Technology in Action, Chapter 9

Questions and Answers

What is the primary characteristic of cybercrime?

• Perpetration primarily through the use of a computer (correct)
• Use of electronic devices
• Involvement of physical theft
• Significant legal implications

Which of the following is not a common category of complaint related to cybercrime?

• FBI-related scams
• Identity theft
• Data encryption (correct)
• Advance fee fraud

What is the financial impact of identity theft on individuals?

• Minimal compared to other cybercrimes
• It is the most financially damaging (correct)
• Only affects businesses financially
• Financially damaging only in specific cases

What type of hacker is known for breaking into systems for nonmalicious reasons?

White-hat hacker (B)

What function does a keylogger serve?

Captures all keystrokes made on a computer (B)

What is a Trojan horse in cybersecurity terms?

A malicious program that appears useful (A)

What role do 'zombies' play in a denial-of-service attack?

They launch attacks on other computers (B)

Which term refers to a program that allows unauthorized access to a system?

Backdoor (D)

What is one method commonly used in identity theft?

Counterfeiting credit cards (B)

Which type of hacker illegally accesses systems to showcase their skills?

Grey-hat hacker (C)

What is the primary purpose of spyware?

To transmit information about users (C)

What is the function of a spam filter?

To categorize emails into folders (C)

Which statement is true regarding cookies?

Cookies are stored on your hard drive by websites (B)

What technique is used in phishing?

Creating fake scenarios to lure users (C)

What does scareware attempt to do?

Convince users their computer is infected (C)

Which of the following statements accurately describes a firewall?

It protects computers from unauthorized access (D)

What does pretexting involve?

Creating a false scenario to extract information (D)

What is the main concern regarding the use of cookies by advertisers?

Cookies invade user privacy indiscriminately (A)

What is a primary characteristic of pharming?

It involves planting malicious code on computers (C)

What security feature do comprehensive Internet security packages typically include?

Antivirus protection (B)

What is a distributed denial-of-service (DDoS) attack?

An attack that uses multiple zombie computers to flood requests. (D)

What is the primary purpose of a virus?

To replicate itself and spread to other computers. (B)

What defines a boot-sector virus?

A virus that attaches itself to a computer's master boot record. (C)

How does a logic bomb function?

By activating under certain logical conditions. (D)

What characterizes a stealth virus?

It hides its code temporarily and resides in active memory. (A)

What happens when a computer is infected with ransomware?

It compresses data files and demands payment for decryption. (D)

What is a botnet?

A network of zombie computers controlled to perform attacks. (A)

What type of virus can change its code to avoid detection?

Polymorphic virus (C)

What is the main goal of adware?

To display unsponsored advertisements. (A)

Which type of virus is activated by time or date passage?

Time bomb (C)

What is the process called when firewalls filter out packets sent to specific logical ports?

Packet filtering (C)

What is the main purpose of antivirus software?

To detect viruses and protect files (B)

What does a virus signature refer to?

The unique code of a specific virus (B)

What involves placing a virus in a secure area to prevent its spread?

Quarantining (D)

Which attack exploits weaknesses in operating systems and can affect web pages?

Drive-by download (C)

What is a recommended characteristic of strong passwords?

At least eight characters with mixed types (D)

What type of device reads a unique personal characteristic for authentication?

Biometric authentication device (B)

What does inoculation entail in the context of computer security?

Recording key attributes of files (C)

Which of the following companies offers antivirus software?

Symantec (D)

Which biometric feature is commonly used for authentication in modern devices?

Fingerprint (D)

Flashcards

Cybercrime

A criminal act primarily committed using a computer.

Cybercriminal

A person who uses computers and the internet to commit crimes.

Identity theft

Stealing personal information to impersonate someone.

Hacker

Someone who enters a computer system without permission.

White-hat hacker

A hacker who breaks into systems for security testing.

Black-hat hacker

A hacker who breaks into systems for malicious purposes.

Trojan horse

A program that seems harmless but has hidden malicious functions.

Zombie computer

A computer controlled by a hacker.

