Cookies and User History

Questions and Answers

Which type of cookie remains on your computer even after you close your web browser?

• First-party Cookie
• Third-party Cookie
• Session Cookie
• Persistent Cookie (correct)

A user searches 'best hiking trails near me' on Google. How might Google utilize this information?

• To block the user from accessing hiking-related websites.
• To share the user's location with third-party advertisers.
• To refine future search suggestions and show relevant ads. (correct)
• To permanently delete the user's search history.

Which of the following is the primary method by which cell towers determine the location of a mobile device?

• IP Address Tracking
• Geolocation
• Triangulation (correct)
• Trilateration

What information is recorded and stored locally on a user's computer by their web browser?

Browser history (D)

Which cyber attack involves deceiving users into divulging sensitive information through deceptive emails or messages?

Phishing Attack (C)

A restaurant review website asks for permission to access your location. Which technology would enable this functionality?

Geolocation (B)

Which type of cookie is most likely used to track a user's browsing activity across multiple, unrelated websites?

Third-party Cookies (C)

What is the key characteristic of session cookies that distinguishes them from persistent cookies?

They expire when the browser is closed. (C)

Which of the following scenarios best describes an 'Evil Twin' attack?

An attacker sets up a fake Wi-Fi hotspot that mimics a legitimate one to steal user credentials. (D)

A company suspects a rogue access point is operating within its network. What is the MOST critical initial step to confirm and address this security concern?

Conduct a wireless network scan to identify unauthorized access points. (C)

Which type of malware is known for encrypting a user's files and demanding a ransom payment for the decryption key?

Ransomware (C)

What is the primary difference between a virus and a Trojan?

A virus self-replicates and infects files, while a Trojan is disguised as legitimate software to execute malicious code. (D)

Why is encryption essential for secure online communication?

It prevents unauthorized access to transmitted data. (A)

In asymmetric encryption, what is the purpose of the private key?

To decrypt messages that were encrypted with the corresponding public key. (C)

What is the main drawback of symmetric encryption compared to asymmetric encryption?

Symmetric encryption requires a secure method to exchange the encryption key. (D)

Which of the following is a characteristic of the Caesar cipher?

It shifts each letter in the plaintext by a fixed number of positions. (B)

In a public key encryption system, Alice wants to send a confidential message to Bob. What key should Alice use to encrypt the message?

Bob's public key (D)

An employee receives an email urging them to click a link to update their password immediately. What security principle should raise the MOST suspicion?

The email creates a sense of urgency. (B)

Flashcards

Cookies

Small pieces of data allowing websites to personalize user experiences.

Session Cookies

Temporary cookies that expire when you close your browser.

Persistent Cookies

Stored on your device for a set period, remembering your login details.

Third-party Cookies

Placed by external websites to track users across different sites.

User History

Record of actions and interactions on a specific website or platform.

Search History

Record of all searches made through a search engine or app.

Geolocation

Identifying the physical location of a device using data like GPS or IP address.

Phishing Attacks

Cyber attacks tricking users into giving up sensitive information.

Phishing

Urgent messages trick victims into revealing sensitive information.

Rogue Access Point

An unauthorized Wi-Fi access point used by attackers to steal data.

Evil Twin Attack

Creating a fake access point to imitate a legitimate one.

Malware

Malicious software designed to damage or gain access to systems.

Virus

A type of malware that attaches to files and replicates itself.

Ransomware

Malware that encrypts files and demands a ransom for decryption.

Symmetric Encryption

Encryption using the same key for both encryption and decryption.

Asymmetric Encryption

Uses a public and a private key for securing messages.

Cipher

A method for encrypting or decrypting information.

Public Key Encryption

A method where a public key encrypts and a private key decrypts.

Study Notes

Cookies

• Cookies are small data pieces websites use to personalize information for users.
• Upon login, websites using cookies store the user's login information.
• Types of Cookies:
  • Session Cookies: Temporary cookies that vanish after the browser closes.
  • Persistent Cookies: Remain on the device for a defined time, even after closing the browser; used for storing login details.
  • Third-Party Cookies: Set by external websites (e.g., advertisers) to track user activity across various sites.

User History

• User history documents a user's actions on a website or platform.
• This includes pages viewed, forms filled out, and items clicked, stored on the site's server.

Search History

• Search history records all user searches on search engines or within apps/websites.
• Search engines (e.g., Google) store this history to suggest future searches and display relevant ads.
• For example, searching "best laptop 2024" will be saved within your search history.

Browser History

• Browser history maintains a record of visited websites and pages.
• Browsers (e.g., Chrome, Firefox, Safari) store this history locally on the device.

Geolocation

• Geolocation identifies a device's (and therefore the user's) physical location using GPS, IP address, or Wi-Fi signals.
• Websites and apps use geolocation for location-based services, like map and navigation, restaurant recommendations, and social media check-ins.
• How Geolocation Works:
  • Trilateration: Uses signals from multiple satellites or cell towers to pinpoint a device's location. The precise location is the center point of these signals.
  • Triangulation: Uses angles and distances from at least three cell towers to determine a device's position.

Cyber Attacks

• Phishing Attacks: Tricking users into revealing sensitive information.
  • Attackers impersonate trusted organizations (e.g., banks, social media) in emails or messages.
  • These messages often pressure victims to click links, open attachments, or provide personal information.
  • Fake websites mirror legitimate ones, luring users into unknowingly entering their sensitive data.
• Rogue Access Points: Unauthorized wireless access points (intentionally or unintentionally created).
  • Criminals utilize rogue access points to steal data.
  • When connected, hackers can monitor user traffic and data, potentially introducing malware.
  • Evil Twin Attacks: Attackers create rogue access points that mimic legitimate access points in public spaces.
  • In corporate settings, internal or external attackers might set up rogue access points to circumvent security measures.

Computer Malware

• Malware (malicious software) is software designed to damage, disrupt, or gain unauthorized access to computer systems or networks.
• How Malware Works:
  • Malware spreads via infected downloads, email attachments, malicious websites, or external devices.
  • Once installed, malware can steal data, encrypt files, track user activity, or corrupt files.
• Types of Malware:
  • Virus: Attaches to files, replicates, and spreads to other files.
  • Ransomware: Encrypts files and demands payment for decryption.
  • Trojan: Disguises itself as legitimate software, then steals data or installs additional malware.
  • Spyware: Secretly monitors and collects information from a user's device, such as keystrokes.

Encryption

• Encryption: Converting data into an unreadable format for protection.
• Decryption: The reverse process of converting ciphertext back to readable plaintext.
• Why Encryption Is Needed:
  • Protects data from unauthorized access.
  • Ensures confidentiality.
• Encryption Methods:
  • Caesar Cipher: Simple encryption where each letter is shifted by a fixed number.
  • Vigenère Cipher: More complex cipher using a keyword to shift each letter differently.
• Symmetric Encryption: Uses the same key for encryption and decryption, requiring secure key sharing.
• Asymmetric Encryption: Uses two keys (public and private) for encryption and decryption; public keys are shared openly, and private keys are kept secret. This method is better for secure communication with unknown parties.
• How Public Key Encryption Works:
  • Key Generation: Users generate a pair of public and private keys.
  • Encryption: The sender uses the recipient's public key to encrypt the message.
  • Transmission: The encrypted message is sent across the network. It’s unreadable without the recipient's private key.
  • Decryption: The recipient uses their private key to decrypt the message.