Privacy and Security Quiz

Questions and Answers

PDF Questions PDF Answers

What is the primary motivation for black hat hackers?

To exploit vulnerabilities for personal gain (correct)

To improve network security

To assist companies in identifying weaknesses

To educate others about cybersecurity

Which type of hacker has permission to access a system?

Malicious hacker

Gray hat hacker

Black hat hacker

White hat hacker (correct)

What distinguishes gray hat hackers from white and black hat hackers?

They hack legally and ethically

They are primarily involved in hacktivism

They only hack with permission

They often hack without permission and may request payment (correct)

What is a bug bounty program?

A program that rewards individuals for reporting vulnerabilities

What constitutes illegal hacking?

Finding and exploiting vulnerabilities without permission

What constitutes a strong password?

A password that is 8-20 characters long with diverse character types.

What is the purpose of two-factor authentication?

To provide an additional layer of security.

Which of the following is an essential feature of secure sites?

They are clearly marked as 'https://'.

What caution should you take when using public computers?

You should be careful when logging in due to potential security risks.

Why is it advisable to use a password manager?

They can create random passwords and store them securely.

What do privacy policies typically require from users?

They outline how user data will be stored and shared.

What is a common misconception about password creation?

Reusing passwords across different accounts is acceptable.

What does the 's' in 'https://' signify?

The connection is secure.

What are the potential consequences for a criminal hacker in the United States?

Up to 20 years in prison and a felony charge

Which of the following is NOT a characteristic of personal security related to password management?

Confirmation required for password changes

What is one of the main goals of current cybersecurity threats?

To knock a site offline or access data

Why is the job outlook for cybersecurity positions expected to grow rapidly?

Increasing awareness of cybersecurity issues

What distinguishes cloud storage from local storage?

Cloud storage saves data on multiple servers in different locations

What is one of the prevalent styles of cyber attacks mentioned?

Phishing

What is a fundamental principle of cybersecurity highlighted in the learning?

Security developers must ensure strength in every aspect

Which of the following is NOT associated with hacking ethics?

Exploitative behavior toward victims

What is a significant advantage of cloud storage compared to locally stored data?

Cloud storage can be accessed anywhere.

What is meant by digital divide?

The disparity in internet access among different communities.

Which of the following is NOT a method of communication mentioned?

Telegrams

What type of project is Foldit an example of?

Citizen science project

Which of the following diseases has NOT benefited from distributed computing projects like Folding@home?

Diabetes

What is the primary function of crowdfunding platforms like Kickstarter?

To gather funds directly from the public to support projects.

What did Open databases change regarding access to scientific publications?

They allowed anyone, not just researchers, to access papers.

What is a potential risk associated with Wikileaks as mentioned in the content?

It may expose sensitive classified secrets.

What is the primary advantage of DNA computers over traditional computers?

They can store significantly more data.

Which of the following statements is true regarding quantum computers?

They operate on the principles of quantum mechanics.

What role does artificial intelligence play in the medical field?

It processes large amounts of data for diagnosis and treatment.

What characteristic distinguishes quantum computers from traditional computers?

They can perform calculations simultaneously and can exist in multiple states.

Which of the following problems is DNA computing least suited for?

Casual computing tasks.

What is a significant risk associated with autonomous weapons?

They could be misused for mass destruction.

What task is still challenging for computers despite advancements in AI?

Understanding emotional context.

What aspect is true regarding the nature of traditional computers?

They are mechanical and deterministic.

Study Notes

Privacy and Security

• Privacy refers to the appropriate use of personal data.
• Security involves the integrity, confidentiality, and availability of data.

Strong Passwords

• Passwords should be 8-20 characters long.
• Passwords should include uppercase and lowercase letters, numbers, and special characters such as $%^#&@.
• Use different passwords for different accounts.

Two-Factor Authentication

• An added layer of security that requires two steps for verification.
• Common methods include: texting a pin to your phone, calling your phone with a unique pin, or asking a security question specific to you.

