CH. 6 Terms

Question 1

Adware – Software that collects consumer surfing and purchasing data (I)

Answer 1

.

Question 2

2. Botnet – A network of hijacked computers (O)

Answer 2

.

Question 3

3. Bot herder – Hackers that control hijacked computers (R)

Answer 3

.

Question 4

4. Click fraud – Inflating advertising revenue by clicking online ads numerous times (U)

Answer 4

.

Question 5

5. DoS – Overloading an Internet service provider’s email server by sending hundreds of email messages per second from randomly generated false address (T)

Answer 5

.

Question 6

6. Email threats – Sending an email instructing the recipient to do something or else suffer adverse consequences (C)

Answer 6

.

Question 7

7. Hijacking – Gaining control of a computer to carry out unauthorized illicit activities (L)

Answer 7

.

Question 8

8. Internet misinformation – Circulating lies or misleading information using the world’s largest
   network (S)

Answer 8

.

Question 9

9. Internet terrorism – Using the internet to disrupt communications and e-commerce (M)

Answer 9

.

Question 10

10. Key logger – Use of spyware to record a user’s keystrokes (Q)

Answer 10

.

Question 11

11. Pharming – Diverting traffic from a legitimate website to a hacker’s website to gain access to personal and confidential information (N)

Answer 11

.

Question 12

12. Phishing – Emails that look like they came from a legitimate source but are actually from a hacker who is trying to get the user to divulge personal information (J)

Answer 12

.

Question 13

13. Spamming – Emailing an unsolicited message to many people at the same time (E)

Answer 13

.

Question 14

14. Splog – A spam blog that promotes affiliated websites to increase their Google PageRank (H)

Answer 14

.

Question 15

15. Spyware – Software that monitors and reports a user’s computing habits (A)

Answer 15

.

Question 16

16. Spoofing – Making an email look like it came from someone else (K)

Answer 16

.

Question 17

17. Typosquatting – Creating websites with names similar to real websites so users making errors while entering a website name are sent to a hacker’s site (F)

Answer 17

.

Question 18

1. Bluebugging – Making phone calls and sending text messages using another user’s phone without physically holding that phone (I)

Answer 18

.

Question 19

2. Bluesnarfing – Capturing data from devices that use Bluetooth technology (K)

Answer 19

.

Question 20

3. Eavesdropping – Intercepting and/or listening in on private voice and data transmissions (F)

Answer 20

.

Question 21

4. Evil twin – A rogue wireless access point masquerading as a legitimate access point (M)

Answer 21

.

Question 22

5. Packing sniffing – deep packet filtering (G)

Answer 22

.

Question 23

6. Phreaking – Using telephone lines to transmit viruses and to access, steal, and destroy data (J)

Answer 23

.

Question 24

7. Piggybacking – Gaining access to a protected system by latching onto a legitimate user (D)

Answer 24

.

Question 25

8. Vishing – Emails instructing a user to call a phone number where they are asked to divulge personal information (B)

Answer 25

.

Question 26

9. War dialing – Searching for modems on unprotected phone lines in order to access the attached computer and gain access to the network to which it is attached (H)

Answer 26

.

Question 27

10. War driving – Searching for unprotected wireless networks in a vehicle (C)

Answer 27

.

Question 28

1. Chipping – Inserting a chip that captures financial data in a legitimate credit card reader (E)

Answer 28

.

Question 29

2. Data diddling – Altering data before or during entry into a computer system (I)

Answer 29

.

Question 30

3. Data leakage – Copying company data, such as computer files without permission (F)

Answer 30

.

Question 31

4. Identity theft – Illegally obtaining confidential information, such as a SSN, about another person so that ii can be used for financial gain (A)

Answer 31

.

Question 32

5. Round-down fraud – Placing truncated decimal places in an account controlled by the perpetrator (J)

Answer 32

.

Question 33

6. Salami technique – Embezzling small fractions of funds over time (D)

Answer 33

.

Question 34

7. Scavenging – Searching through garbage for confidential data (B)

Answer 34

.

Question 35

1. Dictionary attack – Using software to guess company email addresses, send employees blank emails, and add unreturned messages to spammer email lists (J)

Answer 35

.

Question 36

2. Hacking – Gaining access to a computer system without permission (W)

Answer 36

.

Question 37

3. Logic bomb – Software that sits idle until a specified circumstance or time triggers it (S)

Answer 37

.

Question 38

4. Malware – Software used to do harm (L)

Answer 38

.