Denial-of-service attack

An attack that prevents legitimate users from accessing a system.

Packet analyzer (sniffer)

A program that examines data packets on a network.

Spyware

A program that secretly collects information about you and transmits it without your knowledge.

Tracking Cookies

Small text files websites place on your computer to track your browsing activity.

Keystroke Logger

A program that records every key you press on your keyboard.

Spam

Unwanted or junk email.

Spam Filter

A tool in your email account that automatically sorts known or suspected spam into a separate folder.

Cookies

Small text files that websites store on your computer to gather information about your browsing habits.

Social Engineering

Tricking people into revealing sensitive information through manipulation and deception.

Phishing

A technique used to trick people into giving up personal information by pretending to be a legitimate source.

Pharming

A technique where malicious software takes over your computer and redirects you to fake websites.

Scareware

Malware that pretends your computer is infected to convince you to buy fake antivirus software.

Botnet

A network of compromised computers controlled by a hacker, used to launch attacks.

DDoS Attack

A type of attack that overwhelms a target server with requests from multiple compromised computers (a botnet).

Exploit Kit

Software that scans for vulnerabilities in systems and exploits them to gain access.

Logic Bomb

A type of virus that activates when specific conditions are met, like opening a file or running a program.

Time Bomb

A virus that activates at a specific time or date.

Script/Macro Virus

A series of commands embedded in scripts or macros that execute without the user's knowledge.

Email Virus

A virus spread through email attachments or links, using the victim's address book to infect more computers.

Encryption/Ransomware Virus

A type of malware that encrypts a victim's data and demands a ransom to decrypt it.

Polymorphic Virus

A virus that changes its code to avoid detection by antivirus software.

Packet Filtering

A firewall technique that blocks network traffic based on destination port numbers.

Logical Port Blocking

A firewall technique that completely prevents access to specific ports on a network.

Network Address Translation (NAT)

A process used by firewalls to assign internal IP addresses to devices on a network, making them appear as a single IP address to the outside world.

Antivirus Software

Software designed to detect and remove viruses from a computer.

Virus Signature

A unique piece of code that identifies a specific virus.

Quarantining (Virus)

Isolating a virus in a secure area to prevent it from spreading to other files.

Drive-by Download

An attack where a user unknowingly downloads a malicious program while browsing the web.

Biometric Authentication

Using unique biological traits (fingerprint, iris scan) for authentication.

Strong Password

A password that is difficult to guess and includes a mix of uppercase, lowercase, numbers, and symbols.

Windows Hello

A facial recognition feature in Windows that allows users to log in to their devices using their face.

Study Notes

Technology in Action, Chapter 9

• Chapter 9 is titled "Securing Your System: Protecting Your Digital Data and Devices"
• Copyright © 2021 Pearson Education Ltd.

Identity Theft and Hackers

• Cybercrime is any criminal action primarily using a computer.
• Cybercriminals use computers, networks, and the internet to commit crimes.
• Common complaints include FBI-related scams, identity theft, non-delivery of merchandise, and advance fee fraud.
• Other serious complaints include computer intrusions, hacking, child pornography, and blackmail.

Identity Theft

• Identity theft occurs when a thief steals information and poses as you.
• This type of cybercrime is highly damaging financially.
• Common scams include counterfeiting credit/debit cards, changing addresses, opening new accounts, obtaining medical services, or buying and reselling houses in your name.

Hacking (1 of 4)

• A hacker is someone who unlawfully accesses a computer system.
• Types of hackers include white-hat (ethical), black-hat, and grey-hat hackers.
• Packet analyzers (sniffers) capture data packets.
• Keyloggers record keystrokes.

Hacking (2 of 4)

• Trojan horses appear useful but run malicious code.
• Backdoor programs and rootkits enable hackers to access and control computers.

Hacking (3 of 4)

• Zombies are computers controlled by hackers.
• Denial-of-service (DoS) attacks deny legitimate users access to systems.
• Distributed denial-of-service (DDoS) attacks are launched from multiple zombies.
• Botnets are large groups of zombie computers.

