160 Questions
Why is it easy for an insider attacker to steal sensitive information?
Because their role is not reflected in the IT policies after being fired or reassigned
What is the purpose of an internal intrusion detection system (IDS) in an organization?
To detect and prevent insider attacks
What is the result of a cyber attack on an organization?
Both financial loss and loss of reputation
How can external attacks be traced?
By analyzing firewall logs
What type of attack is performed by amateur attackers?
Unstructured attack
What is the characteristic of a structured attack?
It is performed by highly skilled and experienced attackers
Why do unstructured attacks occur?
To test a tool available over the internet
What is the main difference between an insider attack and an external attack?
The location of the attacker
What type of individuals usually perform sophisticated cyber attacks?
Professional criminals
What motivates people to commit cyber crimes for quick and easy money?
Financial gain
What is the primary reason why cyber crimes are on the rise?
Low-risk and high-reward business
What type of cyber crime is motivated by revenge?
Cyber terrorism
Why do some individuals commit cyber crimes just for fun?
To test their skills
What motivates some individuals to commit cyber crimes for recognition?
To prove their skills
What is a major factor that motivates individuals to commit cyber crimes?
Anonymity in cyber space
What is the primary goal of hacking?
To gather information on users and steal data
What is the result of a URL injection attack?
Visitors are forced to participate in a DDoS attack
Why do some individuals commit cyber crimes despite being respectable citizens?
Strong sense of anonymity
What is cross-site scripting (XSS) used for?
To inject malicious code into trustworthy web pages
What is a traditional view of hackers?
A lone rogue programmer highly skilled in coding
What can a malicious hacker do due to weaknesses in IT infrastructure?
Do a URL injection attack
What is the common association of hacking with illegal activity?
Data theft and corruption
What can be the result of a visitor's action on a webpage infected with XSS?
The visitor's device is infected with malware
What devices can be misused by hackers?
Computers, smart phones, tablets, and networks
What is the common way spywares are downloaded into a host computer?
While downloading freeware from the internet
What is the primary function of a keylogger-type spyware?
To sniff banking passwords and sensitive information
What is the main difference between a virus and a worm?
A virus requires human intervention, while a worm does not
How do Trojan horses typically spread to a host computer?
By pretending to be a useful software or file
What is the primary characteristic of a worm?
It can replicate itself without human intervention
What is the effect of a worm on a network?
It consumes the network resources like space and bandwidth
What is the primary function of a virus?
To replicate itself and occupy memory space on the host computer
What is required to activate a virus in a host computer?
Human intervention through executing the executable file
What is the primary goal of an IP address spoofing attack in a DoS attack?
To overwhelm the target with network traffic
What is the purpose of ARP in a LAN?
To resolve an IP address to its physical MAC address
What is the result of a successful ARP spoofing attack?
The attacker can steal or modify data meant for the legitimate IP address owner
What is the main difference between IP address spoofing and ARP spoofing attacks?
IP address spoofing targets IP addresses, while ARP spoofing targets MAC addresses
What is the common use of IP address spoofing attacks?
To overwhelm a target with network traffic
What is the purpose of an attacker in an ARP spoofing attack?
To sniff private traffic between two hosts
What is the target of an IP address spoofing attack?
An IP address
What is the goal of an attacker in spoofing a computer or device's IP address?
To gain access to a network that authenticates users based on their IP address
What is the primary goal of a Trojan horse?
To create a backdoor in the host computer
What is the main difference between a rootkit and other types of malware?
Rootkits target the BIOS layer
What is the primary goal of ransomware?
To encrypt data and ask for ransom
What is the result of a Denial-of-Service (DoS) attack?
The user's internet traffic is disrupted
What is the primary function of a rootkit?
To make other malware undetectable
What is the common association of Trojans?
Creating backdoors and botnets
What is the primary target of a ransomware attack?
The user's data
What is the result of a successful rootkit infection?
The malware becomes undetectable
What is the goal of a phishing attack?
To trick a user into divulging personal information
What is a common characteristic of phishing emails?
They create a sense of urgency
What type of cyber attack involves tricking a user into installing malware?
Phishing attack
What is the primary goal of a cyber espionage attack?
To steal sensitive information
What type of malware is used to capture a user's keystrokes?
