Technology in Action - Chapter 9

Questions and Answers

Cybercrime includes any criminal action done primarily through the use of a computer.

True (A)

Identity theft is the least financially damaging cybercrime for individuals.

False (B)

White-hat hackers break into systems for illegal purposes.

False (B)

A packet analyzer is a tool used by hackers to monitor network traffic.

True (A)

A distributed denial-of-service (DDoS) attack launches DoS attacks from more than one device at the same time.

True (A)

A virus is a program that seeks to protect computers from malicious software.

False (B)

A Trojan horse program appears useful but performs malicious actions without the user's knowledge.

True (A)

Logical ports are physical communication paths used for connecting devices.

False (B)

A backdoor program allows hackers to have limited access to a computer.

False (B)

Zombies are computers that hackers control to launch denial-of-service attacks.

True (A)

Boot-sector viruses replicate onto a computer's master boot record.

True (A)

In a denial-of-service attack, users are denied access due to legitimate requests being honored.

False (B)

Worms require a host file to execute and spread.

False (B)

Polymorphic viruses change their code to avoid detection by security software.

True (A)

Grey-hat hackers illegally break into systems but do so to showcase their expertise.

True (A)

The only type of hackers are white-hat and black-hat hackers.

False (B)

Encryption or ransomware viruses typically ask for payment to decrypt files.

True (A)

Adware displays sponsored advertisements on a computer.

False (B)

A time bomb virus is activated based on specific logical conditions.

False (B)

Stealth viruses hide their code in active memory to avoid being detected.

True (A)

Spyware is a desirable program that enhances system performance.

False (B)

Cookies are small text files stored on your hard drive by websites.

True (A)

Phishing is a method used to trick users into revealing personal information.

True (A)

Scareware convinces users their computer is safe while selling legitimate antivirus tools.

False (B)

A firewall can be a software program or hardware device used to protect against hackers.

True (A)

Spam filters can remove known or suspected spam from your inbox.

True (A)

Social engineering involves using technical skills to access personal information.

False (B)

Antivirus protection is typically included in comprehensive Internet security packages.

True (A)

Tracking cookies search your hard drive for personal information.

False (B)

Pretexting involves creating a legitimate sounding scenario to gather information.

True (A)

Firewalls can filter out packets sent to specific logical ports.

True (A)

Antivirus software is designed to enhance internet speed.

False (B)

A virus signature is unique to a specific computer virus.

True (A)

Drive-by downloads affect nearly 1 in 1,000 web pages.

True (A)

Passwords should be easy to remember and consist only of lowercase letters.

False (B)

Biometric authentication devices use unique personal characteristics for validation.

True (A)

Voice authentication is not considered a biometric authentication method.

False (B)

Logical port blocking involves a firewall refusing requests for specific ports.

True (A)

Quarantining allows viruses to spread to other files.

False (B)

Windows Hello is a biometric authentication system that uses facial recognition.

True (A)

Flashcards

Cybercrime

Criminal activity primarily performed through computer use.

Cybercriminal

Someone who uses computers to commit crimes.

Identity Theft

Criminals steal personal info to impersonate you.

Hacker

Someone who unlawfully enters a computer system.

White-hat Hacker

Hackers who use their skills to find and fix security flaws, not for malicious purposes.

Black-hat Hacker

Hackers who use their skills for illegal gain or malicious activities.

Trojan horse

A program that appears harmless but performs malicious actions in the background.

Denial-of-service attack

Attack where legitimate users can't access a system due to overwhelming requests.

Zombie computer

A computer under a hacker's control.

Packet analyzer (sniffer)

A program that examines data packets traveling over a network.

DDoS Attack

A coordinated attack from multiple sources to overwhelm a system, making it unavailable.

Botnet

A network of compromised computers controlled remotely by a malicious actor.

Virus

A program that replicates itself and spreads to other computers.

Logic Bomb

A virus that activates based on specific conditions or events.

Time Bomb

A virus that activates after a certain time or date.

Worm

A virus that spreads independently, without needing a host file.

Polymorphic Virus

A virus that changes its code to avoid detection by antivirus software.

Multipartite Virus

A virus designed to infect multiple file types to confuse antivirus programs.

Malware

Any software intentionally designed to cause harm or unwanted actions on a computer.

Ransomware

A type of malware that encrypts a victim's files and demands a payment for the decryption key.

Cookies

Small text files websites store on your computer when you visit.

Social Engineering

Using social skills to trick people into revealing sensitive info.

Pretexting

Creating a fake scenario to sound legitimate to get information

Phishing

Tricking people into revealing personal information through emails.

Pharming

Planting malicious code on a computer.

Scareware

Software that tries to convince you your computer is infected to scam you.

Firewall

Software or hardware that protects computers from hackers.

Antivirus Protection

Protection against viruses and other malware.

Packet Filtering

A firewall technique that blocks packets sent to specific ports.

Logical Port Blocking

Firewall technique that completely denies requests to specific ports.

Network Address Translation (NAT)

A firewall technique that assigns internal IP addresses on a network.

Antivirus Software

Software designed to detect and remove viruses.

Virus Signature

Unique code section of a virus identifiable by antivirus software.

Quarantine

Securing files or programs to prevent the spread of viruses.

