Introduction to CYBERCRIME

Questions and Answers

What is a rootkit designed to do?

Monitor network traffic for security breaches

Patch and modify system execution paths (correct)

Prevent unauthorized access to computer systems

Gather information about a person or organization

Which of the following actions helps in preventing malware infections?

Clicking on pop-up prompts from unknown websites

Installing cracked applications for added features

Using unknown flash drives frequently

Keeping software updated and patched (correct)

What is a common method used in phishing attacks?

Creating fake requests for personal information (correct)

Using complex codes to protect data

Sending encrypted messages for security

Physically exploiting hardware vulnerabilities

Which precaution should be taken before clicking email links?

Verify the sender's identity

What is the primary motivation of Black Hat Hackers?

Stealing data and causing damage

Which type of hacker operates with ethical considerations, focusing on security?

White Hat Hackers

What distinguishes Grey Hat Hackers from Black and White Hat Hackers?

They exploit vulnerabilities without malicious intent.

What is the main goal of Hacking?

Circumvent security measures for unauthorized access

Which of the following actions is NOT commonly associated with Black Hat Hackers?

Fixing security vulnerabilities

What does the term 'ethical hacking' primarily refer to?

Identifying weaknesses to strengthen security

How do Grey Hat Hackers usually expose system vulnerabilities?

Without authorization, often seeking recognition

What kind of damage can Black Hat Hackers cause?

Malicious data theft and system damage

What is the primary objective of phishing?

To manipulate individuals into revealing sensitive information

Which type of social engineering involves impersonating someone to extract information?

Pretexting

What is the main characteristic of a Denial-of-Service attack?

It overloads a website or network with excessive traffic.

Which of the following is NOT a type of social engineering?

Identity Theft

What is the intention behind baiting in social engineering?

To lure victims into a trap by offering something enticing

Which term describes a scam that uses romantic relationships to deceive individuals?

Romance Scams

What is the effect of a water hole attack?

To compromise websites frequented by a specific group

Which of the following is NOT a method through which malware can be acquired?

Downloading files from a secure website

Which of the following is a key feature of scareware?

It manipulates individuals through fear tactics.

What capability of malware allows it to demand money from a user?

Extortion

What is a common purpose of a computer virus?

To replicate itself by modifying other programs

Which of the following practices is recommended for protecting against hacking?

Using complex passwords

Which malware capability involves tricking users into downloading infected files?

Deception

What does the term 'Propagation' refer to in the context of malware?

The ability to spread to other systems

Which of the following is NOT considered a protective measure against cyber threats?

Ignoring security alerts

What type of malware must be executed by a user to replicate itself?

Computer Virus

What is the primary function of a computer worm?

To self-replicate and spread between computers

Which type of malware is characterized by its ability to control infected computers remotely?

Bot malware (botnet)

What is a defining feature of ransomware?

It holds data hostage for ransom

How does a Trojan horse typically infect a computer?

Through social engineering tactics

What mechanism does backdoor malware typically use to gain access to a system?

It bypasses normal authentication procedures

Which type of malware operates quietly by collecting information without user awareness?

Spyware

Which of the following best describes a function of bot malware?

It allows hackers to control multiple systems.

Which of the following characteristics is NOT associated with a computer worm?

It requires human action to spread.

Study Notes

Hacking

• Hacking is circumventing security measures to gain unauthorized access to a computer system or network.
• This includes unauthorized access to or control of computer systems or networks.

Types of Hackers

• Black Hat Hackers: Engage in malicious activities like stealing data, committing financial fraud, and causing damage.
• White Hat Hackers (Ethical hackers): Ethical hackers identify and fix security vulnerabilities in systems, working to protect from attacks.
• Grey Hat Hackers: Exploit vulnerabilities without malicious intent but without authorization. They may expose vulnerabilities to gain recognition or offer to fix them for a fee.

Malware

• Malware is malicious software that infiltrates a computer system to perform malicious acts without the user's consent.
• Malware can be acquired via:
  • Downloading files from suspicious and unsecured websites.
  • Sharing files on flash drives and network drives.
  • Attachments in emails.

