Risks to Data and Personal Information

Questions and Answers

PDF Questions PDF Answers

What is unauthorized access?

Access to networks by users who are not allowed. (correct)

Access permitted by the network owner.

Access granted through high security measures.

Access using legitimate credentials only.

What are botnets primarily used for?

To store data securely.

To facilitate authorized data access.

To perform harmful tasks like spreading malware. (correct)

To enhance digital security.

Which of the following best describes ransomware?

Malware that steals personal information without user knowledge.

Software that improves system performance.

A type of malware that deletes files unless a ransom is paid. (correct)

A program that provides enhanced security features.

What action can lead to accidental deletion of files?

Formatting an incorrect storage device.

How do criminals often execute phishing attacks?

By sending messages that appear to be from real organizations.

What can happen if a device loses power unexpectedly?

Files may be deleted or corrupted unintentionally.

What is a common objective of criminals when targeting digital systems?

To commit fraud or identity theft.

Which of the following is a method used to steal personal data?

Engaging in phishing techniques.

What is the primary goal of phishing messages?

To collect personal information from users

Which method is NOT used in phishing schemes?

Calling users to verify their accounts

How does spear phishing differ from general phishing?

It is aimed at a smaller number of specific users

What is pharming typically aimed at achieving?

Creating fake versions of trusted websites to extract information

Which of the following describes a method of pharming?

Altering domain name servers to redirect traffic

What is a common mistake users make that can lead them to a pharming site?

Misspelling URLs when typing them

What is one major security measure users can take to avoid phishing and pharming?

Check the authenticity of the URL in web addresses

Which of the following statements accurately reflects the nature of phishing?

Phishing relies on user ignorance and deception.

What is the primary role of a firewall in network security?

To control the flow of data into and out of a network.

What happens to data that is on a firewall's blacklist?

It is prevented from entering or exiting the network.

Which of the following is NOT recommended for creating a strong password?

Including common words or dates.

What does encryption accomplish when data is transmitted?

It scrambles data into an unreadable form.

What is the purpose of CAPTCHA tests in online accounts?

To verify that the user is a human and not a bot.

How can passwords be effectively protected on shared computers?

By using network operating systems that secure password visibility.

Which character mix is recommended for creating secure passwords?

A combination of uppercase and lowercase letters, numbers, and symbols.

Which of the following measures is used to prevent unauthorized access to a network?

Implementing firewalls with rules for data traffic.

What is the purpose of HTTPS?

To authenticate and secure online communications.

Which of the following is a reason to be cautious when opening email attachments?

The text contains multiple spelling errors.

What is a common feature that indicates a website is using HTTPS?

A green padlock in the address bar.

Why are backups important for data security?

They provide redundancy in case of data loss.

What is a potential risk of less frequent backups?

Risk of losing recent data.

Which of these is NOT a characteristic of anti-spyware software?

Removes malicious websites.

What should users look for when assessing the safety of a URL?

Presence of unusual domain endings.

What does Secure Socket Layer (SSL) provide in HTTPS?

Encryption of data transferred.

Which of the following is NOT a cause for file loss or damage?

Hardware upgrade

What is the most suitable time to schedule backups to avoid user conflict?

Late in the evening

Which of these payment systems allows users to send and receive money using email accounts?

PayPal

What information is typically required when making an online card payment?

Card number and expiration date

What method does Near Field Communication (NFC) use in contactless payment cards?

Transfer of payment data without user authentication

What is a recommended method to protect important data during backups?

Keep copies at multiple locations

Which feature helps in authenticating online card payments?

Card security code (CSC)

What is one drawback of using optical media for backups?

They deteriorate over time

Study Notes

Risks to Data and Personal Information

• Criminals may try to access and use personal or financial information to commit fraud or identity theft.
• Data is transmitted and stored digitally, creating an increased risk in the digital world.

Unauthorized Access

• Unauthorized access to networks can occur directly or through software by hackers attempting to gain access.
• Botnets are groups of computers controlled for malicious purposes, such as running and spreading malware.

Malware

• Malware can damage systems by displaying messages, playing sounds, deleting files or even reprogramming systems to perform malicious tasks.
• Ransomware threatens to delete files or restrict access to software and resources until a payment is made.

Accidental Deletion

• Users can accidentally delete files or even entire drives due to accidental key presses, incorrect formatting, or unexpected power loss.

Theft of Personal Data

• Phishing is a technique where criminals send messages, often disguised as legitimate organizations, to trick users into providing their personal and financial information.
• Spear phishing targets specific users with highly customized messages.
• Pharming manipulates websites to mimic real ones and trick users into entering their login information.
  • Criminals achieve this by redirecting internet traffic to their fake websites or using malware to alter web traffic routing.
  • They often create similar URLs to the real website to mislead users who may misspell the address.

Methods to Secure Data and Personal Information Online

• Firewalls control data flow in and out of a network, using rules to determine which traffic is allowed.
• Encryption scrambles data into an unreadable form, making it unusable without the decryption key.
• Passwords, PINs, and biometrics are used for user authentication. Strong passwords are recommended, including:
  • Length greater than 8 characters
  • Random characters (not common words, names, or dates)
  • Mix of letters, numbers, and symbols
  • Frequent changes
  • Unique passwords not used for other accounts.
• CAPTCHA tests help distinguish human users from automated software (bots) by requiring users to enter displayed letters or numbers, which bots cannot read.
• Anti-spyware software helps detect, quarantine, and remove spyware that may be trying to steal personal data.
• Access rights and file permissions limit access to files, folders, and drives, preventing unauthorized access.
• Secure websites use HTTPS (Hypertext Transfer Protocol Secure) to authenticate payment servers and provide encryption, ensuring secure connections.
• Users should be cautious when opening email attachments or hyperlinks, as they may contain malware designed to steal personal information. Pay special attention if:
  • The sender is unknown
  • The message is generic, impersonal, or irrelevant
  • The message has spelling or grammatical errors
  • The attachment is an executable file (e.g., .exe or .zip)
  • The message urges immediate action
  • The URL is unfamiliar.
• Backup procedures create copies of data, stored on external storage devices or online.
  • This safeguards data in case of device failure, damage, loss, or theft.
  • Consider backing up data regularly to ensure the latest versions are protected.
  • Use online storage for additional safety, keeping data in multiple locations.

Online Payment Systems

• Various payment systems allow online transactions for goods and services, transmitting payment details across networks.

Online Third-Party Payment Processors

• Services like PayPal and Skrill allow users to send and receive money using email accounts for identification.
• They integrate with online shopping applications for smoother transactions.

Bank Cards

• Bank cards enable online and in-store payments. Users need the following information:
  • Card number
  • Expiry date (and sometimes start date)
  • Cardholder's name
  • Card Security Code (CSC)
• Secure systems require password authentication for online payments.
• Mastercard Secure Code is an example of such a system.

Contactless Cards using NFC

• Near Field Communication (NFC) enables contactless payments, eliminating the need for PINs or user authentication.

Description

Explore the various risks associated with data and personal information in the digital world. This quiz covers unauthorized access, malware threats, accidental deletion, and identity theft techniques. Test your knowledge on how to protect sensitive information from potential threats.