CH11 Flashcards
What is a person doing when searching trash for useful information?
Dumpster Diving
Edward loiters at the local cafe, taking notes on what people type on their computers, especially at the login screens. What kind of theft does he practice?
Shoulder Surfing
Disabling the Bluetooth adapter on a Laptop when it is not in use is an example of?
Device Hardening
Which of the following can prevent people from snooping on a device that you leave unattended for several minutes?
A. Configuring a Lock-Out-Time
B. Shoulder Surfing
C. Using a Strong Password
D. Disabling WiFi
A. Configuring a Lock-Out-Time
After you have recognized that there is a Virus on your PC, what is the next step to removing the virus?
Quarantine
How can you defend against malware delivered by email?
A. Delete old messages regularly.
B. Don’t Open attachments from unknown senders.
C. Only use the preview window.
D. Only use Mozilla Thunderbird
B. Don’t Open attachments from unknown senders.
Which type of file tracks your activities on the Internet?
A. Spam
B. Java
C. Pop-Up
D. Cookie
D. Cookie
Which of the following might you want to disable to protect your privacy?
A. Autofill Forms
B. Hyperlinks
C. Certificates
D. InPrivate Browsing
A. Autofill Forms
Which type of malware tries to get you to pay a Fee to decrypt your own files?
Ransomware
What indicates that you’ve browsed to a secure web page? (Choose Two)
A. The web address starts with HTTP://
B. The web address starts with HTTPS://
C. A Small Lock appears in the browser.
D. A Small Key appears in the browser.
B. The Web address starts with HTTPS://
C. A Small Lock appears in the browser.
an Attacker?
Threats to your security, privacy, and computer lurk around every corner. Through your device, a malicious person or automated malware can gain valuable information about you. An attacker can steal your files, monitor your web usage, encrypt your data files, or run programs that log your keystrokes to pilfer account names and passwords, credit card information, and much much more. An attacker could even run software that takes over your computer to send spam or steal from others. Viruses and other malicious software can sneak into your system and destroy your data from anywhere in the world.
Local Security Threats?
A Local Security threat originates from your local environment. A disgruntled employee might try to access private salary data or delete the customer database on the company network, or someone might steal the receptionist’s laptop when he/she steps away for a moment. Many people overlook threats from inside the building.
Authorized/Unauthorized Access?
Successful authentication, users can then be Authorized to access network resources for which they have been granted permissions.
Unauthorized Access occurs when a person accesses resources (such as data, applications, and hardware) without permission. A user can alter or delete data, access sensitive information, such as financial data, personnel files, or email messages, or use a computer for purposes the owner did not intend. Not all Unauthorized Access is malicious.
Password Cracking?
Most common way of gaining unauthorized access is to obtain a password that you aren’t authorized to have. Cracking is more than just random guessing, it’s a disciplined technique for obtaining a password through rapid-fire trial and error, often by employing password cracking software. Password crackers who know something about the owner of the password can further target their guessing by including names and words that would be meaningful, like the name of a spouse or family pet, or a birthday or an anniversary date. Strong passwords should be used to make it more difficult for password cracking programs to acquire your password.
Dumpster Diving?
Is the generic term for anytime an attack goes through your refuse, looking for information. To prevent this threat, shred sensitive information using a proper shredder.
Shoulder Surfing?
Another type of theft to worry about when computing in public is theft of your passwords. Shoulder Surfing is when people spy on you from behind, watching what you type. The act of trying to memorize the keys you type/press.
Unauthorized WiFi Usage?
Failing to secure a wireless router means unauthorized users can join the network. If a PC on the network has File and Printer Sharing enabled, an intruder could potentially read and even modify or destroy the user’s files. Even if all of your individual systems are locked down, an attacker could use your network to commit fraud, attack other networks, or engage in piracy and other illegal activities that could be traced back to you. Best defense against unauthorized WiFi use is to implement wireless encryption methods such as WPA2.
Data Destruction?
Unauthorized Modifying or Deleting Files or changing of system settings.
