Chapter 17: Information Security

Question 1

What are data harvesters and cash-out fraudsters?

Answer 1

Data harvesters: Cybercriminals who infiltrate systems and collect data for illegal resale

Cash-out fraudsters: Purchase data from the harvesters and use stolen credit card data for illegal accounts

Question 2

What are botnets of zombie computers?

Answer 2

Networks of infiltrated and compromised machines controlled by a central command

Question 3

What are distributed denial of service? (DDoS)

Answer 3

Sending spam from thousands of difficult to shut down accounts, launching click fraud efforts

Question 4

What is social engineering?

Answer 4

Tricking employees into revealing information by impersonating someone else

Question 5

What is phishing?

Answer 5

Acquiring sensitive information or tricking someone into installing malicious software

Question 6

What is a spoofed email?

Answer 6

Email that has been altered to seem as if it came form another source

Question 7

What are zero-day exploits?

Answer 7

Attacks that are so new they have not been clearly defined

Question 8

What is malware?

Answer 8

Seeks to compromise a computing system without permission

Question 9

What are viruses, worms and trojans?

Answer 9

Viruses: Programs that infect other software or files

Worms: Programs that take advantage of security vulnerability

Trojans: Exploits that sneak in by masquerading as something they are not

Question 10

What are honeypots?

Answer 10

Bogus targets meant to draw out hacking attempts

Question 11

What are blacklists and whitelists?

Answer 11

Blacklists: Deny the entry of specific IP addresses

Whitelists: Only permit communication with approved entities