Spyware
What is the primary function of a worm?
To spread from computer to computer
What type of cyber attack involves an attacker claiming to be a wealthy Nigerian prince?
Phishing attack
What is a common way spyware is downloaded onto a host computer?
Through a infected website
What type of malware is designed to track the cookies of a host computer?
Spyware
Which type of malware can replicate itself without human intervention?
Worm
What is the primary function of a Trojan Horse?
To pretend to be useful software
What is the effect of a worm on a network?
It slows down the network's performance
What is required to activate a virus in a host computer?
Executable file (.exe)
What type of malware is typically downloaded into a host computer while downloading freeware?
Spyware
What is the primary function of a keylogger-type spyware?
To sniff banking passwords
What is the main difference between a virus and a worm?
A worm can replicate itself without human intervention
What is the primary goal of whaling?
To steal sensitive information from a high-ranking official
What is the purpose of Adware?
To force advertising on the user's computer
What is the primary function of Spyware?
To steal sensitive information from the target machine
What is the purpose of Malware?
To perform unwanted tasks in the host computer
What is the primary function of a Virus?
To replicate itself and spread to other computers
What is the primary characteristic of a Worm?
It is a self-replicating program that spreads to other computers
What is the result of a Worm on a network?
It slows down the network
What is the primary function of a Keylogger-type Spyware?
To record keystrokes on the target computer
What was the primary goal of the Stuxnet virus in the Natanz nuclear facility?
To slow down or speed up the centrifuges, causing them to wear out prematurely.
What was the result of the fake Twitter message sent by the Syrian Electronic Army?
A loss of $136 billion in the US stock market.
How did the hackers gain access to the Associated Press' Twitter account?
By sending a phishing email.
What type of attack is characterized by the use of a fake tweet message to cause financial loss?
Social engineering attack.
What is the primary function of a spyware?
To steal sensitive information.
What is the difference between a virus and a worm?
A virus requires human interaction to spread, while a worm does not.
What is the primary goal of an IP address spoofing attack?
To launch a Denial of Service (DoS) attack.
What is the result of a successful ARP spoofing attack?
The attacker can intercept and modify packets on the network.
What is the main reason for insider attacks in an organization?
When an employee is fired or assigned a new role without a change in IT policies
What is the primary difference between an insider attack and an external attack?
Whether the attacker is within or outside the organization
What type of attack is usually performed by individuals who are trying to test a tool readily available over the internet?
Unstructured attack
What can be used to trace external attacks?
Firewall logs
What is the primary goal of an internal intrusion detection system (IDS) in an organization?
To detect and prevent insider attacks
What is the result of a cyber attack on an organization?
Both financial loss and loss of reputation
What type of attack is performed by highly skilled and experienced individuals?
Structured attack
What is the primary motivation behind a structured attack?
The motives are clear in the mind of the attacker
What is the primary objective of a cyber attack?
To gain unauthorized access to a computer system or its data.
What is the primary goal of a phishing attack?
To trick the victim into doing a certain action
What is the main difference between white hat hackers and grey hat hackers?
Grey hat hackers publicly exploit vulnerabilities
What is a common phishing scam?
The Nigerian prince scam
What type of cyber attack is performed by an individual with authorized system access?
Insider attack
What is the primary goal of grey hat hackers?
To raise awareness about vulnerabilities for the common good
What is the motive of an insider attack?
Revenge or greed
What is the purpose of an attachment or link in a phishing email?
To install malware
What did Romanion Hacker TinKode aka Razvan Cernaianu exploit in PayPal's system?
A vulnerability in the chargeback process
What is the result of a successful insider attack?
Compromised confidentiality, integrity, or availability of the system
Why are phishing attacks often successful?
Because the emails appear legitimate
What is the primary motivation behind cyber espionage?
Politically, economically, or socially motivated
What is the primary advantage of an insider attack?
The attacker has access to the network
What type of hackers are hired by organizations to test and discover potential holes in their security defenses?
White hat hackers
What is a typical feature of phishing emails?
They create a sense of urgency
What is a common characteristic of cyber attacks?
They take many forms
What is the common good that grey hat hackers attempt to achieve?