Theft?
Thieves steal whatever you don’t have locked down, either physically or electronically.
Malware?
Malicious software written to do something unwelcome to your computer. Malware takes many forms.
Physical Security options?
Access Control - The act of keeping people who shouldn’t have access away from the actual hardware.
Device Hardening - The practice of device hardening means to make the device as difficult as possible to compromise by changing hardware and software settings. Also known as Reducing the Attack Surface.
Device Hardening tips?
Disable Unused Wireless Features - Such as WiFi, Bluetooth, and NFC. You can easily reenable them when you want to use them and keeping them turned OFF during downtimes ensures that nobody can gain access to your device through them without your permission.
Setup Lockout Times - So that the Lock Screen appears after a certain period of idleness, a password or PIN must be entered to get back in. This prevents someone from snooping around your device if you leave it unattended.
Enable Security Features - Each OS has different security features that you can optionally enable to increase security. Windows has Windows Defender for malware, and Windows Firewall for Network Attacks. Some smartphones have fingerprint recognition and enhanced passcodes. Applying firmware and software updates not only introduces new fe4atures in some cases but also sometimes fixes security problems.
Encryption - If your device uses a file system and a OS version that supports encrypting files on the hard drive, do so for all files containing sensitive data. That way even if your hard drive is stolen, nobody can view the files without signing in with your credentials.
User Account Types (Windows)?
Administrator Account - Has Full Permissions
Standard Account - Can only make changes affecting the one account. Standard Accounts can’t easily affect other accounts.
Guest Account - Can only run a few applications, such as Web Browser, and can’t change anything. (Microsoft Removed Guest Accounts from Windows 10)
Authenticating Users Options?
Username and Password
PINs
Hardware Token such as a Keyfob.
Software Token, similar to a hardware token except it is an app.
Biometric; fingerprints, voice scans, retinal scans, facial scans.
Location-Based, using GPS coordinates or IP address prefixes, a user must be in a specific geographical region to successfully authenticate.
Password Complexity?
Always use a Strong Password, one too complicated for bad guys to crack easily. That means not using any words you’d find in the dictionary or encyclopedia, anything that a password-cracking program might try.
A strong password is atleast:
- 8 or more characters long.
- Both Uppercase and Lowercase Letters
- Has Numbers and Symbols
Password Confidentiality?
Even a strong password is no good if you don’t keep it confidential.
Don’t use the same password for multiple services or web sites.
You can use a Password Manager software such as LastPass to securely generate and store passwords in a vault; the password manager itself uses a master password to the vault, don’t forget the vault password though.
Password Expiration and Reuse?
Network administrators usually setup up password expiration to force users to change their passwords regularly at certain intervals. This helps with overall security because the older the password is, the more likely someone unauthorized has gotten a hold of it and cracked it.
Similarly, the password change policies may prohibit the users from reusing the same passwords they have used in the past.
Password Management?
Most companies have a password management policy that establishes rules for severl aspects of password usage.
Includes Complexity, Expiration, and Confidentiality.
You can create your own password management policies for yourself and your home or small business by thoughtfully creating rules in each of those areas.
Single Sign-On Passwords?
On some computer systems, password use is simplified by a Single Sign-On. That means you sign in once, and then that same authentication is used for multiple purposes. When you sign into Windows using a Microsoft Account, for example, you are also automatically signed into the OneDrive online file storage system. Similarly, many websites allow you to sign in using your Facebook credentials so that you don’t have to create separate accounts.
SSO systems can be convenient and can relieve you of the responsibility of remembering multiple passwords. They can also pose a big security risk, however, because if the single password is compromised, all it’s other uses are compromised.
Acronym: UAC?
User Account Control - Windows uses this to prevent malware or rogue web sites from making system changes without your knowledge and consent. When UAC is enabled, you attempt to make a system change that would affect other user accounts, UAC opens a prompt that asks you if you really want to do it. You must click YES to continue.
Adware?
