Podcast
Questions and Answers
Which of the following is a technique used to gain unauthorized access to computers by forging or modifying source IP addresses?
Which of the following is a technique used to gain unauthorized access to computers by forging or modifying source IP addresses?
What is a rainbow table used for?
What is a rainbow table used for?
Which of the following is a type of malicious software that can replicate itself and spread to other computers?
Which of the following is a type of malicious software that can replicate itself and spread to other computers?
What is a Trojan horse in the context of cybersecurity?
What is a Trojan horse in the context of cybersecurity?
Signup and view all the answers
Which of the following is a technique that involves systematically trying every possible combination of characters to guess a password or encryption key?
Which of the following is a technique that involves systematically trying every possible combination of characters to guess a password or encryption key?
Signup and view all the answers
What type of phishing attack is specifically targeted at high-profile individuals or organizations?
What type of phishing attack is specifically targeted at high-profile individuals or organizations?
Signup and view all the answers
Which of the following is a type of malicious software that can be used to create a backdoor in a computer system?
Which of the following is a type of malicious software that can be used to create a backdoor in a computer system?
Signup and view all the answers
What is the purpose of using a rainbow table in a password cracking attack?
What is the purpose of using a rainbow table in a password cracking attack?
Signup and view all the answers
Which of the following is a type of attack that involves sending a large number of requests to a computer system in an attempt to overload it and cause a denial of service?
Which of the following is a type of attack that involves sending a large number of requests to a computer system in an attempt to overload it and cause a denial of service?
Signup and view all the answers
What is the primary purpose of a Trojan horse in the context of cybersecurity?
What is the primary purpose of a Trojan horse in the context of cybersecurity?
Signup and view all the answers
Study Notes
Types of Cyber Attacks
- Brute Force: guessing a password by attempting every possible combination of characters and numbers
- Trojan: hides its true nature and reveals its designed behavior only when activated
- Virus: malware that replicates and propagates itself to multiple systems, attached to other executable programs
- Worm: capable of activation and replication without being attached to an existing program
- Advanced Fee Fraud: conducted via e-mail, recipient is due an exorbitant amount of money and needs only a small advance fee or personal banking information to facilitate the transfer
Cyber Security Threats
- Vulnerability: weakness in an asset or its defensive control system(s)
- Malware: designed to perform malicious or unwanted actions
- Human Error or Failure: accidents, employee mistakes, and social engineering
- Social Engineering: using social skills to convince people to reveal access credentials or other valuable information to an attacker
Tools and Techniques
- Packet Sniffer: software program or hardware appliance that can intercept, copy, and interpret network traffic
- Man in the Middle: group of attacks whereby a person intercepts a communications stream and inserts himself in the conversation
- Jailbreaking: escalating privileges to gain administrator-level or root access control over a smartphone operating system
- Exploit: technique used to compromise a system
Cyber Crime and Warfare
- Cyberactivist: seeks to interfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency
- Cyberwarfare: seeks to interfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency
- Cyberterrorist: attacks systems to conduct terrorist activities via networks or Internet pathways
- Software Piracy: unauthorized duplication, installation, or distribution of copyrighted computer software
Information Security
- Ethics: considers nature, criteria, sources, logic, and the validity of moral judgment
- Laws: mandate or prohibit certain behavior and are enforced by the state
- Asset: organizational resource that is being protected
- Liabilities: entity’s legal obligation or responsibility
Planning and Management
- Strategic Planning: sets the long-term direction to be taken by the organization and each of its component parts
- Operational Planning: organize the ongoing, day-to-day performance of tasks
- Tactical Planning: focuses on short-term undertakings that will be completed within one or two years
- Crisis Management: actions taken during and after a disaster
- Disaster Recovery Planning: process of preparing an organization to handle a disaster and recover from it, whether the disaster is natural or man-made
- Business Continuity Planning: reestablish or relocate critical business operations during a disaster that affects operations at the primary site
Standards and Policies
- De facto standard: widely adopted or accepted by a public group rather than a formal standards organization
- De jure standard: formally evaluated, approved, and ratified by a formal standards organization
- Enterprise Information Security Policy (EISP): high-level information security policy that sets the strategic direction, scope, and tone for all of an organization’s security efforts
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge on common cybersecurity threats including brute force attacks, trojans, viruses, worms, and advanced fee fraud schemes.
