BTE Final Exam Part 2
Current payment systems require?
third party intermediaries that often charge high processing fees
____ are always recorded in the ledger
transactions
Attack by a programmer, where software programs hide in other computer programs and reveal their designed behavior only when they are activated.
-Trojan Horse
Attacks by a Programmer Developing a System
-Trojan Horse -Back Door -Logic Bomb
Examples of other areas of threats
-contract labor -consultants -janitors -guards
Examples of Communication Controls
-firewalls -anti-malware systems -encryption
Common Human Errors
1. Carelessness with laptops 2. Carelessness with computing devices 3. Opening questionable e-mails 4. Careless Internet surfing 5. Poor password selection and use 6. Carelessness with one's office 7. Carelessness with discarded equipment 8. Careless monitoring of environmental hazards
Five types of blockchain technology
1. Distributed 2. Concensus 3. Secured 4. Immutable 5. Provenance
What are the six steps in programming with C++?
1. Editor 2. Preprocessor 3. Complier 4. Linker 5. Loader 6. Execution
software packages that attempt to identify and eliminate viruses and worms, and other malicious software
Anti-malware Systems
studies the thought processes of humans and recreates the effects of those processes via machines, such as computers and robots. Behavior by a machine that, if performed by a human being, would be considered intelligent.
Artificial Intelligence (AI)
With this type of blockchain technology, everyone (or a Regulator) must validate and approve the new transaction/block.
Consensus
a statutory grant that provides the creators or owners of intellectual property with ownership of the property, also for a designated period.
Copyright
T or F: The Turing test shows intelligent systems are really close to exhibiting significant intelligence.
False
T or F: The absence of errors while compiling a program implies that the program preforms the intended computation successfully
False
a system that prevents a specific type of information from moving between untrusted networks, such as the Internet, and private networks, such as your company's network.
Firewalls
SCADA attacks typically occur on ___________. Hacker networks Industrial control systems Personal computers Government networks
Industrial control systems
This component of the expert system uses a computer program (written using a high-level programming language) that provides a methodology for reasoning and formulating conclusions.
Inference Engine
An attacker either threatens to steal, or actually steals, information from a company. The perpetrator demands payment for not stealing the information, for returning stolen information, or for agreeing not to disclose the information.
Information Extortion
All of the processes and policies designed to protect an organization's information from unauthorized access, use, disclosure, disruption, modification, or destruction.
Information Security
___________ is threatening to steal or actually stealing information from a company and then demanding payment to not use or release that information. -Competitive intelligence -Espionage -Information extortion -Intellectual property
Information extortion
Organization with two firewalls and demilitarized zone
Internet, External Firewall, Servers, Internal Firewall, Corporate LAN Internet.
Basic firewalls for home computer
Internet, Internet Service Provider, Broadband Connection, Home Computer
Biometrics is something the user _______. Does Has Is Knows
Is
What is blockchain?
It is a distributed database leveraging distributed processing it is an unchangeable system of recordkeeping that is seeing a growing use well beyond financial transactions. Data is copied on multiple servers or computers and encrypted into blocks, which are then linked by hashes to previous blocks. This allows the system to reject any non-valid transactions.
This component of the expert system uses direct use of knowledge to solve specific problems in a particular domain.
Knowledge Base
An expert system's ______________________ is composed of facts and rules. A. Explanation subsystem B. Knowledge base C. Inference engine D. User interface
Knowledge base
Knowledge Acquisition
Knowledge is acquired from domain experts or from documented sources.
______________________ is NOT a benefit of an expert system. A. Knowledge accessibility B. Liability C. Productivity D. Reliability
Liability
Attack by a programmer; a segment of computer code that is embedded within an organization's existing computer programs and is designed to activate and perform a destructive action at a certain time or date.
Logic Bomb
Symbol:Parallelogram
Name: -Input/Output Function: -A parallelogram represents input or output
Symbol: Rectangle
Name: -Process Function: -A rectangle represents a process
Symbol: Oval
Name: -Start/end Function: -An oval represents a start or end point.