Question 39

5. Masquerading – Pretending to be a legitimate user, thereby gaining access to a system and all the rights and privileges of the legitimate user (N)

Answer 39

.

Question 40

6. Password cracking – Capturing and decrypting passwords to gain access to a system (C)

Answer 40

.

Question 41

7. Piggybacking – Using a wireless network without permission (E)

Answer 41

.

Question 42

8. Posing – Creating a seemingly legitimate business, collecting personal information while making a sale, and never delivering the item sold (X)

Answer 42

.

Question 43

9. Pretexting – Acting under false pretenses to gain confidential information (U)

Answer 43

.

Question 44

10. Rootkit – Software that conceals processes, files, network connections, and system data from the operating system and other programs (Q)

Answer 44

.

Question 45

11. Shoulder surfing – Observing or listing to users as they divulge personal information (V)

Answer 45

.

Question 46

12. Skimming – Covertly swiping a credit card in a card reader that records the data for future use (F)

Answer 46

.

Question 47

13. Social Engineering – Methods used to trick someone into divulging personal information (R)

Answer 47

.

Question 48

14. Software piracy – Unauthorized copying or distribution of copyrighted software (P)

Answer 48

.

Question 49

15. Steganography – Concealing data within a large MP3 file (G)

Answer 49

.

Question 50

16. Superzapping – Special software used to bypass system controls (A)

Answer 50

.

Question 51

17. Trap door - Entering a system using a back door that bypasses normal system controls (I)

Answer 51

.

Question 52

18. Trojan horse – Unauthorized code in an authorized and properly functioning program (K)

Answer 52

.

Question 53

19. Virus – Segment of executable code that attaches itself to software (B)

Answer 53

.

Question 54

20. Worm – A program that can replicate itself and travel over networks (M)

Answer 54

.

Question 55

21. Zero-day attack – Attack occurring between the discovery of a software vulnerability and the release of a patch to fix the problem (H)

Answer 55

.

Question 56

1. Address Resolution Protocol (ARP) spoofing – Fake computer networking protocol messages sent to an Ethernet LAN to determine a network host’s hardware address when only its IP address is known (M)

Answer 56

.

Question 57

2. Buffer overflow attack – So much input data that storage is exceeded; excess input contains code that takes control of the computer (J)

Answer 57

.

Question 58

3. Carding – Verifying credit card validity (X)

Answer 58

.

Question 59

4. Caller ID spoofing – Displaying an incorrect phone number to hide the caller’s identity (R)

Answer 59

.

Question 60

5. Cyber-extortion – A demand for payment to ensure a hacker does not harm a computer (U)

Answer 60

.

Question 61

6. Cyber-bullying – Using social networking to harass another person (Q)

Answer 61

.

Question 62

7. Economic espionage – Theft of trade secrets and intellectual property (V)

Answer 62

.

Question 63

8. Email spoofing – Making an electronic communication appear as though it originated from a different source (K)

Answer 63

.

Question 64

9. IP address spoofing – Creating packets with a forged address to impersonate another computing system (L)

Answer 64

.

Question 65

10. Internet auction fraud – Using a site that sells to the highest bidder to defraud another person (W)

Answer 65

.

Question 66

11. Internet pump-and-dump fraud – Using the internet to inflate a stock price so it can be sold for
    profit (G)

Answer 66

.

Question 67

12. Lebanese looping – Inserting a sleeve to trap a card in an ATM, pretending to help the owner to obtain his PIN, and using the card and PIN to drain the account (A)

Answer 67

.

Question 68

13. Man-in-the-middle (MITM) attack – A hacker placing himself between a client and a host to intercept network traffic (T)

Answer 68

.

Question 69

14. Podslurping – Using a small storage device to download unauthorized data from a computer (C)

Answer 69

.

Question 70

15.Ransomware – Software that encrypts programs and data until a payment is made to remove it (S)

Answer 70

.

Question 71

16. Scareware – Malicious software that people are frightened into buying (E)

Answer 71

.

Question 72

17. Sexting – Exchanging explicit messages and pictures by telephone (H)

Answer 72

.

Question 73

18. SQL injection – Inserting a malicious database query in input in a way that it can be executed by an application program (I)

Answer 73

.

Question 74

19. SMS spoofing – Changing the name or number a text message appears to come from (N)

Answer 74

.

Question 75

20. XSS attack – A link containing malicious code that takes a victim to a vulnerable website where the victim’s browser executes the malicious code embedded in the link (P)

Answer 75

.

Question 76

21. Tabnapping – Secretly changing an already open browser tab (Y)

Answer 76

.