Understanding Computer Crimes

Questions and Answers

What are some common motivations behind committing computer crimes, and how do they differ from traditional crimes?

Motivations include financial gain, espionage, revenge, or causing disruption. They differ due to reliance on technology and the potential for anonymity and remote execution.

Explain the concept of 'social engineering' in the context of computer crimes. Provide a real-world example of how it could be used.

Social engineering is manipulating individuals into divulging confidential information. Example: posing as IT support to gain login credentials.

How does the international nature of the internet complicate the prosecution of computer crimes?

Jurisdictional issues arise when crimes occur across borders. Differing laws and extradition treaties can impede prosecution.

Describe the key differences between malware, viruses, and worms in terms of their propagation methods and impact on computer systems.

Malware is a broad term for malicious software. Viruses require user action to spread; worms can self-replicate and spread without user intervention.

What is a 'phishing' attack, and what are some common techniques used by cybercriminals to deceive individuals in such attacks?

Phishing involves deceptive emails or websites to steal sensitive information. Techniques include using fake logos, creating a sense of urgency, and impersonating legitimate entities.

Explain the role of firewalls in preventing unauthorized access to computer systems. What are their limitations?

Firewalls act as a barrier, blocking unauthorized network traffic. Limitations include inability to prevent insider threats or attacks bypassing the firewall.

What are the potential consequences of a Distributed Denial of Service (DDoS) attack on a website or online service?

Consequences include website unavailability, loss of revenue, damage to reputation, and disruption of online services.

How can encryption be used to protect sensitive data stored on a computer or transmitted over a network?

Encryption transforms data into an unreadable format, requiring a decryption key for access. It secures data at rest and in transit.

What are the key principles of data privacy, and how do they relate to the prevention of computer crimes involving personal information?

Principles include consent, transparency, purpose limitation, and data minimization. Adhering to these principles reduces the risk of data breaches and misuse.

Explain the difference between symmetric and asymmetric encryption. Give a use case example for each.

Symmetric uses one key for encryption/decryption (e.g., file encryption). Asymmetric uses key pairs (e.g., digital signatures).

What measures can individuals take to protect themselves from identity theft and online fraud?

Use strong passwords, monitor credit reports, be cautious of phishing attempts, and secure social media accounts.

Describe the role of penetration testing in identifying vulnerabilities in computer systems. What are the ethical considerations?

Penetration testing simulates attacks to find weaknesses. Ethics demand consent, non-disclosure, and responsible disclosure of findings.

How do laws like the Computer Fraud and Abuse Act (CFAA) in the US and similar legislation in other countries aim to combat computer crimes?

These laws criminalize unauthorized access to computer systems and data. They provide legal frameworks for prosecuting cybercriminals.

Explain the concept of a 'zero-day' vulnerability. Why are zero-day vulnerabilities particularly dangerous?

A zero-day vulnerability is unknown to the vendor. They're dangerous because there's no patch available, making systems vulnerable.

What are the common types of evidence collected in computer crime investigations, and how is this evidence typically handled to ensure its admissibility in court?

Evidence includes logs, hard drives, network traffic. Chain of custody is maintained to ensure integrity and admissibility.

How does the use of cloud computing introduce new security challenges compared to traditional on-premises infrastructure?

Challenges include data breaches, shared infrastructure vulnerabilities, and vendor lock-in. Third party risk management is also crucial.

What is ransomware, and what steps should an organization take to prevent or recover from a ransomware attack?

Ransomware encrypts data and demands payment for its release. Prevention includes backups, security software, and employee training. Recovery involves restoring from backups and possibly negotiating with attackers.

Explain the concept of 'two-factor authentication' (2FA) and why it is considered a best practice for enhancing account security.

2FA requires two forms of identification. Best practice because it adds a layer of security beyond a password, making unauthorized access more difficult.

How can businesses safeguard their data and networks during remote work arrangements? What are some key considerations?

Use VPNs, enforce strong passwords, implement multi-factor authentication, secure home networks, and provide cybersecurity awareness training.

What are the implications of the Internet of Things (IoT) for computer security? Provide one example of a security risk associated with IoT devices.

IoT introduces vulnerabilities due to numerous, often unsecured, devices. Example: hacked smart home devices used in a DDoS attack.

Flashcards

Computer Crimes

Illegal activities conducted through computers or networks.