Symbol: Diamond
Name: -decision Function: -A diamond indicates a decision
Is the subfield of AI that gives computers the ability to interact with humans in a more typical way?
Natural language processing
A system of programs and data structures that simulates the underlying functions of the biological brain
Neural Networks Examples: -Bruce Nuclear Facility (Ontario, Canada) -Research into Diseases (Alzheimer's, Parkinson's, Epilepsy, etc.) -Banking System Fraud Detection
Machine learning systems often use _________ to learn from data. A. Expert systems B. Fuzzy logic C. Genetic algorithms D. Neural networks
Neural networks
___________ are used to research diseases like Alzheimer's, Parkinson's, and epilepsy. A. Expert systems B. Genetic algorithms C. Intelligent agents D. Neural networks
Neural networks
_______________ are "trained" by being fed large amounts of data and rules about data relationships. A. Expert systems B. Fuzzy logic C. Genetic algorithms D. Neural networks
Neural networks
_______________ usually involve a large number of processors operating in parallel. A. Expert systems B. Fuzzy logic C. Genetic algorithms D. Neural networks
Neural networks
The __________________ proposes a scenario in which a man and a computer both pretend to be women or men, and a human interviewer has to identify which is the real human.
Turing Test
This component of the expert system uses dialogue between the user and the computer triggers the inference engine to match the problem symptoms with the knowledge contained in the knowledge base and then generate advice
User Interface
____ Segment of computer code that performs malicious actions by attaching to another computer program.
Virus
Which of the following is NOT an unintentional threat to information systems? -Careless monitoring of environmental hazards. -Choosing a weak password. -Having an unlocked desk or filing cabinet after going home. -Viruses.
Viruses
Remote attack; segment of computer code that performs malicious actions and will replicate, or spread, by itself (without requiring another computer program).
Worm
In a programming language, these commands can be interpreted into?
a code understood by a machine.
New Block is concatenated with prior Block by using ______
a cryptographic hash
A Ledger is ___
a system of records for a business
Neural networks are best used for analyzing ________ data. A. complex, complete B. complex, incomplete C. simple, complete D. simple, incomplete
complex, incomplete
A programming language is a ____
computer language engineered to create a standard form of commands.
In C++ what does a text editor do?
create the source code (source program
In the blockchain, every recording uses ______ or _______
private cryptographic key, digital signature
For nonrepudiation, the sender encrypts plain text using a ____ while the receiver uses the sender's ____ to decrypt it. Thus, the receiver knows who sent it.
private key, public key
asymmetric encryption; the sender encrypts the information using the receiver's _____. The receiver decrypts the message using his/her ____.
public key, private key
in C++, begin with the symbol __ and are processed by the __
#, preprocessor
How to write code in C++
#include <iostream> using namespace std; int main() { cout << "My first C++ program." << endl; return 0; }
Information Security Controls
- Physical Controls - Access Controls - Communication Controls
Compromises to intellectual property; the property created by individuals or corporations that is protected
- Trade Secret - Patent - Copyright
What are the four facts about Bitcoin?
-An unregulated shadow-currency -Created as a decentralized digital currency exchange system to exchange digital currency without the banks as intermediaries, while keeping (pseudo) anonymity -Resource intensive (requires Proof of Work Consensus) -Created in 2008 after the Global Financial crisis
What does the complier do?
-Check that the program obeys the language rules -Translate the program into machine language (object program)
Remote Attacks Needing No User Action
-Denial of Service Attack -Distributed Denial of Service Attack
What two areas pose significant threats in human errors?
-Human Resources -Information Systems
What are the two types of alien software?
-Spyware -Adware
What are the five factors that contribute to vulnerability?
