Introduction to CYBERCRIME

Questions and Answers

What is a rootkit designed to do?

• Monitor network traffic for security breaches
• Patch and modify system execution paths (correct)
• Prevent unauthorized access to computer systems
• Gather information about a person or organization

Which of the following actions helps in preventing malware infections?

• Clicking on pop-up prompts from unknown websites
• Installing cracked applications for added features
• Using unknown flash drives frequently
• Keeping software updated and patched (correct)

What is a common method used in phishing attacks?

• Creating fake requests for personal information (correct)
• Using complex codes to protect data
• Sending encrypted messages for security
• Physically exploiting hardware vulnerabilities

Which precaution should be taken before clicking email links?

Verify the sender's identity (D)

What is the primary motivation of Black Hat Hackers?

Stealing data and causing damage (A)

Which type of hacker operates with ethical considerations, focusing on security?

White Hat Hackers (D)

What distinguishes Grey Hat Hackers from Black and White Hat Hackers?

They exploit vulnerabilities without malicious intent. (C)

What is the main goal of Hacking?

Circumvent security measures for unauthorized access (A)

Which of the following actions is NOT commonly associated with Black Hat Hackers?

Fixing security vulnerabilities (D)

What does the term 'ethical hacking' primarily refer to?

Identifying weaknesses to strengthen security (C)

How do Grey Hat Hackers usually expose system vulnerabilities?

Without authorization, often seeking recognition (D)

What kind of damage can Black Hat Hackers cause?

Malicious data theft and system damage (A)

What is the primary objective of phishing?

To manipulate individuals into revealing sensitive information (D)

Which type of social engineering involves impersonating someone to extract information?

Pretexting (C)

What is the main characteristic of a Denial-of-Service attack?

It overloads a website or network with excessive traffic. (C)

Which of the following is NOT a type of social engineering?

Identity Theft (A)

What is the intention behind baiting in social engineering?

To lure victims into a trap by offering something enticing (D)

Which term describes a scam that uses romantic relationships to deceive individuals?

Romance Scams (D)

What is the effect of a water hole attack?

To compromise websites frequented by a specific group (A)

Which of the following is NOT a method through which malware can be acquired?

Downloading files from a secure website (D)

Which of the following is a key feature of scareware?

It manipulates individuals through fear tactics. (C)

What capability of malware allows it to demand money from a user?

Extortion (C)

What is a common purpose of a computer virus?

To replicate itself by modifying other programs (C)

Which of the following practices is recommended for protecting against hacking?

Using complex passwords (C)

Which malware capability involves tricking users into downloading infected files?

Deception (D)

What does the term 'Propagation' refer to in the context of malware?

The ability to spread to other systems (D)

Which of the following is NOT considered a protective measure against cyber threats?

Ignoring security alerts (A)

What type of malware must be executed by a user to replicate itself?

Computer Virus (C)

What is the primary function of a computer worm?

To self-replicate and spread between computers (B)

Which type of malware is characterized by its ability to control infected computers remotely?

Bot malware (botnet) (A)

What is a defining feature of ransomware?

It holds data hostage for ransom (B)

How does a Trojan horse typically infect a computer?

Through social engineering tactics (B)

What mechanism does backdoor malware typically use to gain access to a system?

It bypasses normal authentication procedures (C)

Which type of malware operates quietly by collecting information without user awareness?

Spyware (A)

Which of the following best describes a function of bot malware?

It allows hackers to control multiple systems. (B)

Which of the following characteristics is NOT associated with a computer worm?

It requires human action to spread. (B)

Flashcards

What is hacking?

Unauthorized access to or control of computer systems or networks.

Black Hat Hackers

Hackers who engage in malicious activities like stealing data, financial fraud, and causing damage.

White Hat Hackers

Ethical hackers who identify and fix security vulnerabilities in systems, working to protect from attacks.

Gray Hat Hackers

Hackers who exploit vulnerabilities without malicious intent, potentially exposing them to gain recognition or fixing them for a fee.

Hacking

The act of circumventing security measures to gain unauthorized access to a computer system or network.

Data Theft

Stealing sensitive information from individuals, organizations, or governments.