Password Managers

• Help manage and diversify passwords.
• Users must keep their master password safe.

Secure Sites

• Look for "https://" in the URL, where "s" denotes a secure connection.
• Avoid websites with excessive pop-ups (one or two are generally acceptable).
• Use caution and good judgment when browsing online.

Secure Hardware Access

• Be aware of permissions related to: webcam access, audio access, microphone access, and location access.

Privacy Policies

• Legal documents outlining how websites store and share user data.
• Often lengthy and detailed, which may deter users from reading them.

Security Reminders

• Use caution when browsing online.
• Follow best practices for creating strong passwords.
• Verify website security before logging in.
• Exercise extra caution when using public computers.
• Stay updated on the latest online safety recommendations.

Hacking Ethics and Legality

• Hacker: An individual who exploits weaknesses in computer systems or networks.

Black Hat Hackers

• Criminal hackers who breach secure networks to destroy, modify, or steal data.
• May disrupt network functionality.
• Hack for personal gain or to cause harm.
• Face serious legal consequences for their actions.

White Hat Hackers

• Ethical hackers who are authorized to penetrate systems for security testing purposes.
• Often hired for penetration testing to identify vulnerabilities before malicious attackers exploit them.
• Contribute to the development of robust security systems.

Gray Hat Hackers

• Operate between ethical and unethical hacking practices.
• Hack without permission, often illegally.
• May contact organizations to report vulnerabilities and request payment.

Bug Bounty Programs

• Companies offer financial rewards for reporting vulnerabilities before malicious hackers can exploit them.
• Specific products or methods may be excluded from the program.

Legal Hacking

• Examples include: working as a penetration tester, following the rules of a bug bounty program, and hacking educational sites specifically designed for practice (e.g., hackthissite.org).

Illegal Hacking

• Exploiting vulnerabilities for personal gain.
• Hacktivism (hacking for political or social causes).
• Attempting to find vulnerabilities without permission (grey hat hacking).
• Breaking the rules of a bug bounty program.

Consequences of Illegal Hacking

• Felony charges.
• Prison sentences (up to 20 years).
• Fines (up to $15,000).

Common Security Problems

• Digital Privacy in a Transparent Society:
• The need for secrecy remains prevalent.
• CIA Triad Toolbox:
  • Emphasizes personal and organizational security.

Personal Security

• Differentiate between HTTP and HTTPS connections (HTTPS signifies a secure connection).
• Examine password field limitations (e.g., character restrictions, special character allowances, email address restrictions).
• Be wary of situations where credentials are sent via email, new passwords are emailed, or password changes are not confirmed.
• Look for CAPTCHAs (Completely Automated Public Turing Test to Tell Computers and Humans Apart) on websites.

Current Events:

• Identify the goal of the attack (e.g., website disruption, data theft).
• Determine the extent and nature of the data compromised.
• Investigate the organization's response and support for affected customers.
• Brainstorm preventative measures.

OWASP

• Open Web Application Security Project, a resource for web security best practices.

Living in a Digital World

• Fortification Principles:
  • Hackers only need to get it right once.
  • Those developing and deploying systems must always get it right.

Cybersecurity Employment Outlook

• 2017 median pay: $95,510.
• Requires a bachelor’s degree.
• Job outlook (2016-2026): 28% growth (much faster than average), compared to 7% growth for all occupations.

SQLi and XSS

• Understanding SQL queries is crucial for comprehending these prevalent cyberattacks.
• Foundation for understanding SQLi (SQL Injection) and XSS (Cross-Site Scripting).

