C9 COMPUTER FRAUD

Question 1

**COMPUTER FRAUD **

Answer 1

direct computer attack
6 steps: CASREC
1. conduct reconaissance
2. attempt social-engineering
3. scan & map target
4. research
5. execute attack
6. cover the track

Question 2

HACKING ?

Answer 2

unathorized access, modify/ use of electronic device/ some element of computer system

Question 3

HIJACKING ?

Answer 3

gain control someone else computer to carryout illicit activities

Question 4

DENIAL OF SERVICE (DOS) ?

Answer 4

web server overloaded & shuts down

Question 5

BRUTE FORCE ATTACK ?

Answer 5

try & error method that uses software to guess info > user ID, pass to gain access to system

Question 6

PASS CRACKING ?

Answer 6

recover pass by try & error every possible combo/ try every possible combo

Question 7

DICTIONARY ATTACK ?

Answer 7

software that generate user ID & pass guesses using dictionary possible user ID & pass ( guess user ID & pass)

Question 8

SPAMMING ?

Answer 8

simultaneously sending the same unsolicited message to many people

Question 9

SPOOFING ?

Answer 9

alter some part of electronic communication to make it look as if someone else the communication in order to gain trust of recipient

Question 10

MASQUERADING / IMPERSONATION ?

Answer 10

gain access to system by pretending to be authorized user. this requires the petrator know the legal user ID & pass

Question 11

PIGGYBACKING ?

Answer 11

1. using neighbour wifi network
2. an unauthorized person follow authorized person through secure door, bypassing physical security control

Question 12

PHREAKING ?

Answer 12

attack phone system to obtain free phone line access (telephone lines)

Question 13

SALAMI TECHNIQUE

Answer 13

steal tiny slices of money from many different accounts

Question 14

INTERNET PUMP-AND-DUMP

Answer 14

use the internet to pump up the price of stock & then sell it

Question 15

SOCIAL ENGINEERING

Answer 15

technique used to obtain confidential info - trick people

Question 16

IDENTITY THEFT ?

Answer 16

assume someone else identity for economic gain by illegal obtaining confidential information

Question 17

PRETEXTING ?

Answer 17

use invented scenario that create legal in the target mind’s

Question 18

POSING ?

Answer 18

create buss that seem legal, collect personal info while making a sale & never deliver the product

Question 19

PHISHING ?

Answer 19

send electronic message pretend to be legal company, request info/verify & often warning of it consequence if it is not provided

Question 20

VISHING ?

Answer 20

voice phishing, enters confidential data by phone

Question 21

TYPOSQUATTING / URL HIJACKING

Answer 21

set up similarly named website so that users making typographical errors when enter website name & sent to invalid site

Question 22

SCAVENGING / DUMPSTER DIVING ?

Answer 22

search doc & records to gain access confidential info. this include searching garbage cans, communal trash bin & city dumps ( physical )

Question 23

**MALWARE **

Answer 23

any software that is used to do harm

Question 24

SPYWARE

Answer 24

software that secretly monitor computer usage, collect personal info users & send to someone else & wthout company user’s permission

Question 25

ADWARE

Answer 25

banner ads to pop up on monitor, collect info about user’s web-surfing & spending habits

Question 26

CYBER-EXTRORTION ATTACK

Answer 26

threat to harm company person if a specified amount money is paid

Question 27

KEYLOGGER

Answer 27

software that records computer activity

Question 28

VIRUS

Answer 28

self replicating, executable codes that attaches itself to a file/ program ( a segment that attaches to file, program/… )

Question 29

WORM

Answer 29

similar to virus but it is stand-alone program ( replicates itself from one machine to another, target whole network rather than specific files on individual computers )

Question 30

BLUESNARFING

Answer 30

stealing ( snarfing) in Bluetooth app

Question 31

BLUEBUGGING

Answer 31

take control of someone else’s phone