Financial Fraud

Using stolen financial information to make unauthorized purchases or transactions.

Causing Damage

Intentionally causing damage to computer systems or networks, resulting in disruptions or data loss.

What is Malware?

Short for Malicious Software. It's a program that infiltrates a computer system without the user's permission to perform harmful actions.

Malware Capability: Propagation

The ability of malware to spread to other systems, like a virus spreading.

Malware Capability: Destruction

The capability of malware to delete or corrupt essential system files, crippling your computer.

Malware Capability: Extortion

Malware's power to extort money from victims by holding their data hostage.

Malware Capability: Exploitation

Malware's ability to exploit weaknesses in system security, giving it access and control.

Malware Capability: Deception

Malware's ability to deceive users into downloading harmful files or components.

Malware Capability: Information Theft

The capability of malware to steal sensitive user information, such as passwords or financial details.

Computer Virus

A type of malware that replicates itself by modifying existing programs. It cannot spread without human interaction.

Rootkit

A set of programs designed to hide malicious activity on a computer system by altering the operating system.

Rootkit: How Does it Work?

A type of malware that alters the way a system or application works to conceal the attacker's actions.

What is Social Engineering?

Social engineering is a type of cybercrime that uses psychological manipulation to trick people into revealing sensitive information or granting unauthorized access to systems.

Examples of Social Engineering

Common methods of social engineering include phishing attacks, pretexting, baiting, and tailgating. These techniques exploit human vulnerabilities to gain access to sensitive information or systems.

How to Prevent Malware

Protecting your computer from malware involves implementing proactive measures, including keeping software updated, being wary of suspicious downloads, using antivirus software, and avoiding clicking unfamiliar links.

What is a computer worm?

A type of malicious software that spreads itself from one computer to another without human interaction. It can replicate itself and doesn't require user intervention to spread.

What is bot malware?

Malware that infects computers and turns them into "zombies" or "bots" controlled by a remote attacker. It exploits vulnerabilities in computer systems to gain control.

What is ransomware?

A type of malicious software that holds a victim's sensitive data or device hostage unless the victim pays a ransom to the hacker. It encrypts data and demands payment for its release.

What is a Trojan Horse?

A type of software that disguises itself as legitimate or innocent but is actually harmful. It tricks users into downloading and installing it, often through social engineering.

What is a backdoor?

A type of malware that bypasses normal authentication procedures to access a system. It provides a secret way into a computer system without authorization.

What is spyware?

Malicious software that is installed on a computer device without the user's knowledge. It can monitor and steal sensitive information.

Phishing

A type of social engineering where cybercriminals use deception to trick individuals into revealing sensitive information or performing actions that compromise security.

Spear Phishing

A type of phishing where cybercriminals target specific individuals or organizations with personalized emails or messages designed to appear legitimate.

Denial-of-Service Attack

A technique where attackers overwhelm a website or network with a flood of traffic, making it slow or inaccessible.

Identity Theft

Cybercriminals steal personal information and use it to impersonate someone, leading to fraud or other illegal activities.

Online Scams

Deceptive schemes used by cybercriminals on the internet to steal money or personal information.

Pretexting

A form of social engineering where attackers trick individuals into giving up valuable information by pretending to be someone they are not.

Tailgating

A social engineering technique where attackers use physical proximity to gain access to secure areas or information.

Quid Pro Quo

A social engineering tactic where attackers offer something valuable in exchange for something else, often with hidden malicious intent.

Study Notes

Hacking

• Hacking is circumventing security measures to gain unauthorized access to a computer system or network.
• This includes unauthorized access to or control of computer systems or networks.

Types of Hackers

• Black Hat Hackers: Engage in malicious activities like stealing data, committing financial fraud, and causing damage.
• White Hat Hackers (Ethical hackers): Ethical hackers identify and fix security vulnerabilities in systems, working to protect from attacks.
• Grey Hat Hackers: Exploit vulnerabilities without malicious intent but without authorization. They may expose vulnerabilities to gain recognition or offer to fix them for a fee.

Malware

• Malware is malicious software that infiltrates a computer system to perform malicious acts without the user's consent.
• Malware can be acquired via:
  • Downloading files from suspicious and unsecured websites.
  • Sharing files on flash drives and network drives.
  • Attachments in emails.