Raising awareness about vulnerabilities
What is the difference between white hat hackers and black hat hackers?
White hat hackers have different motivations than black hat hackers
What is the objective of a cyber attack that involves the installation of viruses or malware?
To install malicious code on the system
What is the goal of a phishing attack?
To capture login credentials
What is the result of the exploit found by TinKode in PayPal's system?
Users can double their money
What is the purpose of a phishing email that appears to be from a trusted source?
To trick the victim into performing a certain action
What is the result of a cyber attack that involves changes to the characteristics of a computer system's hardware, firmware, or software?
The system becomes less secure
What is the primary characteristic of grey hat hackers?
They exploit vulnerabilities without intending to do harm
What is the result of continuously doubling the amount of Rs. 1000 using the loophole?
Endless doubling
How did the Stuxnet virus infect the Natanz nuclear facility?
Through a third-party utility
What was the result of the fake tweet message sent via the hacked Twitter account of Associated Press?
A loss of $136 billion in the US stock market
What was the method used to hack the Twitter account of Associated Press?
Phishing email
What was the purpose of the Stuxnet virus?
To slow down or speed up the centrifuges and wear them out prematurely
What was the result of the Stuxnet virus on the nuclear facility?
The facility suffered significant damage
Who claimed responsibility for the AP hack?
The Syrian Electronic Army
What was installed in the computer after clicking the link in the phishing email?
A spyware
What is the primary function of a keylogger-type spyware?
To sniff banking passwords
What is the main difference between a virus and a worm?
A virus requires human intervention, while a worm does not
How do Trojan horses typically spread to a host computer?
By pretending to be useful software
What is the effect of a worm on a network?
It consumes network resources and forces the network to choke
What is required to activate a virus in a host computer?
Executable file (.exe) execution
What is the primary function of a virus?
To delete or append a file
How are spywares commonly downloaded into a host computer?
While downloading freeware from the internet
What is the primary characteristic of a worm?
It can replicate itself
What is the goal of a malicious hacker in a URL injection attack?
To force visitors to be part of a DDoS attack
What is the main reason for insider attacks in an organization?
When an employee is fired or assigned new roles in an organization
What is cross-site scripting (XSS) used for?
To inject malicious code into a trustworthy webpage
What is the primary association of hacking with illegal activity?
Hacking is often a malicious act
What is the primary goal of installing an internal intrusion detection system (IDS) in an organization?
To prevent insider attacks
What is the main difference between structured and unstructured attacks?
The level of maturity of the attacker
What devices can be misused by hackers?
Computers, smart phones, tablets, and networks
Who is usually responsible for tracing external attacks?
Experienced network/security administrator
What is the result of a visitor's action on a webpage infected with XSS?
The visitor is infected with malicious code
What is the result of a successful external attack on an organization?
Financial loss and reputation loss
What is the traditional view of hackers?
A lone rogue programmer
What can be the result of a DDoS attack?
The website is disrupted or shut down
What type of attacks are performed by amateur attackers?
Unstructured attacks
What is the primary goal of hacking?
To cause damage to or corrupt systems
What is the primary characteristic of a structured attack?
Performer is highly skilled and experienced
What is the primary purpose of an external attacker?
To scan and gather information
What is the primary goal of an IP address spoofing attack in a DoS attack?
To overwhelm the target with network traffic
What is the purpose of Address Resolution Protocol (ARP)?
To resolve an IP address to its physical MAC address
What can an attacker do by spoofing a computer or device's IP address?
Gain access to a network that authenticates users based on their IP address
What is the result of a successful ARP spoofing attack?
The attacker can steal or modify data meant for the owner of the IP address
What type of attack often involves caller ID spoofing?
Fraud attacks
What is the primary goal of an IP address spoofing attack?
To hide the attacker's true identity
What is the target of an IP address spoofing attack in a DoS attack?
The owner of the real IP address
What is the common use of IP address spoofing attacks?
To launch a DoS attack
What is the main difference between white hat hackers and grey hat hackers?
Grey hat hackers publicly exploit vulnerabilities, while white hat hackers do not.
What is the primary goal of grey hat hackers?
To raise awareness about vulnerabilities for the common good.
What was the result of Romanion Hacker TinKode aka Razvan Cernaianu's actions on PayPal?