Drive-by Download

Exploiting operating system weaknesses to download viruses via websites.

Strong Passwords

Passwords difficult to guess, with at least eight characters, using uppercase, lowercase, numbers, and symbols.

Biometric Authentication

Authentication method using unique biological traits (fingerprint, iris, etc.).

Windows Hello

Windows facial recognition login system.

Study Notes

Technology in Action - Chapter 9

• Chapter title: Securing Your System: Protecting Your Digital Data and Devices
• Cybercrime: Any criminal activity primarily performed using a computer.
• Cybercriminals: Individuals who use computers, networks, and the internet to commit crimes.
• Common Cybercrimes: FBI-related scams, identity theft, non-delivery of merchandise, and advance fee fraud. Other serious issues include computer intrusions (hacking), child pornography, and blackmail.
• Identity Theft: Occurs when a thief steals personal information and poses as the victim. It's the most financially damaging cybercrime for individuals.
• Types of Identity Theft Scams:
• Counterfeiting credit and debit cards
• Requesting changes of address
• Opening new credit cards
• Obtaining medical services
• Buying a house in the victim's name and reselling it

Identity Theft and Hackers

• Hackers: Individuals who unlawfully access computer systems.
• Types of Hackers:
• White-hat hackers: Ethical hackers who test security systems.
• Black-hat hackers: Break into systems for malicious reasons or illegal gain.
• Grey-hat hackers: Break into systems to demonstrate expertise or sell repair services.
• Packet analyzer (sniffer): A program used by hackers to inspect data packets traveling through networks.
• Keylogger: A program that captures keystrokes made on a computer.

Hacking (Continued)

• Trojan horses: Programs that appear useful but contain malicious code. They run in the background without the user's knowledge.
• Backdoor programs and rootkits: Allow hackers to gain access to a computer system without detection.

Hacking (Continued)

• Zombies: Hacked computers controlled remotely by a hacker.
• Denial-of-service (DoS) attacks: Hackers try to deny legitimate users access to a computer system by sending excessive requests.
• Distributed denial-of-service (DDoS) attacks: Hackers use many zombie computers to launch a DoS attack.
• Botnet: A large group of zombie computers controlled by a hacker.

Exploits and Vulnerabilities

• Exploit kits: Software programs that look for vulnerabilities in computers and servers to break in.
• Logical ports: Virtual pathways used for communication between devices on networks.

Computer Viruses

• Viruses: Programs that attach to other programs to spread to other computers. Their main purpose is to replicate and copy code into as many files as possible. Secondary objectives can be destructive (displaying messages to destroying files).

• Types of Viruses:

• Boot-sector viruses: Replicates themselves onto the hard drive's master boot record.

• Logic bombs and time bombs: Triggered by specific conditions (e.g., dates or number of times a program is used) or specific time.

• Worms: Work independently of host files, spreading quickly.

• Script and macro viruses: Series of commands that run without user knowledge.

• E-mail viruses: Spread by attachments to emails.

• Encryption viruses: Encrypt files and make them unusable until a ransom is paid.

• Methods for Avoiding Detection:

• Polymorphic viruses: Change code to avoid detection.

• Multi-partite viruses: Designed to infect multiple file types.

• Stealth viruses: Temporarily erase code from files and hide in active memory to avoid detection.

Online Annoyances

• Malware: Software with malicious intent.
• Types of Malware:
• Adware: Displays sponsored advertisements.
• Spyware: Unwanted software that transmits information in the background; uses cookies.
• Keystroke logger: Monitors keystrokes.

Spam

• Spam: Unwanted or junk email.
• Spam filters: Tools to sort and isolate spam emails.

Cookies

• Cookies: Small text files websites automatically store on a computer hard drive when a person visits a website.
• Use: Help companies track website traffic and effectiveness of marketing strategy.

Online Social Engineering

• Social engineering: Using social skills to manipulate someone into revealing sensitive information.
• Pretexting: Creating a scenario that sounds legitimate to trick someone for info.
• Phishing: Luring someone into revealing info by creating fake websites and emails.
• Pharming: Malicious code planting on a computer to gather information.
• Scareware: Attempts to manipulate by claiming the targeted computer is infected.

Firewalls

• Firewall: Software or hardware to protect computers from hackers.
• Methods:
• Packet filtering: Filters out packets sent to specific logical ports.
• Logical port blocking: Completely refuses requests from the Internet on specific ports.
• Network address translation (NAT): Assigns internal IP addresses on a network.

Preventing Virus Infections

• Antivirus software: Detects and protects computers from viruses.
• Methods:
• Virus signature: Portion of the virus code unique to a particular virus.
• Quarantining: Placing a virus in a secure area.
• Inoculation: Records attributes about files to identify and isolate malware.
• Drive-by download: Exploiting weaknesses to download viruses; prevents by maintaining up to date operating system software.

Authentication

• Strong passwords: At least 8 characters; include uppercase, lowercase, numbers, and symbols.
• Biometric authentication: Using unique physical characteristics for authentication (fingerprint, iris scan, voice scan, face scan).

Description

Explore the critical concepts of cybersecurity in Chapter 9 of 'Technology in Action.' This chapter covers various types of cybercrime, including identity theft and the role of hackers. Learn how to protect your digital data and devices from potential threats.