Software that displays unsolicited ads on your computer. It may come to you in the form of a program that seems helpful, such as a toolbar for your browser, but instead of whatever it purports to do, it causes ads to display. These ads are usually in the form of Pop-Ups although the ad can also show up in other ways.
3 Main Systems of Adware Presence:
- Home Page Redirection
- Search Engine Redirection
- Constant Pop-Ups
Spyware?
Monitors your computer usage habits and reports the information to the program’s owner. The data collected might be used for minimally intrusive purposes such as to gather anonymous data about which websites or browsers are most popular, but some types of spyware go considerably beyond that level of simple collection.
Spam?
Email that comes into your Inbox from a source that’s not a friend, family member, or colleague, and you didn’t ask for, can create huge problems for your computer and you. Spam amounts for a huge percentage of traffic on the Internet. Spam comes in many flavors from real businesses trying to sell real products to scammers who just want to take your money.
Social Engineering?
Is the process of using or manipulating people to gain access to that network from the outside - which covers the many ways humans can use other humans to gain unauthorized information. It can include situations that have nothing to do with computers, such as a Phone Call, that claims to be from your credit card company and asks you to verify your Social Security Number.
SOcial Engineering attacks aren’t Hacking, at least in the classic sense of the word, although the goals are the same. Social Engineering means people attacking an organization through the people in the organizations or physically accessing the organization to get the information they need.
Types of Social Engineering?
Infiltration - Attackers can physically enter your building under the guise of someone who might have legitimate reasons for being there.
Telephone Scams - are probably the most common social engineering attack. The attacker makes phone calls to gain information. The attacker attempts to come across as someone inside a trusted organization and uses this to get the desired information. The most famous is “I forgot my password” scam.
Email Phishing - Phishing is the Act of trying to get people to give their usernames, passwords, or other security information by pretending to be someone else electronically. A classic example is when a bad guy sends you an email that’s supposedly from Twitter or Instagram saying that your account is on hold for some violation, and you need to Click the Login Link provided in the email to straighten out the problem. Banking scams are also very popular.
Computer Virus?
Is a piece of malicious software that gets passed from computer to computer. Designed to attach itself to a program on your computer and execute when the program executes. It could be your email program, your word processor, or even a game. Whenever you use the infected program, the virus goes into action and does whatever it was designed to do. They can wipe your email, erase your hard drive, or even steal your information and send spam email to everyone in your address book.
Trojan Horse?
Freestanding programs that do something other than what the person who runs the program thinks they will. You invite these programs in, unaware of what lurks inside. An example is a program that a person thinks is an antivirus program but is actually a virus.
Worms?
Similar to a Trojan, a worm is a complete program that travels from machine to machine, usually through computer networks. Most worms are designed to take advantage of security problems in OS and install themselves on vulnerable machines that might not have the latest updates applied. They can copy themselves over and over again on infected networks, potentially creating so much activity that they overload the network by consuming bandwidth. A fast-spreading worm might even bring chunks of the entire Internet to a halt.
Ransomware?
A nasty type of malware, locks down your computer and holds it for Ransom, displaying some threatening warning that if you don’t pay up, usually by sending money via wire transfer, your files will be deleted. Some smoke-and-mirrors ransomware doesn’t actually harm your PC beyond locking it down until you pay or remove the ransomware; other versions actually do delete files.
3 Types of Ransomware?
Scareware - Ransomware that just scares you and tries to manipulate you with bogus antivirus or cleaning tools to fix the problem that doesn’t exist. You can still use your PC but you might be bombarded with pop-ups or you might be prevented from running programs - these are the easiest to remove.
Lock-Screen - Doesn’t allow you to use your PC in any way. It shows a full-size window warning you that you have violated the law and must pay a fine.
Encrypting - This is the worst stuff because it encrypts and locks your personal files until you pay. Even if you manage to remove the malware, your files are useless without decryption key, which you can’t get without paying.
Tips to Protect against Malware?
- Keeping your OS Patched and Updated.
- Having Anti-Malware Software and keeping it Up-to-Date.
