Chapter 6 Flashcards

1
Q

Hacking

A

Unauthorized access, modification, or use of an electronic device or some element of a computer system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Hijacking

A

Gaining control of someone else’s computer to carry out illicit activities, such as sending spam without the computer user’s knowledge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Botnet

A

A network of powerful and dangerous hijacked computers that are used to attack systems or spread malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Zombie

A

A hijacked computer, typically part of a botnet, that is used to launch a variety of Internet attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Bot Herder

A

The person who creates a botnet by installing software on PCs that responds to the botherder’s electronic instructions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Denial of Service (DoS)

A

A computer attack in which the attacker sends so many e-mail bombs or web page requests, often from randomly generated false addresses, that the Internet service provider’s email server or the web server is overloaded and shuts down

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Spamming

A

Simultaneously sending the same unsolicited message to many people, often in an attempt to sell them something

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Dictionary Attack

A

Using special software to guess company e-mail addresses and send them blank e-mail messages. Unreturned messages are usually valid email addresses that can be added to spammer email list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Splog

A

Spam blogs created to increase a website’s Google Page Rank, which is how often a web page is referenced by other webpages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Spoofing

A

Altering some part of an electronic communication to make it look as if someone else sent the communication in order to gain the trust of the recipient

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Email Spoofing

A

Making a sender address and other parts of an email header appear as though the email originated from a different source

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Caller ID Spoofing

A

Displaying an incorrect number on the recipient’s caller ID display to hide the caller’s identity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

IP address Spoofing

A

Creating Internet Protocol packets with a forged IP address to hide the sender’s identity or to impersonate another computer system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Address Resolution Protocol Spoofing

A

Sending fake ARP messages to an Ethernet LAN. ARP is a computer networking protocol for determining a network host’s hardware address when only its IP or network address is known

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

MAC address

A

A media access control address is a hardware address that uniquely identifies each node on a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

SMS spoofing

A

Using short message service to change the name or number a text message appears to come from

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Web-page spoofing

A

phising

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

DNS spoofing

A

Sniffing the ID of a Domain Name System request and replying before the real DNS server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

zero-day attack

A

An attack between the time a new software vulnerability is discovered and released into the wild and the time a software developer releases a patch to fix the problem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

patch

A

Code released by software developers that fixes a particular software vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Cross Site Scripting

A

A vulnerability in dynamic web pages that allows an attacker to bypass a browser’s security mechanisms and instruct the victim’s browser to execute code, thinking that it came from the desired website

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Buffer Overflow Attack

A

When the amount of data entered into a program is greater than the amount of the input buffer. The input overflow overwrites the next computer instruction, causing the system to crash.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

SQL Injection Attack

A

Inserting a malicious SQL query in input such that it is passed to and executed by an application program. This allows a hacker to convince the application to run SQL code that it was not intended to execute.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Man-in-the-middle attack

A

A hacker placing himself between a client and a host to intercept communications between them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Masquerading/Impersonation

A

Gaining access to a system by pretending to be an authorized user. This requires that the perpetrator know the legitimate user’s ID and passwords.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Piggybacking

A

1) Tapping into a communications line and electronically latching onto a legitimate user who unknowingly carries the perpetrator into the system. 2) The clandestine use of a neighbor’s Wi-Fi network. 3) An unauthorized person following an authorized person through a secure door, bypassing physical security controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Password Cracking

A

When an intruder penetrates a system’s defenses, steals the file containing valid passwords, decrypts them, and uses them to gain access to programs, files and data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

War Dialing

A

Programming a computer to dial thousands of phone lines serching for dial-up modem lines. Hackers hack into the PC attached to the modem and access the network to which it is connected.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

War Driving

A

Driving around looking for unprotected home or corporate wireless networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

War Rocketing

A

Using rockets to let loose wireless access points attached to parachutes that detect unsecured wireless networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Phreaking

A

Attacking phone systems to obtain free phone line access, use phone lines to transmit malware, and to access, steal, and destroy data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Data Diddling

A

Changing data before or during entry into a computer system in order to delete, alter, add, or incorrectly update key system data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Data Leakage

A

The unauthorized copying of company data, often without leaving any indication that it was copied

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Podslurping

A

Using a small device with storage capacity to download unauthorized data from a computer

35
Q

Salami Technique

A

Stealing tiny slices of money from many different accounts

36
Q

Round-Down Fraud

A

Instructing the computer to round down all interest calculations to two decimal places. The fraction of a cent rounded down on each calculation is put into the programmer’s account

37
Q

Economic Espionage

A

Theft of information, trade secrets, and intellectual property

38
Q

Cyber-Extortion

A

Threatening to harm a company or a person if a specified amount of money is not paid

39
Q

Cyber-bullying

A

Using computer technology to support deliberate, repeated, and hostile behavior that torments, threatens, harasses, humiliates, embarrasses, or otherwise causes harm

40
Q

Sexting

A

Exchanging sexually explicit text messages and revealing pictures with other people, usually by means of a phone

41
Q

Internet Terrorism

A

Using the internet to disrupt electronic commerce and harm computers and communication

42
Q

Internet Misinformation

A

Using the internet to spread false or misleading information

43
Q

Email Threats

A

Threats sent to victims by email. The threats usually require some follow-up action, often at great expense to the victim

