Rising Ransomware Payouts Trends

Questions and Answers

What types of data are mentioned in the text?

• Public, secure, encrypted
• Valuable, private, dangerous (correct)
• Public, confidential, secure
• Shared, temporary, sensitive

Why is implementing secure software and hardware challenging?

• Lack of security vulnerabilities
• Developers are well-informed
• Ignorance and unawareness of developers (correct)
• High level of encryption

What is a common theme among recent vulnerabilities mentioned in the text?

• Remote control access
• Secure network protocols
• Data recovery solutions
• Security vulnerabilities in various systems (correct)

What is often leaked during security breaches according to the text?

Names, addresses, passwords (C)

Which company is described as a high-stakes negotiator with ransomware attackers?

Coveware (A)

What type of attacks does the text mention Coveware dealing with?

Malware attacks (A)

What was the average ransom payout in Q3 2020?

$233,817.30 (B)

By what percentage did the average ransom payout rise in the past quarter?

21% (C)

What type of malware targeted ICS systems and sabotaged Iran?

Stuxnet Worm (A)

What is often considered a game of good and evil players?

Practice and theory of security (C)

Which ransomware heavyweights are mentioned as the primary driving factor in the demand for high ransoms?

NotPetya (A)

What area often sees an intersection with many areas of computer science according to the text?

Practice and theory of security (D)

What is the definition of 'Usurpation'?

Unauthorized control of resources (C)

Which security mechanism focuses on preventing attacks prior to the violation of security goals?

Encryption (C)

What is the main purpose of a security policy?

Statement of what is and what is not allowed (D)

Which strategy for security mechanisms involves the use of a virus scanner?

Detection (D)

What is the primary focus of the mechanism 'Authentication' in the context of security?

Verifying the identity of users and entities (A)

What does the term 'CIA' stand for in the context of security goals?

Confidentiality, Integrity, Availability (A)

Which of the following is an example of an attack on Integrity?

An attacker changes the receipt of a bank transaction (D)

What security measure is used to protect resources from unauthorized disclosure?

Encryption of data (D)

Which class of threat involves unauthorized access to information?

Disclosure (A)

What does the term 'Deception' refer to in security terms?

Acceptance of false data (A)

Which security measure is used to protect resources from unauthorized disruption?

Restriction (D)

What is the main goal of the 'Crash course in IT Security'?

To touch the majority of practical relevant security topics (A)

How many PhD students are part of Prof. Dr. Martin Johns' team at the Institute of Application Security?

8 PhD students (C)

What is required to pass the class 'Einführung in die IT-Sicherheit'?

Completing 50% of the weekly exercise sheets (A)

Which topic is NOT covered in the 'Crash course in IT Security'?

Data Privacy Laws (A)

What are the two types of assessments in the 'Einführung in die IT-Sicherheit' class?

Studienleistung and Prüfungsleistung (A)

What level of fear is associated with the 'Exercises' part of the course?

'No fear!' as experimentation is encouraged (A)

Flashcards are hidden until you start studying