-Today's interconnected, interdependent, wirelessly networked business environment -Smaller, faster, cheaper computers & storage devices -Decreasing skills necessary to be a computer hacker -International organized crime taking over cybercrime -Lack of management support
Benefits of Expert Systems
1. Increased output and productivity: ESs can configure components for each custom order, increasing production capabilities. 2. Increased quality: ESs can provide consistent advice and reduce error rates. 3. Capture and dissemination of scarce expertise: Expertise from anywhere in the world can be obtained and used. 4. Operation in hazardous environments: Sensors can collect information that an ES interprets, enabling human workers to avoid hot, humid, or toxic environments. 5. Accessibility to knowledge and help desks: ESs can increase the productivity of help desk employees, or even automate this function. 6. Reliability: ESs do not become tired or bored, call in sick, or go on strike. They consistently pay attention to details. 7. Ability to work with incomplete or uncertain information: Even with an answer of "don't know," an ES can produce an answer, although it may not be a definite one. 8. Provision of training: The explanation facility of an ES can serve as a teaching device and a knowledge base for novices. 9. Enhancement of decision-making and problem-solving capabilities: ESs allow the integration of expert judgment into analysis (e.g., diagnosis of machine malfunction and even medical diagnosis). 10. Decreased decision-making time: ESs usually can make faster decisions than humans working alone. 11. Reduced downtime: ESs can quickly diagnose machine malfunctions and prescribe repairs.
What are the three components of expert systems
1. Knowledge Base 2. Inference Engine 3. User Interface
Difficulties of Using Expert Systems
1. Transferring domain expertise from human experts to the expert system can be difficult because people cannot always explain what they know 2. Even if the domain experts can explain their entire reasoning process, automating that process may not be possible 3. In some contexts, there is a potential liability from the use of expert systems.
Remote Attacks Requiring User Action
1. Virus 2. Worm 3. Phishing Attack 4. Spear Phishing Attack
Which of these facts about a Ledger is NOT correct? 1. A ledger describes the inputs and outputs of a business 2. A ledger consists of transactions, often governed by contracts 3. A ledger is used purely for reporting of cash 4. A ledger is a system of record
A ledger is used purely for reporting of cash
Which of the following is NOT one of the most dangerous employees to information security? -Accountants -HR employees -Janitors -MIS employees
Accountants
Knowledge Representation
Acquired knowledge is organized as rules or frames (object-oriented) and stored electronically in a knowledge base.
You are a doctor at a successful practice in the US. You are contacted by WebMD.com to provide your expertise on your successful new cancer identification technique. This is considered knowledge _______. A. Acquisition B. Inferencing C. Representation D. Transfer
Acquisition
software that is installed on your computer through duplicitous methods
Alien Software
What is bitcoin? 1. A private network 2. Another name for blockchain 3. An unregulated shadow currency 4. The technology that underpins the Ledger
An unregulated shadow currency
_____Determines which actions, rights, or privileges the person has, based on his or her verified identity.
Authentication
Which of the following is the correct order of the steps of programming with C++? A. 1. Editor 2. Preprocessor 3. Complier 4. Loader 5. Linker 6. Execution B. 1. Editor 2. Preprocessor 3. Complier 4. Linker 5. Loader 6. Execution C. 1. Preprocessor 2. Editor 3. Complier 4. Loader 5. Linker 6. Execution D. 1. Preprocessor 2. Editor 3. Loader 4. Complier5. Linker 6. Execution
B. 1. Editor 2. Preprocessor 3. Complier 4. Linker 5. Loader 6. Execution
Attack by a programmer; typically a password, known only to the attacker, that allows him or her to access a computer system at will, without having to go through any security procedures.
Back Door (also called a trap door)
Anonymity is important. Blockchain or Bitcoin?
Bitcoin
Based on Proof of Work Blockchain or Bitcoin?
Bitcoin
Transactions are viewable by all members of the network. Blockchain or Bitcoin?
Bitcoin
Each new record (write) to the database is a___
Block
In the context of blockchain, the transaction is represented online as a?
Block
Identity of members is known. Blockchain or Bitcoin?
Blockchain
Permissioned network. Blockchain or Bitcoin?
Blockchain
Bitcoin is based on ____
Blockchain methodology
Which of the following is NOT an example of alien software? Adware Blockware Spamware Spyware
Blockware
Examples of different programming languages
C C++ Java Python
In C++, something thats used to give an input from a keyboard?
