Computer Fraud and Abuse Techniques
38 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is piggybacking in the context of physical security?

  • Tapping into a communications line and electronically latching onto a legitimate user
  • Penetrating a system's defenses, stealing the file containing valid passwords
  • An unauthorized person following an authorized person through a secure door (correct)
  • Using a small device with storage capacity to download unauthorized data
  • What is the primary goal of password cracking?

  • To steal the file containing valid passwords and decrypt them (correct)
  • To exchange sexually explicit text messages and revealing pictures
  • To harm computers and disrupt electronic systems
  • To disrupt electronic commerce and communications
  • What is war dialing?

  • Using a small device with storage capacity to download unauthorized data
  • Programming a computer to dial thousands of phone lines searching for dial-up modem lines (correct)
  • Tapping into a communications line and electronically latching onto a legitimate user
  • Changing data before or during entry into a computer system
  • What is data diddling?

    <p>Changing data before or during entry into a computer system</p> Signup and view all the answers

    What is cyber-bullying?

    <p>Using the Internet, cell phones, or other communication technologies to support deliberate, repeated, and hostile behavior</p> Signup and view all the answers

    What is podslurping?

    <p>Using a small device with storage capacity to download unauthorized data</p> Signup and view all the answers

    What is internet terrorism?

    <p>Using the Internet to disrupt electronic commerce and communications and to harm computers</p> Signup and view all the answers

    What is sexting?

    <p>Exchanging sexually explicit text messages and revealing pictures</p> Signup and view all the answers

    What does a rootkit conceal from the operating system?

    <p>Processes, files, network connections, and memory addresses</p> Signup and view all the answers

    What is superzapping?

    <p>The unauthorized use of special system programs to bypass regular system controls</p> Signup and view all the answers

    What is a characteristic that distinguishes a worm from a virus?

    <p>A worm is a standalone program that replicates itself</p> Signup and view all the answers

    What is the main difference between a worm and a virus in terms of replication?

    <p>A virus requires human interaction to replicate, while a worm does not</p> Signup and view all the answers

    What is bluesnarfing?

    <p>Stealing contact lists, images, and other data using flaws in Bluetooth applications</p> Signup and view all the answers

    What is bluebugging?

    <p>Taking control of someone else’s phone to make or listen to calls, send or read text messages, connect to the Internet, forward the victim’s calls, and call numbers that charge fees</p> Signup and view all the answers

    Which of the following best defines hacking?

    <p>Unauthorized access, modification, or use of an electronic device or some element of a computer system</p> Signup and view all the answers

    What is the main goal of a ransomware attack?

    <p>To hold data hostage until the victim pays a ransom</p> Signup and view all the answers

    What does the term 'botnet' refer to?

    <p>A network of hijacked computers used to attack systems or spread malware</p> Signup and view all the answers

    What is hijacking in the context of computer systems?

    <p>Gaining control of a computer to carry out illicit activities without the user’s knowledge</p> Signup and view all the answers

    What is a bot herder?

    <p>An individual who installs software that responds to a hacker’s instructions on unwitting PCs</p> Signup and view all the answers

    What does spamming involve?

    <p>Simultaneously sending the same unsolicited message to many people, often to sell something</p> Signup and view all the answers

    What is email spoofing?

    <p>Making an email appear as though it originated from a different source</p> Signup and view all the answers

    What is a Denial-of-Service (DoS) attack designed to do?

    <p>Make a resource unavailable to its users</p> Signup and view all the answers

    What is Internet Auction Fraud?

    <p>Using an Internet auction site to defraud another person.</p> Signup and view all the answers

    What does web cramming involve?

    <p>Offering a free website for a month and then charging the phone bill without consent.</p> Signup and view all the answers

    Which of the following best describes software piracy?

    <p>Unauthorized copying or distribution of copyrighted software.</p> Signup and view all the answers

    What does social engineering typically aim to achieve?

    <p>Gaining physical or logical access to confidential data.</p> Signup and view all the answers

    What is pretexting in social engineering?

    <p>Using an invented scenario to obtain information.</p> Signup and view all the answers

    Which technique involves assuming someone's identity for economic gain?

    <p>Identity theft</p> Signup and view all the answers

    What is posing in the context of social engineering techniques?

    <p>Creating a seemingly legitimate business to collect personal information.</p> Signup and view all the answers

    Which of the following is NOT a method of social engineering mentioned?

    <p>Software piracy</p> Signup and view all the answers

    What is the primary goal of phishing?

    <p>To send a fake electronic message claiming to be from a legitimate company</p> Signup and view all the answers

    How does vishing differ from phishing?

    <p>It involves entering confidential data by phone</p> Signup and view all the answers

    What does carding involve?

    <p>Testing stolen credit cards with small purchases</p> Signup and view all the answers

    What is pharming?

    <p>Redirecting website traffic to a spoofed website</p> Signup and view all the answers

    What does typosquatting aim to achieve?

