Untitled Quiz

Questions and Answers

What is the Internet?

A global network that allows devices connected to it to exchange information.

What are the two main Internet tools?

World Wide Web and email

What does WWW stand for?

Worldwide Web

Web World Wide

World Wide Web (correct)

Web Wide World

What is HTML?

Hypertext Markup Language

HTTP is a secure protocol.

False

The World Wide Web is a transfer-and-store process.

True

Who developed the first email?

Ray Tomlinson

Approximately how many emails are sent per day?

over 400 billion

Only 15% of emails sent daily are legitimate.

True

What are the two TCP/IP protocols that an earlier email system uses?

Simple Mail Transfer Protocol (SMTP) and Post Office Protocol (POP or POP3)

Email remains on the email server and is not downloaded to the user's computer when using IMAP.

True

Information is added to the email header as it is transferred from one MTA to another.

True

What are documents attached to an email message called?

Email attachments

What are the three major categories of Internet security risks?

User device threats; Threats from web servers; Transmission risks

In the early days of the web, users viewed static content.

True

Dynamic content changes over time.

True

What is the primary way dynamic content is created?

Scripting code

Name two popular scripting languages.

JavaScript and PowerShell

A website that uses JavaScript automatically downloads the code onto the user's computer.

True

An extension is a type of scripting code.

False

Extensions generally have wider access privileges than JavaScript running in a webpage.

True

Browser-dependent extensions work across different browsers.

False

Why are extensions attractive to attackers?

All of the above

Plug-ins were a popular way to add functionality to web browsers.

True

Web browsers are now designed to support automatic plug-ins.

False

Which of these is NOT a major email risk?

Dynamic content

Macros are often delivered through Microsoft Office files.

True

Microsoft reports that 98% of Office-targeted threats are macro-based.

True

Redirection from a malicious hyperlink is difficult to accomplish.

False

Spam is considered a serious threat because it can be used to distribute malware.

True

Image spam uses text instead of images.

False

What is malvertising?

Malicious advertising

Websites usually know when malware is being distributed through their ads.

False

What is a drive-by download?

An attack attempting to infect the website directly

Drive-by downloads rely on the user interacting with the website.

False

The injected content is usually visible to the naked eye.

False

How can attackers exploit websites that create dynamic content?

By injecting malicious scripts into the website's code

Sanitizing user input can prevent XSS attacks.

True

CSRF attacks rely on a user submitting a request to a website they are not logged into.

False

CSRF attacks can be used to transfer funds.

True

Man-in-the-middle attacks are a form of network interception.

True

Neither party involved in a MITM attack knows that a third party is involved.

True

What is the goal of a MITM attack?

All of the above

A replay attack is a variation of a MITM attack.

True

Session replay is a simpler attack than replay attacks.

False

A session ID changes with each visit to a website.

False

Man-in-the-browser attacks intercept data between a browser and the computer it is running on.

True

MITB attacks typically start by installing Trojan malware on the computer.

True

MITB software resides exclusively within the web browser, making it difficult for anti-malware software to detect it.

True

The first step to defending against Internet-based attacks is to secure the device.

True

HTTP uses secure cryptographic protocols to transfer data.

False

Before installing a new browser extension, users should check to see if it is already available in the browser.

True

Restricting attachments is an important email defense.

True

Spam filters can be implemented at the user's computer or at the corporate level.

True

A trusted document will open without a warning.

True

Checking for unusual activity is a web email security consideration.

True

JavaScript scripts are activated when reading messages in a reading pane.

False

Hyperlinks to images or sounds are considered a safe way to view content.

False

Verifying general settings is a web email security consideration.

True

Study Notes

Security Awareness, Module 4: Internet Security

• The Internet is a global network connecting devices for information exchange.
• It's an international computer network, not owned by any single entity.
• The World Wide Web (WWW) and email are the primary Internet tools.

Module Objectives

• Explain how the World Wide Web and email function.
• Identify risks associated with using a browser and email.
• Explain threats from web servers and transmissions.
• Describe securing a web browser.
• List email defenses.

How the Internet Works

• A global computer network allowing information exchange.
• Not owned by a single government or entity.
• Composed of interacting computer networks.

The World Wide Web (WWW)

• Better known as the web.
• Uses internet server computers to provide online information in a specific format (HTML).
• Hypertext Markup Language (HTML) combines text, images, audio, video, and hyperlinks to connect different parts of the web.
• HTML code forms web pages, which together make up a website.