A user could double their money on every attempt.
What is the characteristic of a grey hat hacker?
They attempt to violate standards and principles without intending to do harm or gain financially.
What is the main difference between a white hat hacker and a black hat hacker?
White hat hackers are hired by organizations to test and discover potential holes in their security defenses, while black hat hackers are motivated by malicious intentions.
What is the role of a white hat hacker in an organization?
To test and discover potential holes in the organization's security defenses.
What is the primary purpose of PayPal's encryption techniques?
To ensure secure money transfer between users.
What is the goal of grey hat hackers when they exploit a vulnerability?
To raise awareness about the vulnerability for the common good.
Study Notes
Insider Attacks
- Insider attacks occur when an employee or insider uses their access to sensitive information to steal or crash the network.
- The reasons for insider attacks include when an employee is fired or assigned new roles, and their role is not reflected in the IT policies.
- Insider attacks can be prevented by planning and installing an internal intrusion detection system (IDS) in the organization.
External Attacks
- External attacks occur when an attacker is either hired by an insider or an external entity to the organization.
- The organization which is a victim of cyber attack faces financial loss and loss of reputation.
- External attacks can be traced out by analyzing firewall logs and installing Intrusion Detection Systems.
Classification of Cyber Attacks
- Cyber attacks can be classified as structured and unstructured attacks based on the level of maturity of the attacker.
- Unstructured attacks are performed by amateurs who don't have any predefined motives and try to test tools available over the internet.
- Structured attacks are performed by highly skilled and experienced people with clear motives and access to sophisticated tools.
Reasons for Cyber Attacks
- Money is a major motivator for committing cyber crime.
- Revenge, fun, recognition, and anonymity are also reasons for committing cyber crime.
- Anonymity in the cyber world makes it easier to commit crimes and get away with them.
Types of Malware
- Virus: a malicious code written to damage/harm the host computer by deleting or appending files, occupying memory space, slowing down performance, or formatting the host machine.
- Worms: a class of virus that can replicate themselves and spread over the network without human intervention.
- Trojan horse: a malicious code that is installed in the host machine by pretending to be useful software.
Spoofing Attacks
- IP address spoofing attacks: an attacker sends IP packets from a spoofed IP address to hide their true identity.
- ARP spoofing attacks: an attacker sends spoofed ARP messages to link their own MAC address with a legitimate IP address.
- URL injection: a malicious hacker injects malicious code into a trustworthy web page through weaknesses in IT infrastructure.
- Cross-site scripting (XSS) attack: a malicious hacker injects malicious code into a trustworthy web page, which springs into action when a user performs a certain action.
Hacking and Hackers
- Hacking is the act of compromising digital devices and networks through unauthorized access to an account or computer system.
- Hacking is not always malicious, but it is commonly associated with illegal activity and data theft.
- A traditional view of hackers is a lone rogue programmer, but this narrow view does not cover the true technical nature of hacking.
Malware and Cyber Attacks
- Malware can be downloaded onto a host computer while downloading freeware or free application programs from the internet
- Types of malware include:
- Virus: malicious code that can damage/harm the host computer, replicate itself, slow down computer performance, and format the host machine
- Worms: a class of virus that can replicate themselves and spread over a network without human intervention
- Trojan horse: malicious code that pretends to be useful software, damages the host computer, and creates a backdoor for remote control
- Rootkits: malware that infects a PC on a deeper level, making them undetectable, and can enslave computers into a botnet
- Ransomware: type of malware that encrypts data and demands a ransom to restore access
- Spyware: malware that steals sensitive information from the target machine
- Adware: malware used for forced advertising
- Cyber attacks include:
- Denial-of-service (DoS/DDoS) attacks: flooding a user's internet connection with useless information to disrupt their internet use
- Whaling: targeting high-value individuals, such as CEOs or politicians, with personalized phishing attacks
- Phishing attacks: tricking victims into providing personal information or performing a certain action
- Cyber espionage: government involvement in cyber trespassing for political, economic, or social motives
- Examples of malware attacks and infections include:
- Stuxnet, a virus believed to be developed by the US, which attacked Iran's nuclear facility at Natanz
- A fake tweet message that cost $136 billion in losses within seconds
- A phishing attack that led to a hack of Associated Press's Twitter account, causing a stock market crash
Cyber Attacks
- A cyber attack is an attack initiated from a computer against a website, computer system, or individual computer that compromises the confidentiality, integrity, or availability of the computer or information stored on it.
