Technology in Action - Chapter 9

Questions and Answers

Cybercrime includes any criminal action done primarily through the use of a computer.

True

Identity theft is the least financially damaging cybercrime for individuals.

False

White-hat hackers break into systems for illegal purposes.

False

A packet analyzer is a tool used by hackers to monitor network traffic.

True

A distributed denial-of-service (DDoS) attack launches DoS attacks from more than one device at the same time.

True

A virus is a program that seeks to protect computers from malicious software.

False

A Trojan horse program appears useful but performs malicious actions without the user's knowledge.

True

Logical ports are physical communication paths used for connecting devices.

False

A backdoor program allows hackers to have limited access to a computer.

False

Zombies are computers that hackers control to launch denial-of-service attacks.

True

Boot-sector viruses replicate onto a computer's master boot record.

True

In a denial-of-service attack, users are denied access due to legitimate requests being honored.

False

Worms require a host file to execute and spread.

False

Polymorphic viruses change their code to avoid detection by security software.

True

Grey-hat hackers illegally break into systems but do so to showcase their expertise.

True

The only type of hackers are white-hat and black-hat hackers.

False

Encryption or ransomware viruses typically ask for payment to decrypt files.

True

Adware displays sponsored advertisements on a computer.

False

A time bomb virus is activated based on specific logical conditions.

False

Stealth viruses hide their code in active memory to avoid being detected.

True

Spyware is a desirable program that enhances system performance.

False

Cookies are small text files stored on your hard drive by websites.

True

Phishing is a method used to trick users into revealing personal information.

True

Scareware convinces users their computer is safe while selling legitimate antivirus tools.

False

A firewall can be a software program or hardware device used to protect against hackers.

True

Spam filters can remove known or suspected spam from your inbox.

True

Social engineering involves using technical skills to access personal information.

False

Antivirus protection is typically included in comprehensive Internet security packages.

True

Tracking cookies search your hard drive for personal information.

False

Pretexting involves creating a legitimate sounding scenario to gather information.

True

Firewalls can filter out packets sent to specific logical ports.

True

Antivirus software is designed to enhance internet speed.

False

A virus signature is unique to a specific computer virus.

True

Drive-by downloads affect nearly 1 in 1,000 web pages.

True

Passwords should be easy to remember and consist only of lowercase letters.

False

Biometric authentication devices use unique personal characteristics for validation.

True

Voice authentication is not considered a biometric authentication method.

False

Logical port blocking involves a firewall refusing requests for specific ports.

True

Quarantining allows viruses to spread to other files.

False

Windows Hello is a biometric authentication system that uses facial recognition.

True

Study Notes

Technology in Action - Chapter 9

• Chapter title: Securing Your System: Protecting Your Digital Data and Devices
• Cybercrime: Any criminal activity primarily performed using a computer.
• Cybercriminals: Individuals who use computers, networks, and the internet to commit crimes.
• Common Cybercrimes: FBI-related scams, identity theft, non-delivery of merchandise, and advance fee fraud. Other serious issues include computer intrusions (hacking), child pornography, and blackmail.
• Identity Theft: Occurs when a thief steals personal information and poses as the victim. It's the most financially damaging cybercrime for individuals.
• Types of Identity Theft Scams:
• Counterfeiting credit and debit cards
• Requesting changes of address
• Opening new credit cards
• Obtaining medical services
• Buying a house in the victim's name and reselling it

Identity Theft and Hackers

• Hackers: Individuals who unlawfully access computer systems.
• Types of Hackers:
• White-hat hackers: Ethical hackers who test security systems.
• Black-hat hackers: Break into systems for malicious reasons or illegal gain.
• Grey-hat hackers: Break into systems to demonstrate expertise or sell repair services.
• Packet analyzer (sniffer): A program used by hackers to inspect data packets traveling through networks.
• Keylogger: A program that captures keystrokes made on a computer.

Hacking (Continued)

• Trojan horses: Programs that appear useful but contain malicious code. They run in the background without the user's knowledge.
• Backdoor programs and rootkits: Allow hackers to gain access to a computer system without detection.

Hacking (Continued)

• Zombies: Hacked computers controlled remotely by a hacker.
• Denial-of-service (DoS) attacks: Hackers try to deny legitimate users access to a computer system by sending excessive requests.
• Distributed denial-of-service (DDoS) attacks: Hackers use many zombie computers to launch a DoS attack.
• Botnet: A large group of zombie computers controlled by a hacker.

Exploits and Vulnerabilities

• Exploit kits: Software programs that look for vulnerabilities in computers and servers to break in.
• Logical ports: Virtual pathways used for communication between devices on networks.

Computer Viruses

• Viruses: Programs that attach to other programs to spread to other computers. Their main purpose is to replicate and copy code into as many files as possible. Secondary objectives can be destructive (displaying messages to destroying files).

• Types of Viruses:

• Boot-sector viruses: Replicates themselves onto the hard drive's master boot record.

• Logic bombs and time bombs: Triggered by specific conditions (e.g., dates or number of times a program is used) or specific time.

• Worms: Work independently of host files, spreading quickly.

• Script and macro viruses: Series of commands that run without user knowledge.

• E-mail viruses: Spread by attachments to emails.

• Encryption viruses: Encrypt files and make them unusable until a ransom is paid.

• Methods for Avoiding Detection:

• Polymorphic viruses: Change code to avoid detection.

• Multi-partite viruses: Designed to infect multiple file types.

• Stealth viruses: Temporarily erase code from files and hide in active memory to avoid detection.

Online Annoyances

• Malware: Software with malicious intent.
• Types of Malware:
• Adware: Displays sponsored advertisements.
• Spyware: Unwanted software that transmits information in the background; uses cookies.
• Keystroke logger: Monitors keystrokes.

Spam

• Spam: Unwanted or junk email.
• Spam filters: Tools to sort and isolate spam emails.

Cookies

• Cookies: Small text files websites automatically store on a computer hard drive when a person visits a website.
• Use: Help companies track website traffic and effectiveness of marketing strategy.

Online Social Engineering

• Social engineering: Using social skills to manipulate someone into revealing sensitive information.
• Pretexting: Creating a scenario that sounds legitimate to trick someone for info.
• Phishing: Luring someone into revealing info by creating fake websites and emails.
• Pharming: Malicious code planting on a computer to gather information.
• Scareware: Attempts to manipulate by claiming the targeted computer is infected.

Firewalls

• Firewall: Software or hardware to protect computers from hackers.
• Methods:
• Packet filtering: Filters out packets sent to specific logical ports.
• Logical port blocking: Completely refuses requests from the Internet on specific ports.
• Network address translation (NAT): Assigns internal IP addresses on a network.

Preventing Virus Infections

• Antivirus software: Detects and protects computers from viruses.
• Methods:
• Virus signature: Portion of the virus code unique to a particular virus.
• Quarantining: Placing a virus in a secure area.
• Inoculation: Records attributes about files to identify and isolate malware.
• Drive-by download: Exploiting weaknesses to download viruses; prevents by maintaining up to date operating system software.

Authentication

• Strong passwords: At least 8 characters; include uppercase, lowercase, numbers, and symbols.
• Biometric authentication: Using unique physical characteristics for authentication (fingerprint, iris scan, voice scan, face scan).

Description

Explore the critical concepts of cybersecurity in Chapter 9 of 'Technology in Action.' This chapter covers various types of cybercrime, including identity theft and the role of hackers. Learn how to protect your digital data and devices from potential threats.