Cybersecurity Basics

Questions and Answers

Which scenario best exemplifies the 'privacy paradox'?

• A user expresses strong concerns about online privacy but frequently shares personal details on social media. (correct)
• A user meticulously reads privacy policies before agreeing to them.
• A company implements robust security measures to protect user data.
• A government agency monitors online communications for national security purposes.

What is the primary difference between a 'white hat' and a 'black hat' hacker?

• Black hat hackers are always more skilled than white hat hackers.
• White hat hackers use more sophisticated tools.
• White hat hackers aim to improve security, while black hat hackers seek personal gain or malicious outcomes. (correct)
• Black hat hackers always work for government agencies.

Which of the following best describes an 'attack vector'?

• The specific type of malware used in an attack.
• The psychological manipulation used to trick someone into revealing sensitive information.
• The path or means by which a cybercriminal gains access to a system. (correct)
• The method used to commit a cyberattack that seeks to damage data.

Which type of malware is designed to restrict access to a computer system until a ransom is paid?

Ransomware (A)

An attacker intercepts communication between a user and a bank, capturing login credentials. What type of attack is this?

Man-in-the-Middle (MitM) (C)

A company experiences a cyberattack that exploits a vulnerability that was previously unknown to software vendors. What kind of attack is this?

Zero-day malware attack (C)

Which of the following actions would classify as Shadow IT?

A marketing team using a cloud-based project management tool without IT's approval. (A)

What is the primary function of an Intrusion Prevention System (IPS)?

To take immediate action when a traffic-flow anomaly is detected. (C)

Which type of site offers the most comprehensive recovery option after a disaster?

Hot site (C)

Which of the following is the primary characteristic of a 'worm'?

It replicates itself across networks without needing a host program. (C)

What distinguishes cryptojacking from other forms of malware?

It uses the victim's resources to mine cryptocurrency without their consent. (C)

Why is SQL injection considered a dangerous vulnerability?

It allows attackers to bypass application security measures and gain unauthorized access to databases. (A)

What is the purpose of malware signatures?

To uniquely identify malware, allowing security software to detect and block it. (D)

An attacker floods a network with a high volume of phone calls, preventing legitimate users from accessing the telephone system. What type of attack is this?

Telephony Denial-of-Service (TDoS) (D)

Which of the following best describes the function of a 'rootkit'?

A set of tools that grants an attacker unauthorized control of a computer system while concealing its presence. (C)

What is the primary goal of spamware?

To distribute unsolicited messages to a large number of recipients. (C)

A software vendor releases a 'patch'. What is its purpose?

To fix a known vulnerability in the software. (B)

A Trojan is different from a virus or worm because it:

hides within a seemingly harmless program. (B)

Which type of attack results in a device being permanently inoperable?

PDoS / Phlashing (D)

What does a 'boot record infector' target?

The master boot record of a hard disk. (D)

Flashcards

Privacy Paradox

The difference between stated online privacy concerns and actual online behavior.

Breach of privacy

Unauthorized access or disclosure of personal information.

Cyberattack

An attempt to expose, alter, disable, destroy, steal, or gain unauthorized access.

Cyber security

Protecting information and systems from attack, damage, or unauthorized access.

Cyber threat

Method to commit a cyberattack to damage or steal data or disrupt digital life.

Attack vector

Path a criminal uses to gain access to a computer or network server.

White hat hacker

Security specialist who breaks into systems to test and assess security.

Black hat hacker

Person who exploits vulnerabilities for personal gain.

Gray hat hacker

Violates ethical standards without malicious intent.

Payload

Carries out the purpose of the malware.

Cookie

Small piece of data stored in a user's web browser.

Spamware

Software that broadcasts unsolicited messages to recipients.

Zero-day malware

Accounts for almost 50% of all malware attacks.

Backdoor

Malicious program providing unauthorized remote access to a compromised PC.

Rootkit

Software enabling an attacker to gain control of a computer without detection.

Boot Record Infector

Attaches to the master boot record on a hard disk.

Keylogger

Logs every key pressed on a computer keyboard.

Worm

Self-contained program that replicates across computers and networks.

Trojan

Hides in a useful program to infect a system.

Remote access trojans (RATS)

Creates a backdoor allowing remote control of a system.

Study Notes

• Privacy paradox involves the disconnect between the importance people place on online privacy and their actual online behavior.
• Breach of privacy involves the unauthorized access of personal information.
• Cyberattack involves an attempt to expose, alter, disable, destroy, steal information from a computer system, network, or smart device.
• Cybersecurity involves protecting information and systems used to process and store it from attack, damage, or unauthorized access.
• Cyber threat is a method used to commit a cyberattack, damage data, steal information, or disrupt digital life.
• Attack vector involves the path a computer criminal uses to gain access to deliver a malicious outcome.
• White hat hackers are computer security specialists who break into protected systems and networks to test and assess their security.
• Black hat hacker attempts to find computer security vulnerabilities usually for personal gain.
• Gray hat hacker violates ethical standards without the malicious intent ascribed to black hat hackers.
• Payload carries out the purpose of the malware.
• Cookie is a small piece of data sent from a website and stored in a user's web browser.
• Spamware enables attackers to search, sort, compile email addresses, generate random addresses, insert fake headers, and use multiple mail servers to broadcast unsolicited messages.
• Zero-day malware accounts for almost 50% of all malware attacks.
• Backdoor is difficult to detect malicious computer program to provide an attacker remote access to a compromised PC.
• Rootkit involves a set of software tools that enables an attacker to gain control of a computer system.
• Boot Record Infector attaches to the master boot record loaded into memory when the system starts.
• Keylogger logs every key pressed on a computer keyboard via software or hardware.
• Worm replicates itself across computers and networks.
• Trojan hides in a useful program to infect a system.

Remote Access Trojans (RATS)

• RATS create an unprotected backdoor into a system.
• Hackers can remotely control the system.
• Botnet involves several computers infected with malware.
• Ransomware blocks access to a computer system until a sum of money has been paid.
• Cryptojacking allows cybercriminals to make money by using other people's devices without their consent to secretly siphon off cryptocurrency.
• SQL injection is one of the most dangerous vulnerabilities of a network app, as attackers use it to bypass application security measures.

Man-in-the-Middle (MitM) Attacks

• Session hijacking involves the attacker hijacking a session between the victim and a trusted network server.
• IP Spoofing is where the attacker convinces the victim's system that it communicates with a trusted entity to gain access.
• Replay attack involves intercepting and saving messages to impersonate trusted participants later.

Denial-of-Service (DoS)

• Distributed denial-of-service (DDoS) crashes a network by bombarding it with traffic, denying services to legitimate users.
• Telephony denial-of-service (TDoS) floods a network with phone calls to overwhelm circuits and prevent legitimate callers.
• Permanent denial-of-service (PDoS) or Phlashing prevents the target's system or device from working.
• Shadow/Stealth IT involves using IT-related hardware or software without the IT department's knowledge.
• Time-to-exploitation is the elapsed time between the discovery and exploitation of a vulnerability.
• Patch involves a software program to fix a vulnerability.
• Malware signatures involve a unique value that indicates malicious code.
• Intrusion detection systems (IDS) scans for unusual or suspicious traffic.
• Intrusion Prevention Systems (IPS) takes immediate action whenever a traffic-flow anomaly is detected.
• Hot site has all necessary equipment for immediate recovery from disaster.
• Warm site has a fully equipped data center, but no data.
• Cold site provides office space, but requires the customer to provide and install equipment.