Spam, Phishing, and Cybersecurity Review (PDF)
Document Details
Uploaded by Deleted User
Kay Aldrin
Tags
Summary
This document is a reviewer's notes on topics related to cybersecurity, including spam, phishing, and various kinds of attacks. The notes cover different types of attacks including Denial-of-service (DoS) and discuss security flaws and how to report them. Additionally, it touches on the importance of ethical considerations in technology.
Full Transcript
GROUP 3\ \ IDENTIFICATION 1. **DENIAL-OF-SERVICE (DOS) ATTACKS -** SPAM INVOLVES SENDING LARGE NUMBERS OF MESSAGES. 2. **PHISHING -** TRICK USERS INTO PROVIDING SENSITIVE INFORMATION. 3. **EMAIL SPAM -** SPAM INVOLVES SENDING LARGE VOLUMES OF EMAILS. 4. **SOCIAL MEDIA SPAM** - TYPE OF SP...
GROUP 3\ \ IDENTIFICATION 1. **DENIAL-OF-SERVICE (DOS) ATTACKS -** SPAM INVOLVES SENDING LARGE NUMBERS OF MESSAGES. 2. **PHISHING -** TRICK USERS INTO PROVIDING SENSITIVE INFORMATION. 3. **EMAIL SPAM -** SPAM INVOLVES SENDING LARGE VOLUMES OF EMAILS. 4. **SOCIAL MEDIA SPAM** - TYPE OF SPAM OCCURS ON PLATFORMS (IG, FB). 5. **SPAM FILTER** - SOFTWARE DESIGNED TO DETECT AND BLOCK SPAM. 6. **SPOOFING** - TRICK USERS INTO THINKING A MALICIOUS EMAIL IS LEGITIMATE. 7. **CLICKBAIT AND FAKE OFFERS** - COMMON TECHNIQUES USED BY SPAMMERS. 8. **SEARCH ENGINE SPAM (SEO SPAM)** - MANIPULATE SEARCH ENGINE RANKINGS. 9. **BOTNETS** - COMMON METHOD USED BY SPAMMERS. 10. **CAN SPAM ACT** - THE NAME OF THE LEGISLATION IN THE UNITED STATES. TRUE OR FALSE 1. **TRUE** - SPAM MESSAGES ORIGINATED IN THE 1980S AS ADVERTISING ON BULLETIN BOARD SYSTEMS (BBS). 2. **TRUE** - THE TERM \"SPAM\" COMES FROM A MONTY PYTHON SKETCH. 3. **FALSE** - SPAMMING OCCURS ON MULTIPLE PLATFORMS, INCLUDING SOCIAL MEDIA, MESSAGING APPS, AND FORUMS. 4. **TRUE** - SPAM CAN HAVE A FINANCIAL IMPACT ON BUSINESSES. 5. **FALSE** - NOT ALL SPAM EMAILS ARE ILLEGAL UNDER THE CAN-SPAM ACT; IT DEPENDS ON COMPLIANCE WITH ITS REQUIREMENTS. 6. **TRUE** - PHISHING EMAILS ARE A TYPE OF SPAM. 7. **FALSE** - SPAMMING IS OFTEN USED FOR MALICIOUS PURPOSES, INCLUDING SCAMS AND PHISHING, NOT JUST MARKETING. 8. **TRUE** - SPAM CAN LEAD TO MALWARE INFECTIONS THROUGH MALICIOUS LINKS. 9. **FALSE** - SOCIAL MEDIA PLATFORMS ALSO EXPERIENCE SPAM-RELATED ACTIVITIES. 10. **TRUE** - SPAM FILTERS REDUCE THE AMOUNT OF SPAM IN INBOXES. GROUP 4 IDENTIFICATION 1. **BADLOCK** - A FLAW THAT AFFECTED ALMOST ALL VERSIONS OF WINDOWS. 2. **COMMUNICATION MECHANISMS AND PROCESS** - THIS ENABLES A COMPANY TO IDENTIFY HOW RESEARCHERS SUBMIT VULNERABILITY REPORTS. 3. **HTTPOXY** - APPLICATIONS THAT USE A HYPERTEXT TRANSFER PROTOCOL PROXY. 4. **KRACK** - AN ATTACK ON WI-FI PROTECTED ACCESS 2 AUTHENTICATION. 5. **VULNERABILITY DISCLOSURE POLICY** - PROVIDES STRAIGHTFORWARD GUIDELINES FOR SUBMITTING SECURITY VULNERABILITIES TO ORGANIZATIONS. 6. **SELF-DISCLOSURE/S** - OCCUR WHEN THE MANUFACTURERS OF PRODUCTS WITH VULNERABILITIES DISCOVER THE FLAWS AND MAKE THEM PUBLIC, USUALLY SIMULTANEOUSLY WITH PUBLISHING PATCHES OR OTHER FIXES. 7. **IMAGETRAGICK** - OPEN SOURCE IMAGEMAGICK LIBRARY FOR PROCESSING IMAGES. 8. **RESPONSIBLE DISCLOSURE/S** - UNDER A RESPONSIBLE DISCLOSURE PROTOCOL. 9. **FULL DISCLOSURE/S**, A VULNERABILITY IS PUBLICLY RELEASED IN ITS ENTIRETY. 10. **VENDOR DISCLOSURE/S**, OCCUR WHEN RESEARCHERS ONLY REPORT VULNERABILITIES TO THE APPLICATION VENDORS, WHICH THEN DEVELOP PATCHES. TRUE OR FALSE 1. **FALSE - COMPUTER EMERGENCY READINESS TEAM** (**[CERT]**) IS THE PRACTICE OF REPORTING SECURITY FLAWS IN COMPUTER SOFTWARE OR HARDWARE. 