Overview of Security Threats

Questions and Answers

What type of attack poses a danger to the integrity of communication messages?

• Active Attack (correct)
• DoS Attack
• Passive Attack
• SYN Flooding

Which of the following is a common method used to ensure that sensitive information is protected during transmission?

• Traffic Analysis
• Eavesdropping
• Encryption (correct)
• SYN Flooding

What is the main purpose of a Denial of Service (DoS) attack?

• To encrypt files for ransom
• To steal sensitive information
• To make a network service unusable (correct)
• To gather information passively

Which measure is used specifically to identify vulnerabilities in an organization’s systems?

Penetration Testing (D)

What is a potential risk associated with passive attacks?

Compromised confidentiality (B)

Which of the following describes a computer worm?

Can self-replicate and spread independently (D)

What is a key characteristic of phishing attacks?

They impersonate legitimate entities to steal information. (D)

Which of the following is a potential effect of a computer virus?

Corruption of sensitive information (B)

What defines a botnet in cybersecurity?

A network of compromised computers controlled by an attacker (A)

Which of these malware types is primarily focused on logging user keystrokes?

Keylogger (A)

Which malware type spreads by attaching itself to other files?

Virus (A)

What is a common consequence of a computer worm infection?

Increased network activity and potential data breaches (A)

Which type of phishing involves targeting specific individuals or organizations?

Spear Phishing (D)

What is the primary purpose of a rootkit?

To gain unauthorized access and control over a computer system. (B)

Which statement about keyloggers is true?

Keyloggers record every keystroke made on a keyboard. (A)

What distinguishes direct cyber attacks from indirect cyber attacks?

Direct attacks involve the attacker directly breaking into a system. (D)

Which psychological tactic is commonly used in social engineering attacks?

Manipulating individuals through deception. (C)

What is the main goal of password attacks?

To gain unauthorized access by exploiting password weaknesses. (C)

Why can rootkits be particularly challenging to detect?

They modify the operating system to hide their presence. (C)

In which scenario would a keylogger be used for a legitimate purpose?

To monitor employees' computer usage in a corporate environment. (C)

Which of the following best describes the term 'root' in the context of rootkits?

The highest level of administrative access in Unix-like operating systems. (B)

Flashcards are hidden until you start studying

Study Notes

Security Threats Overview

• Security threats include viruses, worms, phishing, botnets, rootkits, and keyloggers.

Virus

• Malicious software that replicates and spreads from one computer to another.
• Can corrupt sensitive information and disrupt systems.
• Examples: Melissa, Sasser, Conficker, CodeRed, WannaCry, Nimda.

Computer Worm

• Self-replicating malware that spreads without the need for a host program.
• Can slow down networks and cause data breaches.
• Notable types: Morris Worm, Slammer, Blaster, Mydoom, Sasser.

Phishing

• Cyberattack technique that deceives individuals into disclosing sensitive information.
• Often impersonates trustworthy entities like companies or government agencies.
• Variants include email phishing, spear phishing, smishing, vishing, pharming, clone phishing, and whaling.

Botnet

• A network of compromised computers, termed "bots" or "zombies," which are controlled remotely by an attacker.
• Often used to send spam, phishing emails, and engage in various malicious activities.

Rootkit

• Malicious software designed to gain unauthorized control over a computer system while remaining undetected.
• Alters system functionality to conceal its presence, making detection by antivirus software difficult.

Keylogger

• Software or hardware that records every keystroke made on a keyboard.
• Designed to capture sensitive data like passwords and credit card numbers.
• Can be used for legitimate monitoring or malicious data theft.

Types of Cyber Attacks

• Direct attacks: Attackers use their own computers to break into systems.
• Indirect attacks: Compromised systems are used to target other systems.

Social Engineering

• Manipulative tactics to obtain sensitive information or access to systems.
• Exploits human psychology instead of technical vulnerabilities.

Password Attacks

• Techniques to gain unauthorized access by exploiting weaknesses in passwords.
• Aim to either guess or circumvent passwords to breach accounts.

Forms of Attacks

• Active attacks: Involves modifying message contents, threatening integrity and availability.
• Passive attacks: Involves monitoring communications, threatening confidentiality (e.g., traffic analysis, data capturing, eavesdropping).

Denial of Service (DoS)

• Aim to make a network service unusable, typically through overload.
• Types include SYN flooding, SMURF attacks, and distributed attacks.
• Example case: Code-Red outbreak.

Measures to Improve Information Security

• Security Awareness Training: Educate employees to identify and address threats.
• Encryption: Secures sensitive information during transmission or storage.
• Firewalls: Control network access and protect against unauthorized intrusions.
• Access Controls: Restrict sensitive information access to authorized personnel.
• Penetration Testing: Identifies system vulnerabilities and tests defenses against attacks.