The World Wide Web (1 of 5)

• Displays words, pictures, and other elements on a user's screen.
• Uses Hypertext Transport Protocol (HTTP) standards for server-client communication and data distribution.
• HTTP is part of Transmission Control Protocol/Internet Protocol (TCP/IP) standards. Data is sent to users' computers before being displayed by a browser.

The World Wide Web (2 of 5)

• Everyday online interactions involving websites, learning platforms, textbooks and digital tools.

The World Wide Web (3 of 5)

• HTML is interpreted by software on your device called a web browser.
• Includes web standards and protocols such as HTTP.
• The HTTP protocol transfers complete web documents to the user's computer in one piece, then the browser assembles them on the screen.

The World Wide Web (4 of 5)

• The WWW consists of computers that provide online information.
• The WWW works using specific standards so that devices can understand how to communicate.

The World Wide Web (5 of 5)

• Illustrated diagram showing the sequence of events in viewing a webpage.
• Includes steps from user input, request, transmission, and webpage display.

Email (1 of 6)

• The first email in 1971 by Ray Tomlinson.
• Over 400 billion emails are sent daily.
• Approximately 15% of emails are considered legitimate.
• Email communications involve two basic components:
  • Mail User Agent (MUA)
    • Software used to send and receive emails from devices like Outlook or Gmail.
  • Mail Transfer Agent (MTA)
    • Software that receives email messages from senders and delivers them to the recipient

Email (2 of 6)

• Two email protocols are TCP/IP protocols: - Simple Mail Transfer Protocol (SMTP) for outgoing mail. - Post Office Protocol (POP or POP3) for incoming mail.

Email (3 of 6)

• Email exists in an email server
• A recent email systems is IMAP
• Email data remains in the email server
• Users can organize emails into folders from any device

Email (4 of 6)

• Shown an example of an email header.
• Includes details about mail routing and transmission.

Email (5 of 6)

• Email headers contain analysis of email by MTA.
• Email attachments are encoded in special formats during transmission and conversion. The receiving computer reformats the attachment to its original format.

Email (6 of 6)

• Table with abbreviations and categories associated with Microsoft Office 365 email analysis.

Internet Security Risks

• User device threats (browsers, email).
• Threats from web servers (malvertising, drive-by downloads, XSS, CSRF).
• Transmission risks (man-in-the-middle, session replay, man-in-the-browser).

User Device Threats (1 of 13)

• Web pages changed over the years
• In the early days, web pages showed the same content.
• Now pages can change (animations, customized info.)

User Device Threats (2 of 13)

• Dynamic web content requires specific programming tools.
• Scripting code (e.g., JavaScript, PowerShell) and extensions provide this function.

User Device Threats (3 of 13)

• JavaScript embedded in HTML documents.
• JavaScript interacts with the Document Object Model (DOM).
• Interaction with scripting languages can occur with web pages already on the computer.
• Malicious content can be downloaded.
• Malicious scripts can cause harm without user knowledge or approval.

User Device Threats (4 of 13)

• PowerShell, a task automation framework for operating systems, is used for many admin tasks.
• PowerShell provides full system access that can be used for malware attack.

User Device Threats (5 of 13)

• Extensions expand browser capabilities.
• Usually written in JavaScript
• Have wider access privileges
• Can be unsafe and used for attack

User Device Threats (6 of 13)

• Plug-ins were popular for custom features (music, videos).
• Almost all modern browsers do not support these automatically due to security risks.

User Device Threats (7 of 13)

• Email malicious attachments
• The attacks are spread via Microsoft Office files with a macro.
• The macro is part of the file that runs the malicious actions

User Device Threats (8 of 13)

• Email malicious attachments
• The attacks are spread via Microsoft Office files with a macro.
• The macro is part of the file that runs the malicious actions

User Device Threats (9 of 13)

• Macros are commonly written using Visual Basic for Applications (VBA) and are built into many Microsoft Office applications.
• VBA scripts can adjust toolbars, menus, and forms, and dialog boxes.
• It is the most common cause for Office malware.

User Device Threats (10 of 13)

• Embedded hyperlinks are used for shortcut navigation.
• Redirecting to malicious hyperlinks is done by embedding links.
• The embedded links can redirect to harmful locations.

User Device Threats (11 of 13)

• Example of an embedded hyperlink with details about the situation.