Malware Capabilities

• Propagation: The ability to spread to other systems.
• Destruction: Deleting critical system files and stopping computer operations.
• Extortion: The ability to fuel far and demand money.
• Exploitation: The ability to exploit vulnerabilities to gain access and control of the target system.
• Deception: The ability to trick users into downloading infected files or other malicious components.
• Information Theft: Stealing critical and sensitive user information.

Computer Virus

• A type of malware that replicates itself by modifying other computer programs when executed.
• It cannot spread without human action.

Computer Worm

• Malicious software that spreads itself from one computer to another without human interaction.
• It's a standalone program that can replicate itself.

Bot Malware

• Known as botnets.
• Infects computers and turns them into "zombies" or "bots" under the control of a remote attacker.
• Exploits vulnerabilities in computer systems.

Ransomware

• Malicious software that holds a victim's sensitive data or device hostage.
• The victim has to pay ransom to the hacker to regain access.
• Data is encrypted to extort a ransom payment.

Trojan Horse

• Computer software that looks legitimate or innocent but is actually harmful.
• It tricks users into downloading and installing it, often through social engineering tactics like phishing or fake advertisements.

Backdoor

• Malware that negates normal authentication procedures to access a system.
• It's a means of access to a computer program that bypasses security mechanisms.

Spyware

• Malicious software installed on a computer device without the end-user's knowledge.
• Aims to gather information about the person or organization and send it to another entity.

Rootkit

• "Root" (traditional privileged account on UNIX) "kit". Implements software components.
• A set of programs that patches and Trojan existing execution paths within a system.
• Hackers need root-level access to install a root kit.

How to Prevent Malware

• Keep system, tools, and applications patched and updated regularly.
• Avoid installing suspicious or cracked applications.
• Do not insert unknown flash drives into your computer.
• Install and enable antivirus software or reliable endpoint security.
• Avoid downloading or clicking on suspicious links on unknown websites or pop-up prompts.
• Be wary of email links and attachments before opening.

Social Engineering

• The act of manipulating people into divulging sensitive information or performing acts that compromise security.
• Examples include phishing, pretexting, baiting, and tailgating.

Social Engineering (Cycle)

• The cycle consists of information gathering, relationship building, and exploitation.

Types of Social Engineering

• Phishing
• Spear Phishing
• Whaling
• Baiting
• Pretexting
• Tailgating
• Quid Pro Quo
• Smishing
• Vishing
• Business Email Compromise
• Water Hole Attacks
• Scareware
• Romance Scams

Phishing

• The act of manipulating people into divulging sensitive information or performing acts that compromise security.
• Phishing, pretexting, baiting, and tailgating are examples of social engineering.

Denial-of-Service

• An attempt to overload a website or network, to degrade its performance or make it inaccessible.
• A flood of traffic causes the target to become slow, unresponsive, or completely inaccessible to legitimate users.

Identity Theft

• Cybercriminals steal personal information and use it to impersonate you.
• They use this information without your permission to commit fraud or other illegal activities.

Online Scams

• Deceptive schemes carried out by cybercriminals using the internet to steal information, money, or both.
• This includes stealing money and personal information.

Types of Online Scams

• Phishing Scams
• Tech Support Scams
• Online Shopping Scams
• Social Engineering Scams
• Investment Scams
• Romance Scams
• Lottery and Prize Scams
• Charity Scams
• Impersonation Scams
• Work-from-Home Scams

How to Protect from Online Scams

• Educate yourself
• Strengthen your online security
• Be cautious with personal information
• Secure online transactions
• Avoid public Wi-Fi

Other Types of Cybercrime

• Cyberbullying
• Doxxing
• Cyber Extortion
• Cyber Espionage
• Cyber Stalking
• Prohibited/Illegal Consent
• Financial Fraud
• Software Piracy

Description

This quiz covers the fundamentals of hacking, including different types of hackers and the nature of malware. Understand the differences between black hat, white hat, and grey hat hackers, as well as how malware infiltrates systems. Test your knowledge on these critical cybersecurity topics.