Hacking (4 of 4)

• Exploit kits are programs that search for vulnerabilities on computer servers.
• Logical ports are virtual communication pathways, not physical locations.

Computer Viruses (Basics)

• Viruses are programs that attach to other programs to spread.
• Their main purpose is replication.
• Secondary objectives may include being destructive (e.g., displaying messages, damaging files).
• Smartphones and tablets can also get infected.

Types of Viruses (1 of 2)

• Viruses come in various types: boot-sector viruses, logic bombs/time bombs, worms, script/macro viruses, email viruses, and encryption viruses.
• Boot-sector viruses affect the master boot record of a hard drive.
• Logic bombs and time bombs execute based on conditions or time.
• Worms spread independently.
• Script/macro viruses are command sequences.
• Email viruses spread through email attachments.
• Encryption viruses encrypt files and demand payment for decryption.

Types of Viruses (2 of 2)

• Viruses are classified by their methods of avoiding detection.
• Polymorphic viruses change their code to avoid detection, often targeting specific file types.
• Multi-partite viruses infect multiple file types.
• Stealth viruses hide their code and reside in active memory.

Online Annoyances and Social Engineering (1 of 3)

• Malware is software with malicious intent.
• Adware displays sponsored ads.
• Spyware secretly collects information.
• Keystroke loggers record keystrokes.

Online Annoyances (2 of 3)

• Spam is unwanted email.
• Tactics include spam filters.

Online Annoyances (3 of 3)

• Cookies are small text files saved on a computer when visiting a website.
• They help companies evaluate advertising effectiveness and may invade privacy but do not directly search for personal information.

Social Engineering (1 of 3)

• Social engineering is using human interaction (social skills) to get someone to reveal sensitive information.
• Pretexting creates a scenario that sounds legitimate to gain trust.

Social Engineering (2 of 3)

• Phishing tricks people into revealing information by imitating trustworthy sources.
• Pharming plants malicious code for data gathering.
• Avoiding traps is crucial: never respond directly to suspicious emails; don't click on links; verify requests; use secure sites; use phishing filters.

Social Engineering (3 of 3)

• Scareware tricks users into believing their computer is infected, then directs them to fake removal tools.

Restricting Access to Your Digital Assets (Firewalls 1 of 3)

• Firewalls can be software or hardware that protect computers from hackers.
• Operating systems often include firewalls.

Restricting Access to Your Digital Assets (Firewalls 2 of 3)

• Security suites often include firewall software.

Restricting Access to Your Digital Assets (Firewalls 3 of 3)

• Packet filtering blocks packets destined for specific logical ports.
• Logical port blocking completely rejects requests for access to those ports.
• Network Address Translation (NAT) assigns internal IP addresses on a network.

Restricting Access to Your Digital Assets (Preventing Virus Infections 1 of 3)

• Antivirus software detects and protects computers from viruses.
• Popular programs include Symantec, Trend Micro, and Avast.

Restricting Access to Your Digital Assets (Preventing Virus Infections 2 of 3)

• Virus signatures are unique portions of virus code.
• Quarantining puts viruses in a secure area.
• Inoculation records computer file attributes and keeps statistics.

Restricting Access to Your Digital Assets (Preventing Virus Infections 3 of 3)

• Drive-by downloads are attacks exploiting system vulnerabilities.
• Keeping your operating system updated helps avoid these threats.

Restricting Access to Your Digital Assets (Authentication: Passwords and Biometrics 1 of 2)

• Strong passwords are crucial.
• Minimum: eight characters with upper/lowercase, numeric, and symbols.

Restricting Access to Your Digital Assets (Authentication: Passwords and Biometrics 2 of 2)

• Biometric authentication devices (fingerprint, iris patterns, voice, face recognition), provide high security, convert unique characteristics to digital codes.

Description

Explore Chapter 9 of 'Technology in Action', which focuses on securing your system and protecting digital data and devices. Understand the concepts of identity theft and the various forms of cybercrime that threaten our security. Learn about the role of hackers and the impact of cybercrimes on individuals and organizations.