User Device Threats (12 of 13)

• Unsolicited email, called spam, occurs in huge volumes.
• Spam is mostly sent through networks of attacker bots.
• The attacks use spam to distribute malicious software.
• Spam filters use keywords and other methods to block spam. Modern methods include image spam which is difficult to detect.

User Device Threats (13 of 13)

• Image spam example
• Shows an example of an image spam message.

Threats from Web Servers (1 of 7)

• Web servers provide content but pose risks.
• Risks include malvertising, drive-by downloads, XSS, and CSRF.

Threats from Web Servers (2 of 7)

• Attackers use reputable websites (e.g., major news organization) for advertisements which can hide malware.

Threats from Web Servers (3 of 7)

• Drive-by downloads infect users' computers through websites.
• Malicious content is embedded into normal websites.

Threats from Web Servers (4 of 7)

• Cross-site scripting (XSS) is an attack which involves inserting script on a legitimate site that is sent to the user.
• Websites with user input must validate data correctly to stop XSS attacks.

Threats from Web Servers (5 of 7)

• Screenshot of a typical web form.

Threats from Web Servers (6 of 7)

• Cross-site request forgery (CSRF) attacks utilize user data to perform actions in a legitimate site without user knowledge.

Threats from Web Servers (7 of 7)

• Diagram demonstrating the stages of a CSRF attack where user data is stolen.

Transmission Risks (1 of 4)

• Attacks can intercept network communications involving multiple parties (e.g., user laptops and web servers).
• Attacks use session replay and man-in-the-middle (MITM) tools.

Transmission Risks (2 of 4)

• MITM attacks can eavesdrop or impersonate one party in a communication.
• Attackers position themselves in the middle of communication to intercept and steal data.

Transmission Risks (3 of 4)

• Session Replay involves copying and replaying valid communications later.
• Session replay attacks use session IDs to impersonate the user in a site.

Transmission Risks (4 of 4)

• Man-in-the-browser (MITB) attacks focus on computer browsers.
• The attacks can manipulate data between the browser and the computer.

Internet Defenses

• Protecting devices is crucial for defending against internet attacks
• Managing security settings and employing anti-malware programs is essential. Data backups are also important.

Securing the Web Browser (1 of 9)

• Modern web browsers offer security features for users.
• Security-related indicators, settings, and managing browser extensions provide protection.

Securing the Web Browser (2 of 9)

• Security indicators such as padlocks show that a connection is secure.

Securing the Web Browser (3 of 9)

• Legacy web browsers used a green padlock to indicate security.
• Modern browsers may show a warning indicator of insecure connections to the user.

Securing the Web Browser (4 of 9)

• Secure connections need to be verified.
• Be wary of sites that display warnings.

Securing the Web Browser (5 of 9)

• Important to note the different warnings to understand what they mean.

Securing the Web Browser (6 of 9)

• Security settings in browsers allow customizing settings.
• Recommended to be in the highest security mode.

Securing the Web Browser (7 of 9)

• Diagram demonstrating different security modes in Microsoft Edge.

Securing the Web Browser (8 of 9)

• Diagram showing the security mode indicator in Microsoft Edge

Securing the Web Browser (9 of 9)

• Managing extensions is crucial due to potential threat.
• Minimizing risks involves checking, avoiding unnecessary extensions, using reputable sources, and removing unused extensions.

Email Defenses (1 of 5)

• Email security involves configuring defenses for email protection.
• Restricting attachments, spam filtering, setting security options, and securing attachments.

Email Defenses (2 of 5)

• Attachments can be opened without downloading full versions.
• Preview attachments to reduce risk.
• Microsoft Office has security options to protect from attacks.
• Protected View blocks macros and editing functions which reduces risk.

Email Defenses (3 of 5)

• Email clients can be set up to block spam and block senders, either using a blacklist of known bad sources or a whitelist of known good sources.
• Top level domains and regions can also be blocked.

Email Defenses (4 of 5)

• Email security settings in clients can help prevent attacks.
• Reading messages through a reading panel avoids malicious scripts.
• Blocking external content is important

Email Defenses (5 of 5)

• Important to know about unusual activity in your email accounts.
• Keeping your email security settings up to date is important.

Knowledge Check Activity 4-1

• Two correct statements from the Knowledge Check Activity about JavaScript and Extensions.

Knowledge Check Activity 4-2

• Two correct statements from the Knowledge Check Activity- Device security and extensions check before installation.