Technology in Action - Chapter 9

Questions and Answers

What process is used to filter out packets sent to specific logical ports?

• Network address translation
• Data encryption
• Packet filtering (correct)
• IP address blocking

What is the primary purpose of antivirus software?

• To detect and protect against viruses (correct)
• To block advertisements
• To enhance internet speed
• To manage hardware resources

What does the term 'virus signature' refer to?

• The name of the antivirus program
• The main function of the antivirus software
• A type of malware that spreads rapidly
• A portion of the virus code unique to a specific virus (correct)

Which type of attack affects a small percentage of web pages by exploiting weaknesses in systems?

Drive-by download (A)

How can you minimize the risk of malware attacks on your operating system?

By keeping the OS updated with security patches (C)

What is the recommended length for creating strong passwords?

At least eight characters (C)

Which of the following devices reads unique personal characteristics for authentication?

Biometric authentication device (A)

What does 'quarantining' mean in relation to viruses?

Placing the virus in a secure area to prevent spread (D)

What is spyware primarily designed to do?

Transmit information about your activities to external sources (D)

What is phishing aimed at achieving?

Luring individuals to reveal personal information (C)

What function does a firewall serve?

Protects computers from unauthorized access (D)

Which of the following describes scareware?

A type of malware that exploits fear of viruses to sell fake solutions (D)

What technique involves creating a seemingly legitimate scenario to deceive users?

Pretexting (A)

Which of the following is an effect of cookies?

They help companies analyze website traffic (C)

What is pharming primarily aimed at?

Phishing for user information by redirecting them to malicious sites (A)

What can spam filters do?

Separate known or suspected spam into a special folder (C)

Which of the following is included in comprehensive Internet security software packages?

Antivirus protection (C)

Which is NOT a recommended guideline to avoid phishing scams?

Respond directly to emails that request personal information (B)

What is the primary purpose of a computer virus?

To replicate itself and spread to other computers (A)

Which type of virus is triggered by a specific date or time?

Time bomb (C)

What distinguishes a polymorphic virus?

It changes its code to avoid detection (A)

Which of the following is NOT a characteristic of a DDoS attack?

It can only be executed from a single device (C)

What is the function of adware?

To display unsponsored advertisements (C)

Which type of malware replicates itself without needing a host file?

Worm (B)

What does a logic bomb do?

Activates under specific logical conditions (D)

Which type of virus attempts to evade detection by erasing code temporarily?

Stealth virus (C)

How can e-mail viruses propagate?

By using the victim's e-mail address book (B)

What is the main purpose of ransomware?

To encrypt files and demand payment for decryption (B)

What is the main purpose of a keylogger?

To capture all keystrokes made on a computer (B)

What type of hacker primarily aims to destroy information or gain illegally?

Black-hat hacker (C)

What characterizes a Trojan horse in the context of cybersecurity?

A legitimate program with malware hidden within (D)

What does identity theft commonly involve?

Stealing personal information to impersonate someone (A)

What is the role of a packet analyzer in hacking?

To monitor and sniff data packets over the Internet (C)

How is a zombie computer commonly used in cybercrime?

To launch denial-of-service attacks (B)

What is a common social engineering technique used by cybercriminals?

Using phishing emails to deceive users (A)

What distinguishes white-hat hackers from other types of hackers?

They test security systems for vulnerabilities. (B)

Which type of malware pretends to be a legitimate program while performing malicious activities?

Trojan horse (A)

What is the primary function of antivirus software?

To detect and remove malicious software (D)

Flashcards

Firewall Packet Filtering

A firewall technique that blocks packets destined for specific ports.

Firewall Port Blocking

A firewall technique that completely rejects requests for specific ports from the internet.

Network Address Translation (NAT)

A firewall process that assigns internal IP addresses on a network.

Antivirus Software

Software designed to identify and prevent harm from viruses.

Virus Signature

A unique part of a virus's code used for identification.

Quarantine (Virus)

Isolating a virus to prevent its spread to other files.

Strong Passwords

Passwords difficult for hackers to guess (at least 8 characters, and use a mix of upper, lower, numbers and symbols).

Biometric Authentication

Using unique physical traits (like fingerprints or eyes) for identification.

Drive-by Download

A computer attack that happens when visiting a malicious webpage.

Operating System Updates

Important security patches to fix weaknesses in an operating system.

Spyware definition

Unwanted program that downloads with other software, runs in the background, and transmits information about you.

Spam definition

Unwanted or junk email.

Cookies definition

Small text files websites automatically save on your hard drive.

Social Engineering definition

Using social skills to trick people into revealing sensitive information.

Phishing definition

Tricking internet users into revealing personal information.

Scareware definition

Malware that tries to trick you into buying fake antivirus tools.

Firewall definition

Software or hardware that protects computers from hackers.

Antivirus protection purpose

Protects your computer from malicious software.

Pretexting definition

Creating a fake scenario to get sensitive information.

Pharming definition

Planting malicious code on your computer.

Botnet

A group of computers controlled by a hacker to launch attacks. These infected computers are called 'zombies'.

DDoS Attack

A coordinated attack using multiple computers to overwhelm a target with requests, making it inaccessible.

Exploit Kit

Software that automatically searches for vulnerabilities in systems to exploit and install malware.

Virus

A program that replicates itself and spreads to other computers, potentially causing damage or disruption.

Boot-Sector Virus

A type of virus that infects the master boot record of a hard drive, making it difficult to boot up the computer.

Logic Bomb

A virus that is triggered by specific conditions, like opening a certain file or starting a program multiple times.

Time Bomb

A virus that is activated after a specific period or on a particular date.

Worm

A virus that spreads independently of a host file, traveling through networks and exploiting vulnerabilities.

