: Restrict how cookies are created and used can also be done through configuring the web browser.

True

True or False: The main weakness of password centers on human memory.

True

True or False: Today, many attack tools are feely available and do not require any technical knowledge to use.

True

True or False: Unless remote management is essential, it is recommended that this feature be disabled with a wireless router.

True

True or False: Visually anyone could type in a person's username and password and pretend to be that person.

True

True or False: Web servers distribute HTML documents based on a set of standards, or protocols, known as the Hypertext Transport Protocol (HTTP).

True

True or False: When creating passwords, the most important principle is that length is more important is more important than complexity.

True

True or False:Files backed up through online services can be made available to another computer.

True

Allow attackers from anywhere in the world can sed attacks.

Universally connected devices

A(n) ________ is a program that does not come from a trusted source.

Unsigned Java applet

A(n) _____________ is a unique name used for identification.

Username

A(n) _________ uses an unsecured public network, such as the Internet, as if it were a secure private network.

Virtual private network

A computer _______________ is an executable program that contains hidden malware code.

Virus

The two types of malware that have the primary objective of infecting a computer system are ______.

Viruses and worms

Use of a telephone call instead of e-mail to contact a potential victim.

Vishing

A(n)____ is a flaw or weakness that allows a threat agent to bypass security.

Vulnerability

Provides the optimum level of wireless security and has been mandatory for all certified wireless devices manufactured since March 2006.

WPA2

War driving is derived from the term _______.

War dialing

Searching for wireless signals from an automobile or on foot using a portable computing device.

War driving

One type of spear phishing is

Whaling

A list of senders for which the user will accept e-mail.

Whitelist

Cryptography can also be applied to entire disks. This is known as __________ encryption and protects all data on a hard drive.

Whole disk

_____________ is a wireless data network technology that is designed to provide high-speed data connections for mobile devices.

Wi-Fi

As a means of simplifying turning on WPA2 Personal, many devices now support ____ as an optional means of configuring security.

Wi-Fi Protected Setup (WPS)

The _________ acts as the "base station" for the wireless devices, sending and receiving wireless signals between all devices as well as providing the "gateway" to the external Internet.

Wireless router

The _______ is composed of Internet server computers on networks that provide online information in a specific format.

World Wide Web

A __________ self-replicates between computers (from one computer to another).

Worm

An infected "robot" computer is known as a _____.

Zombie

A(n) ___________ attack allows an attacker to gain control of the victim's computer to execute the attacker's commands, turning it into his own remote computer.

arbitrary code execution

On tablets and smartphones, users should enable _________, which password-protects the devices when it has not been used for a set period of time.

auto-lock

Security is_____ convenience

inversely proportional