    <p>Redirecting traffic to an invalid site due to typographical errors</p> Signup and view all the answers

    What technique involves looking over someone's shoulder in a public place to obtain information?

    <p>Shoulder Surfing</p> Signup and view all the answers

    How does Lebanese Looping trick ATM users?

    <p>Preventing the ATM from ejecting the card</p> Signup and view all the answers

    What is the goal of skimming?

    <p>Secretly recording credit card data using a card reader</p> Signup and view all the answers

    Study Notes

    Computer Fraud and Abuse

    • Cyberattack: A shutdown of a top US pipeline, Colonial Pipeline, was forced after a ransomware attack, where criminal groups hold data hostage until the victim pays a ransom.

    Hacking

    • Hacking: Unauthorized access, modification, or use of an electronic device or computer system.
    • Common passwords: Weak passwords, such as "senha" (a Portuguese word meaning "password"), can be easily exploited.

    Malware

    • Types of malware:
      • Ransomware: Holds data hostage until the victim pays a ransom.
      • Virus: A self-replicating, executable code that attaches itself to a file or program.
      • Worm: A self-replicating computer program similar to a virus, but with some exceptions (e.g., a virus requires human interaction, whereas a worm does not).
    • Rootkit: Conceals processes, files, network connections, memory addresses, systems utility programs, and system data from the operating system and other programs.

    Social Engineering

    • Techniques: Used to gain physical or logical access to a building, computer, server, or network.
      • Identity theft: Assuming someone's identity, usually for economic gain, by illegally obtaining and using confidential information.
      • Pretexting: Using an invented scenario to increase the likelihood that a victim will divulge information or do something.
      • Posing: Creating a seemingly legitimate business to collect personal information while making a sale.
      • Phishing: Sending an electronic message pretending to be a legitimate company, requesting information or verification of information.

    Cybercrime

    • Types of cybercrime:
      • Hijacking: Gaining control of a computer to carry out illicit activities without the user's knowledge.
      • Botnet: A powerful network of hijacked computers, used to attack systems or spread malware.
      • Spamming: Simultaneously sending unsolicited messages to many people at the same time.
      • Spoofing: Making an electronic communication look as if someone else sent it to gain the trust of the recipient.
      • Piggybacking: Unauthorized person following an authorized person through a secure door, bypassing physical security controls.
      • Password cracking: Penetrating a system's defenses, stealing the file containing valid passwords, decrypting them, and using them to gain access to programs, files, and data.
      • War dialing: Programming a computer to dial thousands of phone lines searching for dial-up modem lines.
      • Phreaking: Attacking phone systems.
      • Data diddling: Changing data before or during entry into a computer system.
      • Data leakage: Unauthorized copying of company data.
      • Podslurping: Using a small device with storage capacity to download unauthorized data.
      • Cyber-extortion: Threatening to harm a company or person if a specified amount of money is not paid.
      • Cyber-bullying: Using the Internet, cell phones, or other communication technologies to support deliberate, repeated, and hostile behavior that torments, threatens, harasses, humiliates, embarrasses, or otherwise harms another person.
      • Sexting: Exchanging sexually explicit text messages and revealing pictures.
      • Internet terrorism: Using the Internet to disrupt electronic commerce and communications and to harm computers.

    Other Cyber Threats

    • Internet misinformation (fake news): Using the Internet to spread false or misleading information.
    • Internet auction fraud: Using an Internet auction site to defraud another person.
    • Web cramming: Offering a free website for a month, developing a worthless website, and charging the phone bill of the people who accept the offer for months.
    • Software piracy: Unauthorized copying or distribution of copyrighted software.
    • Bluesnarfing: Stealing contact lists, images, and other data using flaws in Bluetooth applications.
    • Bluebugging: Taking control of someone else's phone to make or listen to calls, send or read text messages, connect to the Internet, forward the victim's calls, and call numbers that charge fees.
    • Carding: Activities performed on stolen credit cards, including making a small online purchase to determine whether the card is still valid and buying and selling stolen credit card numbers.
    • Pharming: Redirecting website traffic to a spoofed website.
    • Typosquatting or URL hijacking: Setting up similarly named websites so that users making typographical errors when entering a website name are sent to an invalid site.
    • Tabnapping: Secretly changing an already open browser tab.
    • Scavenging/Dumpster diving: Searching documents and records to gain access to confidential information.
    • Shoulder surfing: Looking over a person's shoulder in a public place to get information such as ATM PIN numbers or user IDs and passwords.
    • Lebanese Looping: Inserting a sleeve into an ATM that prevents the ATM from ejecting the card, and then tricking the victim into entering their PIN again.
    • Skimming: Double-swiping a credit card in a legitimate terminal or covertly swiping a credit card in a small, hidden, handheld card reader that records credit card data for later use.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    This quiz covers the basics of computer fraud and abuse techniques, including social engineering tactics and cyber crime investigation. Learn how to identify and defend against cyber attacks and bring perpetrators to justice.

    More Like This

    Use Quizgecko on...
    Browser
    Browser