Polymorphic Virus

A virus that changes its code to avoid detection by antivirus software.

Malware

Software designed to intentionally harm or disrupt computer systems, including viruses, worms, and trojans.

Cybercrime

Any criminal activity primarily committed using computers, networks, and the internet.

Identity Theft

When someone steals your personal information and impersonates you.

What is a hacker?

Someone who illegally gains access to a computer system.

White-hat hacker

A hacker who breaks into systems for ethical reasons, like security testing or exposing vulnerabilities.

Black-hat hacker

A hacker who breaks into systems with malicious intent, such as stealing data or causing damage.

Trojan Horse

A program that appears harmless but secretly performs malicious actions in the background.

Backdoor program

Software that allows hackers to secretly access and control a computer.

Zombie

A computer secretly controlled by a hacker.

Denial-of-service attack

An attack that floods a system with requests, preventing legitimate users from accessing it.

Packet analyzer

A program used by hackers to capture and examine data packets traveling over a network.

Study Notes

Technology in Action - Chapter 9

• Chapter title: Securing Your System: Protecting Your Digital Data and Devices
• Cybercrime is any criminal activity primarily done using computers.
• Cybercriminals are individuals who use computers, networks, and the Internet to commit crimes.
• Four common complaints include FBI-related scams, identity theft, non-delivery of merchandise, and advance-fee fraud.
• Other serious complaints include computer intrusions, hacking, child pornography, and blackmail.

Identity Theft and Hackers

• Cybercrime is a criminal action done primarily through a computer.
• Cybercriminals are individuals utilizing computers for crime.
• Common cybercrime types: FBI-related scams, identity theft, non-delivery of merchandise, and advance-fee fraud.
• Other types include computer intrusions, hacking, child pornography, and blackmail.

Identity Theft

• Identity theft occurs when a thief assumes your identity.
• It's the most financially damaging form of cybercrime.
• Examples of scams during identity theft: -Counterfeiting credit/debit cards -Requesting address changes -Creating new credit accounts -Getting medical services -Buying a home and reselling it

Hacking

• A Hacker is someone breaking into a computer system.
• Types of hackers: -White-hat hackers–use hacking for ethical testing -Black-hat hackers– use hacking for illegal gain -Grey-hat hackers– use hacking to showcase their skills

Hacking (continued)

• Packet analyzer (sniffer) is a program deployed to examine network traffic.
• Keylogger is a program capturing keystrokes.

Hacking (continued)

• Trojan horses are programs appearing as helpful but maliciously execute code in the background.
• Backdoor programs and rootkits give hackers access without user knowledge.

Hacking (continued)

• A Zombie computer is controlled by a hacker for denial-of-service attacks.
• Denial-of-service attacks make legitimate users inaccessible by flooding requests to a computer system.
• DDoS (Distributed Denial-of-Service) attacks are launched from multiple zombies simultaneously.
• A botnet is a large group of zombie computers.

Hacking (continued)

• Exploit kits are programs located on servers, designed to detect and exploit system vulnerabilities.
• Logical ports are virtual, not physical, communications paths.

Computer Viruses

• A virus attaches to a program to spread to other computers.
• The main function is to duplicate itself in many files.
• Consequences may range from annoying pop-ups to file deletion.
• Viruses can infect smartphones and tablets

Computer Viruses (continued)

• Viruses can be categorized as: -Boot-sector viruses -Logic bombs/time bombs -Worms -Script/macro viruses -Email viruses -Encryption viruses

Computer Viruses (continued)

• Classification methods for virus avoidance: -Polymorphic viruses change their code periodically -Multi-partite viruses infect multiple file types -Stealth viruses hide in active memory by erasing their code

Online Annoyances and Social Engineering

• Malware is software with malicious intent. -Adware displays advertisements -Spyware collects information and runs in the background -Keystroke logger records keystrokes
• Spam is unwanted email. -Spam filters are tools to limit spam.

Online Annoyances and Social Engineering (continued)

• Cookies are small text files stored on your computer when you visit websites.
• Websites use cookies to understand user activity and effectiveness of marketing efforts.
• Cookies don't directly harm your computer.

Online Annoyances and Social Engineering (continued)

• Social engineering utilizes social skills to gain information from individuals.
• Pretexting is impersonation.

Online Annoyances and Social Engineering (continued)

• Phishing is tricking individuals into revealing personal information by pretending to be a trustworthy entity.
• Pharming plants malicious code on computers to gain information.
• Guidelines to avoid scams include avoiding email requests for information and verifying from the company directly.
• Use secure sites, phishing filters, and updated internet security software.

Online Annoyances and Social Engineering (continued)

• Scareware is malware that tries to convince you of a problem and get you to pay for a solution.

Restricting Access to Your Digital Assets: Firewalls

• A firewall is a software or hardware that protects your computer from hackers.
• Windows and macOS include firewalls.
• Firewalls use packet filtering, logical port blocking, and network address translation to control network traffic.

Restricting Access to Your Digital Assets: Preventing Virus Infections

• Antivirus software detects and protects your computer from viruses.
• Popular antivirus programs include Symantec, Trend Micro, and Avast.
• Virus signatures are unique codes used to identify specific viruses.
• Quarantining isolates infected files.
• Inoculation records key attributes of files.
• Keeping your operating system updated can prevent drive-by download attacks.

Restricting Access to Your Digital Assets: Authentication

• Strong passwords should have at least eight characters with a combination of uppercase, lowercase, numbers, and symbols.
• Biometric authentication devices use unique physical characteristics like fingerprints, iris scans, and facial recognition.

Description

Explore the critical concepts of cybercrime and digital security in Chapter 9. This chapter delves into identity theft, hacking, and various cybercriminal activities. Learn about common complaints related to cybercrimes and the importance of protecting your digital data and devices.