Classification of Cyber Attacks
- Cyber attacks can be classified into two categories: Insider Attack and External Attack.
- Insider Attack: An attack to the network or computer system by someone with authorized system access, often motivated by revenge or greed.
- External Attack: An attack by an external entity, often hired by an insider, that can be traced through firewall logs and prevented by Intrusion Detection Systems.
Types of Cyber Attacks
- Structured Attacks: Performed by highly skilled and experienced individuals with clear motives.
- Unstructured Attacks: Performed by amateurs who lack predefined motives and often test readily available tools on random companies.
- Cyber Espionage: Government-initiated cyber trespassing for political, economic, or social reasons.
Various Types of Cyber Attacks
- Phishing Attacks: Malicious hackers trick victims into taking a certain action, often by sending emails that appear to be from a trustworthy source.
- Grey Hat Hackers: Individuals who violate standards and principles without intending to do harm or gain financially, often to raise awareness about vulnerabilities.
Famous Cyber Attacks
- Paypal Attack: Romanion hacker TinKode exploited a loophole in the chargeback process, allowing users to double their money endlessly.
- Stuxnet Attack: A virus developed by the US (believed to be) attacked Iran's nuclear facility at Natanz, speeding up or slowing down centrifuges and sending false signals about the health and status of the nuclear plant.
- AP Twitter Hack: A fake tweet message sent via a hacked Twitter account of Associated Press, USA, caused a $136 billion loss within seconds by reporting false information about the White House and President Barack Obama.
Insider Attack
- Insider attacks occur when an employee with access to the organization's network and systems misuses their privileges to steal sensitive information or crash the network.
- The reason for insider attacks is often due to a lack of reflection of role changes in IT policies, creating a vulnerability window for the attacker.
- Insider attacks can be prevented by planning and installing an internal intrusion detection system (IDS) in the organization.
External Attack
- External attacks occur when an attacker is hired by an insider or an external entity to attack the organization.
- The attacker scans and gathers information about the organization, and the organization faces financial loss and loss of reputation as a result.
- External attacks can be traced by carefully analyzing firewall logs, and Intrusion Detection Systems can be installed to keep an eye on external attacks.
Types of Cyber Attacks
- Cyber attacks can be classified as structured and unstructured attacks based on the level of maturity of the attacker.
- Unstructured attacks are performed by amateurs who don't have any predefined motives and try to test tools available on the internet.
- Structured attacks are performed by highly skilled and experienced people with clear motives.
Malware
- Virus: a malicious code written to damage or harm the host computer, which can be spread via email attachments, pen drives, digital images, etc.
- Worms: a class of virus that can replicate themselves and spread through the network, consuming network resources.
- Trojan horse: a malicious code installed in the host machine by pretending to be useful software, which can be used to commit fraud.
Spoofing Attacks
- IP address spoofing attacks: an attacker sends IP packets from a spoofed IP address to hide their true identity, often used in DoS attacks.
- ARP spoofing attacks: an attacker sends spoofed ARP messages to link their own MAC address with a legitimate IP address, allowing them to steal or modify data.
Cross-Site Scripting (XSS) Attack
- XSS attack: a malicious hacker injects malicious code into a trustworthy web page, which springs into action when a user performs a certain action, infecting the user.
- XSS attack is often used to redirect users to different websites or to steal sensitive information.
Hacking and Hackers
- Hacking: the act of compromising digital devices and networks through unauthorized access, often associated with illegal activity and data theft.
- White hat hackers: hired by organizations to test and discover potential holes in their security defenses.
- Grey hat hackers: sit between the good and bad guys, attempting to violate standards and principles but without intending to do harm or gain financially.
Famous Cyber Attacks
- Paypal hack: a Romanian hacker exploited a loophole in the code of the chargeback process of PayPal, allowing users to double their money in every attempt.
This quiz covers the threats and risks of insider attacks in organizations, including reasons and consequences. It also discusses the importance of IT policies in preventing such attacks.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