2. **FALSE** - IN 2010, **GOOGLE** ATTEMPTED TO RESHAPE THE DISCLOSURE LANDSCAPE BY INTRODUCING A NEW CONCEPT OF COORDINATED DISCLOSURE REFERRED TO AS COORDINATED VULNERABILITY DISCLOSURE (CVD). 3. **FALSE - HTTPOXY** IS AN ATTACK ON WI-FI PROTECTED ACCESS 2 AUTHENTICATION. 4. **TRUE** - THE USERS OF THE VULNERABLE PRODUCTS OR SERVICES MAY PREFER THAT THE SYSTEMS THEY USE ARE PATCHED AS QUICKLY AS POSSIBLE. 5. **TRUE** - MANY PRODUCTS TODAY SUPPORT THE COMMON VULNERABILITY SCORING SYSTEM (CVSS), AN APPROACH USED BY THE NATIONAL VULNERABILITY DATABASE (NVD). 6. **TRUE - (BRAND PROMISE)** THIS ENABLES A COMPANY TO DEMONSTRATE ITS COMMITMENT TO SECURITY TO CUSTOMERS AND OTHERS POTENTIALLY AFFECTED BY A VULNERABILITY BY ASSURING USERS AND THE PUBLIC THAT SAFETY AND SECURITY ARE ESSENTIAL. 7. **FALSE - NVD** OFFERS A WAY FOR PEOPLE TO REPORT VULNERABILITIES IN A COMPANY\'S PRODUCTS OR SERVICES. 8. **TRUE - FULL DISCLOSURES** A TYPE OF VULNERABILITY WHERE IT PUBLICLY RELEASED IN ITS ENTIRETY, OFTEN AS SOON AS THE DETAILS OF THE VULNERABILITY ARE KNOWN. 9. **FALSE** - RESEARCHERS, CYBERSECURITY PROFESSIONALS [ ] AND ENTERPRISES WHOSE SENSITIVE DATA OR SYSTEMS MAY BE AT RISK **NOT PREFER** TO ANNOUNCE PUBLICLY AS SOON AS POSSIBLE. 10. **TRUE - BADLOCK**, A FLAW THAT AFFECTED ALMOST ALL VERSIONS OF WINDOWS. GROUP 5 IDENTIFICATION 1. **ADAPTABILITY TO CHANGE** - BUILDING RESILIENCE IN THE FACE OF RAPID TECHNOLOGICAL ADVANCEMENTS. 2. **WORKPLACE ETHICS AND WELL-BEING** - ENCOURAGING ETHICAL LEADERSHIP AND DECISION-MAKING. 3. **TRANSPARENCY AND ACCOUNTABILITY** - CREATING AN OPEN ENVIRONMENT WHERE ETHICAL CONCERNS ARE ADDRESSED. 4. **COLLABORATION AND INCLUSION** - FOSTERING TEAMWORK ACROSS DIVERSE GROUPS. 5. **INNOVATION AND CREATIVITY** - SUPPORTING A CULTURE OF CONTINUOUS LEARNING AND ADAPTATION. 6. **INNOVATION AND CREATIVITY** - ENCOURAGING EXPERIMENTATION WHILE MAINTAINING ETHICAL BOUNDARIES. 7. **COLLABORATION AND INCLUSION** - EMPHASIZING EQUITY AND REPRESENTATION IN THE TECH WORKFORCE. 8. **TRANSPARENCY AND ACCOUNTABILITY** - HOLDING ORGANIZATIONS ACCOUNTABLE FOR UNETHICAL ACTIONS (E.G., MISUSE OF AI OR DATA BREACHES). 9. **WORKPLACE ETHICS AND WELL-BEING** - PROMOTING WORK-LIFE BALANCE IN TECH-HEAVY ROLES TO AVOID BURNOUT. 10. **ADAPTABILITY TO CHANGE** - PREPARING EMPLOYEES AND USERS FOR SHIFTS SUCH AS AUTOMATION OR AI INTEGRATION. TRUE OR FALSE 1. **FALSE** - TECHNOLOGY ETHICS AND CULTURE DO PLAY A VITAL ROLE IN SHAPING HOW TECHNOLOGY IS DEVELOPED. 2. **TRUE** - TECHNOLOGY CULTURE IS THE SHARED VALUES, BEHAVIORS, AND PRACTICES THAT GUIDE HOW INDIVIDUALS AND ORGANIZATIONS INTERACT WITH TECHNOLOGY. 3. **TRUE** - SHAPING ETHICAL POLICIES IS ABOUT CULTURAL AWARENESS PRACTICES THAT ARE NOT JUST MORAL IMPERATIVES BUT ALSO STRATEGIC ASSETS. 4. **TRUE** - TECHNOLOGY CULTURE PROMOTES WORK-LIFE BALANCE IN TECH-HEAVY ROLES TO AVOID BURNOUT. 5. **FALSE** - ONE OF THE EXAMPLES OF TECHNOLOGY ETHICS AND CULTURE IN ACTION IS DISCOURAGING HARMFUL TECHNOLOGY. 6. **FALSE** - CYBERSECURITY AND RESPONSIBILITY ARE NOT ABOUT REDUCING THE CARBON FOOTPRINT OF TECHNOLOGY. 7. **FALSE** - INNOVATION AND CREATIVITY ARE NOT SOLELY ABOUT FOSTERING TEAMWORK ACROSS DIVERSE GROUPS. 8. **TRUE** - TECHNOLOGY AND CULTURE CAN BOTH EVOLVE. 9. **FALSE** - SPACEX\'S STARLINK DOES DEMONSTRATE TECHNICAL ETHICS AND CULTURE. 10. **TRUE** - TECHNOLOGY CULTURE\'S KEY ASPECTS HELP ENHANCE BETTER USE OF TECHNOLOGY.
