Cybersecurity: Phishing and Malware Types

Questions and Answers

What is the primary purpose of Hypertext Markup Language (HTML)?

Enabling server communication

Styling web pages

Providing real-time features

Creating and structuring web pages and applications (correct)

Which version of CSS introduces features like Flexbox and Grid Layout?

CSS4

CSS3 (correct)

CSS2

CSS1

What standard specifies the use of JavaScript?

JSON

HTML5

W3C

ECMAScript (correct)

Which protocol is used for transferring data over the web?

HTTP (Hypertext Transfer Protocol)

Which protocol provides full-duplex communication over a single TCP connection?

WebSocket

What is the latest version of HTML known as?

HTML5

What does WebAssembly primarily enable?

High-performance applications on the web

Which version of HTTP focuses on improving performance and security?

HTTP/3

Which type of cyber attack involves tricking individuals into providing sensitive information?

Phishing

What distinguishes a Trojan horse from a virus?

Trojans disguise themselves as legitimate software.

In which scenario does pharming primarily occur?

Redirecting to fraudulent websites without user knowledge.

Which of the following is a characteristic of spoofing?

It disguises the communication origin.

What is a common method through which phishing attacks are conducted?

Email communication

Which of the following is NOT considered a security risk as mentioned?

Firewall

What is the main goal of a botnet?

To perform distributed denial of service attacks.

What distinguishes a virus from a worm?

A virus attaches to legitimate files, while a worm does not.

What effect can data loss have on a company's operations?

It can result in delays in delivering services or products.

How can loss of data impact customer relationships?

It can damage a company’s reputation.

What is a potential legal consequence of losing sensitive data?

Legal repercussions and fines.

What is a critical outcome of losing proprietary data?

Loss of competitive advantage.

What type of data loss can significantly harm a company's intellectual property?

Research and development data.

What is typically a significant cost associated with data loss?

Data recovery costs.

How might data loss affect employee productivity?

It can lead to decreased productivity during recovery efforts.

Which of the following is NOT a consequence of data loss?

Increased customer loyalty.

Which of the following is a consequence of data loss for businesses?

Financial loss due to recovery costs

What does OAuth primarily facilitate in technology?

Token-based authentication and authorization

Which of the following is NOT considered a security risk mentioned?

Data loss

What is the primary purpose of WAI-ARIA?

To improve the accessibility of web applications

What characteristic defines SVG as an image format?

It is scalable without loss of quality

Which of the following best describes JSON?

Lightweight data interchange format

Which organization is NOT involved in developing web standards mentioned?

ISO

What type of malware is a Trojan Horse classified as?

Deceptively harmful

What defines a bot in the context of the internet?

A software application that performs automated tasks.

Which of the following is NOT a risk associated with malicious bots?

Website optimization

What is a primary characteristic that distinguishes worms from viruses?

Worms replicate themselves independently.

Which of the following is an example of cyber vandalism?

Unauthorized alteration of a website's appearance.

What constitutes spam in the context of internet security?

Unwanted or harmful messages sent via email or social media.

What is a common concern related to bots that scrape personal data?

Violation of user privacy.

Which of the following describes a DoS attack?

An attack that makes a system unavailable to its intended users.

Which term best describes the act of changing or corrupting data to make it unusable?

Data tampering

Study Notes

Security Risks

• Phishing: Attackers trick individuals into providing sensitive information by impersonating a trustworthy entity. Typically happens through email but can also occur on social media, phone calls, or text messages
• Pharming: Redirects users from legitimate to fraudulent websites without their knowledge. Can result in the theft of sensitive information like login credentials or personal data
• Spoofing: Falsifying the origin of communication or data to deceive or impersonate another entity. Impacts network security, email, and other forms of digital communication.

Types of Malware

• Virus: A type of malicious software that attaches itself to legitimate files or programs and spreads to other files or systems when the infected file is executed.
• Trojan Horse (Trojan): Disguises itself as a legitimate program to trick users into installing it. Unlike viruses or worms, it doesn’t self-replicate and relies on user interaction to spread.
• Worm: A type of malicious software that replicates itself to spread to other computers and networks. It doesn't require a host file or user intervention to propagate.

Other Security Risks

• DoS (Denial of Service): An attack that attempts to make a computer or network unavailable to legitimate users.
• Botnet: A network of compromised computers controlled by an attacker that can be used to launch attacks or distribute malware.
• Spam: Unwanted junk email.
• Cyber Vandalism: Deliberate and malicious alteration, destruction, or defacement of digital information or resources. Includes:
  • Website Defacement: Changing the appearance of a website to display unauthorized content.
  • Data Tampering: Modifying or corrupting data to make it unusable.
  • Destruction: Deleting or rendering digital resources inaccessible.

Data Loss Consequences

• Financial Loss: Can result in significant financial repercussions, including loss of revenue, legal costs, and expenses related to data recovery.
• Operational Disruption: Can disrupt normal business operations, leading to decreased productivity, delays in delivering services or products.
• Reputation Damage: Can damage a company’s reputation, leading to loss of customer trust and confidence.
• Legal and Regulatory Consequences: Depending on the nature of the data, there could be legal and regulatory repercussions, including fines and penalties for non-compliance with data protection laws.
• Loss of Competitive Advantage: Data can be a critical asset for businesses. Losing proprietary or strategic data can lead to a loss of competitive advantage and hinder business growth.
• Intellectual Property Loss: Can result in the loss of valuable intellectual property, such as research and development data, designs, or proprietary algorithms.
• Data Recovery Costs: The process of recovering lost data can be expensive, especially if it involves specialized recovery services or technology.
• Decreased Productivity: Individuals and organizations may experience decreased productivity while trying to recover lost data or recreate it from scratch.

Bots (Robots)

• Bots: A software application that performs automated tasks over the internet. Bots can be used for a wide range of purposes, both legitimate and malicious
• Risks and Concerns:
  • Security Risks: Malicious bots can be used for attacks like credential stuffing, data scraping, or spreading malware.
  • Spam: Bots can flood social media or email systems with unwanted or harmful messages.
  • Privacy Issues: Bots might scrape personal data or interact with users in ways that raise privacy concerns.

Description

This quiz covers essential security risks including phishing, pharming, and spoofing. Additionally, it explores various types of malware such as viruses and Trojans. Test your knowledge on identifying and understanding these critical cybersecurity threats.