44
Q

Internet auction fraud

A

Using an Internet auction site to defraud another person

45
Q

Internet Pump-and-dump fraud

A

Using the internet to pump up the price of a stock and then selling it

46
Q

Click Fraud

A

Manipulating the number of times an ad is clicked on to inflate advertising bills

47
Q

Web Cramming

A

Offering a free website for a month, developing a worthless website, and charging the phone bill of people who accept the offer for months, whether they want to continue using the website or not

48
Q

Software Piracy

A

The unauthorized copying or distributing of copyrighted software

49
Q

Social Engineering

A

The techniques or psychological tricks used to get people to comply with the perpetrator’s wishies in order to gain physical or logical access to a building, computer, server, or network. It is usually to get the information needed to obtain confidential data.

50
Q

Identity Theft

A

Assuming someone’s identity, usually for economic gain, by illegally obtaining confidential information

51
Q

Pretexting

A

Using an invented scenario (the pretext) that creates legitimacy in the target’s mind in order to increase the likelihood that a victim will divulge information or do something.

52
Q

Posing

A

Creating a seemingly legitimate business, collecting personal information while making a sale, and never delivering the product

53
Q

Phishing

A

Sending an electronic message pretending to be a legitimate company, usually a financial institution, and requesting information or verification of information and often warning of a consequence if it is not provided. The request is bogus, and the information gathered is used to commit identify theft or to steal funds from the victim’s account

54
Q

Vishing

A

Voice phising; it is like phishing except that the victim enters confidential data by phone

55
Q

Carding

A

Activities performed on stolen credit cards, including making a small online purchase to determine whether the card is still valid and buying and selling stolen credit card numbers

56
Q

Pharming

A

Redirecting website traffic to a spoofed website

57
Q

Evil Twin

A

A wireless network with the same name as a legitimate wireless access point. Users are connected to the twin because it has a stronger wireless signal or the twin disrupts or disables the legitimate access point.

58
Q

Typosquatting/URL Hijacking

A

Setting up similarly named websites so that users making typographical errors when entering a website name are sent to a invalid site

59
Q

QR barcode replacement

A

Fraudsters cover valid Quick Response codes with stickers containing a replacement QR code to fool people into going to an unintended site that infects their phones with malware

60
Q

Tabnapping

A

Secretly changing an already open broswer tab in order to capture user IDs and passwords when the victim logs back into the site

61
Q

Scavenging/dumpster diving

A

Searching documents and records to gain access to confidential information.

62
Q

Shoulder Surfing

A

When perpetrators look over a person’s shoulders in a public place to get information.

63
Q

Lebanese Looping

A

Inserting a sleeve into an ATM that prevents it from ejecting the card. The perpetrator pretends to the the victim, tricking the person into entering the pin again. Once the victim gives up, the thief removes the card and uses it and the PIN to withdraw money.

64
Q

Skimming

A

Double-swipping a credit card in a legitimate terminal or covertly swipping a credit card in a small, hidden, handheld card reader that records credit card data for later

65
Q

Chipping

A

Posing as a service engineer and planting a small chip that records transaction data in a legitimate credit card reader

66
Q

Eavesdropping

A

Listening to private communications or tapping into data transmissions intended for someone else.

67
Q

Malware

A

Any software that is used to do harm

68
Q

Spyware

A

Software that secretly monitors computer usage and collects personal information to send to someone else.

69
Q

Adware

A

Spyware that causes banner ads to pop up on a monitor, collects information about the user’s web-surfing and spending habits, and forwards it to the adware creator

70
Q

Torpedo software

A

Software that destroys competing malware

71
Q

Scareware

A

Malicious software of no benefit that is sold using scare tactics.

72
Q

Ransomeware

A

Software that encrypts programs and data until a ransom is paid to remove it

73
Q

Keylogger

A

Software that records computer activity, such as a user’s keystrokes, emails sent and recieved

74
Q

Trojan Horse

A

A set of unauthorized computer instructions in an authorized and otherwise properly functioning program

75
Q

Time Bomb / Logic Bomb

A

A program that lies idle until some specified circumstance or a particular time triggers it

76
Q

Trap Door / Back Door

A

A set of computer instructions that allows a user to bypass the system’s normal controls

77
Q

Packet Sniffers

A

Programs that capture data from information packets as they travel over the internet or company networks.

78
Q

Steganography Programs

A

A program that can merge confidential information with a seemingly harmless file, pass word protect the file, where the file is unlocked and the confidential information is reassembled.

79
Q

Rootkit

A

A means of concealing system components and malware from the operating system and other programs; can also modify the operating system.

80
Q

Superzapping

A

The unauthorized use of a special system program to bypass regular system controls and perform illegal acts.

81
Q

Virus

A

A segment of executable code that attaches itself to a file, program, or some other executable system component

82
Q

Worm

A

Similar to a virus, except that it is a program rather than a code segment hidden in a host program. Also copies itself.

83
Q

Bluesnarfing

A

Stealing contact lists, images, and other data using flaws in Bluetooth applications.

84
Q

Bluebugging

A

Taking control of someone else’s phone to make or listen to calls.