C-in
Which of the following is a characteristic of AI? A. Difficult and expensive to duplicate and disseminate knowledge B. Erratic and inconsistent total cost of knowledge C. Low creativity D. Knowledge isn't preserved well
C. Low creativity
___ guarantees that the program follows the rules of the language, it does not guarantee that the program will run correctly
Compiler
_____ identifies the syntax errors and also suggests how to correct them
Complier
______ converts data into a format that is unreadable for an unauthorized user, allowing it to be transmitted without unauthorized entities decoding it back into a readable format
Cryptography
Which of the following is NOT an example of a machine learning system? A. Customer detection B. Face recognition C. Fraud detection D. Spam recognition
Customer detection
Identify which customers may respond positively to a particular promotion.
Customer segmentation
Malicious acts in which attackers use a target's computer systems, particularly via the Internet, to cause physical, real-world harm or severe disruption, often to carry out a political agenda.
Cyberterrorism and Cyberwarfare
The computer expert system that beat Gary Kasparov in chess?
Deep Blue
An attacker sends so many information requests to a target computer system that the target cannot handle them successfully and typically crashes (ceases to function)
Denial of Service Attack
An attacker first takes over many computers, typically by using malicious soft ware. These computers are called zombies or bots. The attacker uses these bots—which form a botnet—to deliver a coordinated stream of information requests to a target computer, causing it to crash.
Distributed Denial of Service Attack
The primary method that the blockchain network will improve the way business interact?
Distributed Ledger; all counter parties can save time when recording transactions
the process of converting an original message into a form that cannot be read by anyone except the intended receiver.
Encryption
Involves the unauthorized viewing and accessing of data
Espionage
____ An unauthorized individual attempts to gain illegal access to organizational information.
Espionage or Trespass
___________ are the most widely applied and commercially successful intelligent systems. A. Expert systems B. Genetic algorithms C. Intelligent agents D. Neural networks
Expert systems
Symbol: Arrow
Function: -A line is a connector that shows relationships between the representative shapes
A smart ID card is something the user _______. Does Has Is Knows
Has
In the blockchain network, ______ are mainly used to ensure that a file has remained unchanged.
Hash functions
Greater Threat =
Higher level employees + greater access privileges
Acts performed without malicious intent that nevertheless represent a serious threat to information security
Human Errors
The computer expert system that defeated Jeopardy! game show contestants?
IBM Watson
Deliberate assumption of another person's identity, usually to gain access to his or her financial information or to frame him or her for a crime.
Identity Theft
Printed, handwritten characters are recognized automatically based on previous examples.
Optical character recognition
Blockchain consists of multiple parties that are also known as?
Peers
use deception to acquire sensitive personal information by masquerading as official-looking e-mails or instant messages.
Phishing Attack
What are Physical Controls?
Prevent unauthorized individuals from gaining access to a company's facilities. Common physical controls include walls, doors, fencing, gates, locks, badges, guards, and alarm systems.
Which of the following is not a use of neural networks? Bruce Nuclear Facility Research into Diseases Banking System Fraud Detection Preventing money-laundering
Preventing money-laundering
It is a set of rules, symbols, and special words
Programming language
This type of blockchain technology blocks must show connection to (fingerprint of) prior block, keeping a trail
Provenance
In cryptography, the sender decrypts the information using the receiver ___, the receiver decrypts using their ___
Public Key, Private Key
Knowledge __________ occurs when knowledge is organized as rules or frames and stored electronically in a knowledge base.
Representation
What are Access Controls?
Restrict unauthorized individuals from using information resources and involve two major functions: authentication and authorization
_____ are used to monitor or to control chemical, physical, and transport processes such as those used in oil refineries, water and sewage treatment plants, electrical generators, and nuclear power plants.
SCADA systems
You start browsing your favorite home improvement company's website and notice someone has changed all the logos to their main competitor's logos. This is an example of ___________. -Espionage -Identity theft -Information extortion -Sabotage
Sabotage
Deliberate acts that involve defacing an organization's Web site, potentially damaging the organization's image and causing its customers to lose faith.
Sabotage or Vandalism
Phishing is an example of __________. -Copyright infringement -Espionage -Sabotage -Remote Software attack
Software attack
What is Adware?
Software that causes pop-up advertisements to appear on your screen.