Words to Know for a Quiz

• Data Security: Safeguarding data from unauthorized access, use, disclosure, disruption, modification, or destruction.
• Hacking Ethics: Moral principles guiding hacker behavior, differentiating between ethical and unethical hacking practices.
• Phishing: Using deception to trick people into providing sensitive information (e.g., passwords, credit card details).
• Malware: Software designed to harm and exploit computer systems (e.g., viruses, ransomware).
• Weak Passwords: Easily guessable passwords that lack complexity and strength.
• File and Folder Management: Organizing files and folders effectively for efficient access and retrieval.
• Cloud Storage: Storing data on multiple servers in various locations for redundancy and accessibility.
• Local Storage: Storing data directly on a device (e.g., computer, smartphone).
• Cloud storage: saves data on multiple servers at different locations.
• Access Control: Setting permission levels to control user access and editing capabilities for files.
• Read-Only: Access permission restricted to viewing a file only, preventing any alterations.
• Digital Divide: The gap between individuals and communities with and without access to the internet and digital technologies.

File Management Part 1:

• File: A unit of data with a specific format.
• Folder: A container for storing and organizing files.

Impact of the Internet

• Collaboration: Enhanced collaboration across geographic boundaries.
• Communication: Efficient dissemination of information, facilitating communication via email, video calls, and social media.
• Crowdsourcing: Engaging large groups of people to contribute ideas, knowledge, or tasks.
• Anonymity: Enablement of anonymous participation, providing a sense of privacy online.
• Censorship: Potential challenges in managing online censorship and information control.

Communication

• Email: Digital message delivery system.
• Video Calls: Real-time visual and audio communication.
• Social Media: Platforms for online interaction and sharing information.

Citizen Science

• Foldit: An online game where players solve protein folding structures, demonstrating the potential of crowdsourcing in scientific research.
• Folding@home: A distributed computing project that harnesses the computing power of personal computers to simulate protein folding, contributing to research in diseases like Alzheimer’s, Huntington’s, cancer, and HIV.

E-commerce

• Online Shopping: Purchasing goods and services directly from retailers or individuals, offering greater convenience and accessibility.
• Crowdfunding: Gathering funds from a large number of individuals for specific projects or initiatives.

Access to Information

• Open Databases: Publicly available collections of scientific publications, promoting access to knowledge for researchers and the general public.
• Wikileaks: A non-profit organization known for publishing leaked classified information, highlighting the potential for transparency but also posing risks related to sensitive data disclosure.

Digital Millennium Copyright Act

• Protects copyright holders from online theft of copyrighted material.

Future of Computing

• Traditional Computers: Rely on von Neumann architecture, using electrical circuit boards and a deterministic (predictable) model.
• New Kinds of Computers:
  • DNA Computers: Leverage DNA molecules and enzymes for complex computations.
  • Quantum Computers: Utilize principles of quantum mechanics for parallel processing and enhanced computational capabilities.

DNA Computers

• First introduced in 1994 by Leonard Adleman.
• Can store vast amounts of data.
• Perform parallel computations, significantly faster than traditional computers.
• Most effective for solving complex mathematical problems, not general-purpose computing.

Quantum Computers

• First proposed in 1981 by Paul Benioff.
• Non-deterministic, meaning their bits can be in multiple states simultaneously.
• Offer truly parallel processing, enabling trillions of operations per second.
• Currently primarily theoretical and under development.

Artificial Intelligence

• A field of computer science focused on simulating intelligent behavior in computers.

Intelligent Human Behavior

• Computers excel in specific tasks like mathematical computation, image classification, and games.
• Human capabilities that remain challenging for computers include:
  • Emotions
  • Contextual reasoning
  • Detecting irony and sarcasm
  • Reading body language.

AI Impact:

• Jobs most affected by AI: Labor-intensive roles and those involving data analysis in the financial industry.
• Health industry impact: AI aids doctors in diagnosing and treating patients by processing large datasets and up-to-date medical research.
• Risks of autonomous weapons: Potential misuse for destructive purposes.

Description

Test your knowledge on privacy and security practices. This quiz covers topics such as strong passwords, two-factor authentication, password managers, and identifying secure websites. Ensure your online presence is protected by answering these key questions.