- Use a Firewall either with Network Hardware or Software Program.
Malware Prevention Tips?
The secret to preventing damage from malicious software attack is to keep from getting malware in the first place.
- Know the source of any software before you load it.
- Be careful with email attachments and hyperlinks.
- Keep your anti-malware program updated.
- Periodically update the core antivirus software programing called the Engine - to employ the latest refinements the developers have included.
Malware Recovery Tips?
- Recognize - First step is to Recognize that a potential malware outbreak has occurred.
- Quarantine - Malware can spread, you need to quarantine the infected computer to cut it off from the rest of the network.
- Search and Destroy - Once you’ve isolated the threat, you need to find the malware using an anti-malware app and allow the application to remove it.
- Remediate - Malware can do alot of damage, especially to sensitive files needed to load Windows, so you might need to remediate formerly infected systems after cleaning off the drive or drives. Simply, fix things that malware harmed. Usually means replacing corrupted or destroyed files with your backups.
- Educate - Best way to keep from having to deal with malware is education. Educate other people in your home or office who may be inadvertently putting your own computer and others at risk.
Network Threats?
Eavesdropping - Packet Sniffing/Capturing tools such as Wireshark, you can capture network traffic and then analyze it for troubleshooting, performance, or security reasons.
Man-in-the-Middle Attacks - Capturing existing network conversations is often the first step in this type of attack where the system impersonates or assumes the identity of one machine in the network conversation. The attack could then potentially modify and then reply to captured traffic.
Denial-of-Service Attacks - Intentionally preventing the legitimate use of an IT service is considered (DoS). This could be as simple as crashing a remote server by sending it a specially crafted network packet, or even just intentionally unplugging the power cord if you have local access. Some DoS attacks can even brick hardware devices. Multiple Systems under attackers’ control are often called (Botnet or Zombienet) used to render a service such as public web site unresponsive by flooding it with large volumes of network traffic. (DDoS) Distributed Denial of Service Attacks, can target a single host or a group of hosts or an entire corporate network, or even a cloud-based service such as Google Apps. These attacks often become Ransomware attacks and demand payment to cease the DDoS attack.
Trusted Site?
One that you trust will not do anything illegal or unethical with the information you provide.
How to tell when you’re on a Secure Website?
TLS - Transport Layer Security is the modern update to the older SSL (Secure Sockets Layer) protocol. A website address that uses SSL or TLS starts with HTTPS:// which stands for Hypertext Transfer Protocol over SSL/TSL instead of HTTP://.
Another clue that a website is Secure is a Lock Symbol in or near the address bar.
Cookies?
Small text file containing information about you. Data stored in cookies is used for a variety of purposes.
- To authenticate or identify you as a registered user of a website so it will remember you on future visits and be faster
- To track items in your shopping basket or cart
- To present different content to different users
- To style or theme the site based on your preferences
- To track your access to websites, including what products you look at, even if you don’t buy them.
Not all cookies are Happy and Friendly though. Malicious cookies installed by some type of malware can track your Internet activities and report to its creator. This information is often sold to advertisers so that they can better target you.
The best way to defend against these bad cookies is to guard against all malware. Some browsers and browser addons can be set to partially or completely block cookies.
Cookies have 2 Different Sources?
First-Party Cookies - Comes from the website you are actually visiting. They can be helpful.
Third-Party Cookies - comes from another source, such as an advertisement on the webpage you’re viewing. Third-party cookies have no benefit to you as a user.
Browser Privacy Settings will have options on how to handle first party and third-party cookies. Allow Them, Block Them, or get prompt each time one tries to write to your had drive.
Firewalls?
Are devices or software that protect computers from unauthorized access to and from the Internat at large.
Hardware firewalls use a number of methods to protect networks, such as hiding IP addresses and blocking TCP/IP ports. Most small/home office networks use Hardware Firewalls built into the router.
Windows comes with an excellent software firewall called Windows Firewall. It can also handle the heavy lifting of port blocking, security logging, and more.