What is Spyware?
Software that collects personal information about users without their consent.
includes voice and signature recognition.
Something the user does
regular identification (ID) cards, smart ID cards, and tokens.
Something the user has
also known as biometrics, examines a person's innate physical characteristics (e.g., fingerprint scans, palm scans, retina scans, iris recognition, and facial recognition).
Something the user is
includes passwords and pass phrases.
Something the user knows
target large groups of people. attack the perpetrators find out as much information about an individual as possible to improve their chances of gaining personal information.
Spear Phishing Attack
Solving a Problem with Programming
Step 1: Analyze the problem Step 2: Implement the algorithm Step 3: Maintain the program
Knowledge Inferencing
The computer is programmed so that it can make inferences based on the stored knowledge.
In the context of blockchain what is a node?
The computers that are connected to the network
In a "While Loop" which of the following is true?
The expression provides an entry condition to the loop
Knowledge Transfer
The inferenced expertise is transferred to the user in the form of a recommendation.
Computing and storage devices (powerful with vastly increased storage) are becoming smaller and as a result easier to be stolen.
Theft of Equipment or Information
Categorize news articles as to whether they are about politics, sports, entertainment, and so on.
Topic identification
an intellectual work, such as a business plan, that is a company secret and is not based on public information.
Trade Secret
Coca-Cola's formula is an example of a ___________. Copyright Patent Trade secret All of the above
Trade secret
You are the HR manager at ABC Corp. You are using an expert system to "score" candidates for the new sales manager job. The scores you receive are an example of knowledge __________. A. Acquisition B. Inferencing C. Representation D. Transfer
Transfer
_____ is the use of secret numerical codes to scramble messages. a. Encryption b. Graphics c. Decryption d. Conversion
a. Encryption
A _____ does not replicate itself; it most often enters the computer, at the user's request, masquerading as a harmless data file. a. Trojan horse b. Worm c. Virus d. All of the above
a. Trojan horse
Denial of service (DOS) attacks _____. a. prevent legitimate users from accessing networks or Web sites b. result when users fail to make payments to their service providers c. are mere threats from hackers pretending to be the Internet service provider d. are examples of phishing
a. prevent legitimate users from accessing networks or Web sites
Information is _____. a. the useful interpretation of facts and figures b. names and number from a large phonebook c. raw facts and figures d. proven facts
a. the useful interpretation of facts and figures
A virus typically infects a system when _____. a. the user opens the contaminated file. b. the user tries to delete the contaminated file. c. the user shuts his or her system off. d. the user attempts to transmit data.
a. the user opens the contaminated file
in the buying organization, a transaction _____ onto the ledger
adds assets
In programming, an ____ is a step-by-step problem-solving process
algorithm
What is a patent?
an official document that grants the holder exclusive rights on an invention or a process for a specified period of time.
A ___________ is a remote attack requiring user action. back door denial-of-service attack logic bomb phishing attack
phishing attack
Which statement is true regarding firewalls? a. They are located within individual monitors. b. They filter all messages to the user's security policy. c. They serve as a "traffic switch," telling a message where to go. d. They do none of the above.
b. They filter all messages to the user's security policy.
_____ can travel from computer to computer without your needing to open any software to spread the contaminated file. a. Computer viruses b. Worms c. Trojan horses d. All of the above
b. Worms
Keyboards, monitors, and printers are types of _____. a. control b. hardware c. software d. databases
b. hardware
Spyware is downloaded by users _____. a. in order to prevent viruses from attacking b. who are likely not aware that their computer activities will be monitored c. to prevent spam d. who want easy access to their coworkers' files
b. who are likely not aware that their computer activities will be monitored
A ___________ is an attack by a programmer developing a system. back door denial-of-service attack phishing attack virus
back door
A neural network is a system of programs and data structures that simulates the underlying functions of the _____
biological brain
Unlike the _______ which is open, public and anonymous making its security and trust questionable - ______ is private, permissioned and running on smart contracts.
bitcoin application, blockchain for business
it is an unchangeable system of recordkeeping that is seeing a growing use well beyond financial transactions
blockchain
With cryptocurrency each user has _____
both public and individual private keys.