Malware Capabilities

• Propagation: The ability to spread to other systems.
• Destruction: Deleting critical system files and stopping computer operations.
• Extortion: The ability to fuel far and demand money.
• Exploitation: The ability to exploit vulnerabilities to gain access and control of the target system.
• Deception: The ability to trick users into downloading infected files or other malicious components.
• Information Theft: Stealing critical and sensitive user information.

Computer Virus

• A type of malware that replicates itself by modifying other computer programs when executed.
• It cannot spread without human action.

Computer Worm

• Malicious software that spreads itself from one computer to another without human interaction.
• It's a standalone program that can replicate itself.

Bot Malware

• Known as botnets.
• Infects computers and turns them into "zombies" or "bots" under the control of a remote attacker.
• Exploits vulnerabilities in computer systems.

Ransomware

• Malicious software that holds a victim's sensitive data or device hostage.
• The victim has to pay ransom to the hacker to regain access.
• Data is encrypted to extort a ransom payment.

Trojan Horse

• Computer software that looks legitimate or innocent but is actually harmful.
• It tricks users into downloading and installing it, often through social engineering tactics like phishing or fake advertisements.

Backdoor

• Malware that negates normal authentication procedures to access a system.
• It's a means of access to a computer program that bypasses security mechanisms.

Spyware

• Malicious software installed on a computer device without the end-user's knowledge.
• Aims to gather information about the person or organization and send it to another entity.

Rootkit

• "Root" (traditional privileged account on UNIX) "kit". Implements software components.
• A set of programs that patches and Trojan existing execution paths within a system.
• Hackers need root-level access to install a root kit.

How to Prevent Malware

• Keep system, tools, and applications patched and updated regularly.
• Avoid installing suspicious or cracked applications.
• Do not insert unknown flash drives into your computer.
• Install and enable antivirus software or reliable endpoint security.
• Avoid downloading or clicking on suspicious links on unknown websites or pop-up prompts.
• Be wary of email links and attachments before opening.

Social Engineering

• The act of manipulating people into divulging sensitive information or performing acts that compromise security.
• Examples include phishing, pretexting, baiting, and tailgating.

Social Engineering (Cycle)

• The cycle consists of information gathering, relationship building, and exploitation.

Types of Social Engineering

• Phishing
• Spear Phishing
• Whaling
• Baiting
• Pretexting
• Tailgating
• Quid Pro Quo
• Smishing
• Vishing
• Business Email Compromise
• Water Hole Attacks
• Scareware
• Romance Scams

Phishing

• The act of manipulating people into divulging sensitive information or performing acts that compromise security.
• Phishing, pretexting, baiting, and tailgating are examples of social engineering.

Denial-of-Service

• An attempt to overload a website or network, to degrade its performance or make it inaccessible.
• A flood of traffic causes the target to become slow, unresponsive, or completely inaccessible to legitimate users.

Identity Theft

• Cybercriminals steal personal information and use it to impersonate you.
• They use this information without your permission to commit fraud or other illegal activities.

Online Scams

• Deceptive schemes carried out by cybercriminals using the internet to steal information, money, or both.
• This includes stealing money and personal information.

Types of Online Scams

• Phishing Scams
• Tech Support Scams
• Online Shopping Scams
• Social Engineering Scams
• Investment Scams
• Romance Scams
• Lottery and Prize Scams
• Charity Scams
• Impersonation Scams
• Work-from-Home Scams

How to Protect from Online Scams

• Educate yourself
• Strengthen your online security
• Be cautious with personal information
• Secure online transactions
• Avoid public Wi-Fi

Other Types of Cybercrime

• Cyberbullying
• Doxxing
• Cyber Extortion
• Cyber Espionage
• Cyber Stalking
• Prohibited/Illegal Consent
• Financial Fraud
• Software Piracy

Description

This quiz covers the fundamentals of hacking, including different types of hackers and the nature of malware. Understand the differences between black hat, white hat, and grey hat hackers, as well as how malware infiltrates systems. Test your knowledge on these critical cybersecurity topics.