A transaction always happens between ___ and ___
buyer and seller
Data is copied on multiple servers or computers and encrypted into blocks, which are then linked _____ previous blocks. This allows the system to _____ transactions.
by hashes to, reject any non-valid
_____ gain unauthorized access to computers or networks, perhaps in an attempt to steal information. a. Phishers b. Pharmers c. Hackers d. Spammers
c. Hackers
Greg feels comfortable that no one can open and read his e-mails. He must have _____. a. anti-virus software b. spyware c. encryption software d. a Trojan horse
c. encryption software
The company's security policy includes access rules that identify every type of message that the company does not want to pass through the _____. a. spyware b. router c. firewall d. switch
c. firewall
Expert systems ______ replace human experts by applying expertise in a _____ domain. A. can; general B. can; specific C. cannot; general D. cannot; specific
can; specific
in C++, what does a linker do ?
combines object program with other programs in the library to create executable code
A firewall is a _______ control. access communication physical virtual
communication
Information technology is improving _____. a. big businesses b. small businesses c. start-up businesses d. all of the above
d. all of the above
Sally received an e-mail message that offered her free software to help her count calories. This email message could be _____. a. an attempt to attach spyware to her computer b. spam c. a Trojan horse d. any of the above
d. any of the above
Phishing involve the use of _____. a. intellectual property theft b. firewalls that prevent hacking c. viruses sent from one station to another in a LAN d. deceptive e-mails that imitate popular Web sites
d. deceptive e-mails that imitate popular Web sites
In the blockchain, transactions are recorded in the ___?
database
A ___________ is a remote attack needing NO user action. back door denial-of-service attack logic bomb phishing attack
denial-of-service attack
In C++, an Integrated Development Environment (IDE)....
develop programs in a high-level language
Machine-to-machine payment using the bitcoin protocol could allow for?
direct payment between individuals, as well as support micropayments.
This type of blockchain technology is a ledger that keeps records of transactions, value, and ownership of assets. Copies of recording (ledger) are kept in different databases
distributed
Weak passwords are a(n) ___________ threat. -outside -employee -hardware -software
employee
With blockchain technology, for consumers, this means you will be able to scan a code on an item you want to buy and find out _____
exactly where it has been before landing in your hands.
In a logic flow (while loop repetition), an infinite loop continues to _____
execute endlessly (expression never false)
In a logic flow (while loop repetition), the _____ provides an entry condition to the loop
expression
Two-way selection syntax (Logic Flow)
if (expression) statement 1 else statement 2 IF expression is true, statement1 is executed; otherwise (else), statement2 is executed
This type of blockchain technology; once a transaction is recorded into a block, a block can't be changed nor deleted
immutable
Cybercriminals _________ -are violent criminals. -can be easily arrested, once they are found. -don't make that much money; they do it for fun. -target known software security weaknesses.
target known software security weaknesses.
Cryptocurrency operates ____
independently of a central bank.
Knowledge ____________: the computer is programmed so that it can make inferences based on the stored knowledge.
inferencing
The term ________ describes the various commercial applications of artificial intelligence.
intelligent systems
The Turing test involves a human and computer ______________. A. answering the phone B. interviewing C. playing Jeopardy! D. playing chess
interviewing
what is cryptocurrency?
is a digital currency that uses cryptography for security measures.
Neural networks usually involve a _______ number of processors operating in _____. A. large; parallel B. large; real-time C. small; parallel D. small; real-time
large; parallel
In C++, the ___ contains prewritten code you can use
library
In C++, the ___ executable program into the main memory
loader loads
Programming is a process ___
of problem solving
Transactions/Blocks are processed
one at a time
With a private key, only the _____
owner can access it
in the selling organization, a transaction ____ from the ledger
removes assets
This type of blockchain technology uses cryptography to process digital transactions or verifiable digital signature
secured
Businesses agree on Contracts, which __
set conditions of transactions
In programming, a ___ is achieved in a finite amount of time
solution
In a logic flow (while loop repetition), the _____ (body of the loop) continues to execute until the expression is no longer true
statement
