chapter eleven

Question 1

computer security

Answer 1

is concerned with risk management, confidentiality, integrity, and the availability of the electronic information that is processed and stored within a computing system

Question 2

risk management

Answer 2

the recognition, consequences, and assessment of risk to a computer’s assets, and developing strategies to manage and protect them

Question 3

why is a computer a highly attractive target for an intruder or hacker?

Answer 3

it holds valuable information like credit card numbers, passwords, bank account information, music files, and sensitive business data

Question 4

hacker/hacktivist

Answer 4

someone who attempts to invade or disable a computer’s security measures and then to steal the computer resources at their leisure

Question 5

computer hackers are not just after information…

Answer 5

they also attempt to hijack heavily sought-after computing processing cycles and speed, as well as storage space

Question 6

unsecured computer

Answer 6

extremely easy to breach

Question 7

what is the key aspect of an Intranet?

Answer 7

privacy

Question 8

firewall

Answer 8

specialized hardware and software working together that ensures that only authorized personnel and employees within a business can use its Intranet

Question 9

without a firewall, an Intranet is just…

Answer 9

another part of the Internet

Question 10

proxy server

Answer 10

a precaution to protect from any external threats, any communications in or out of an intranet pass through this special security computer

Question 11

how does a firewall control the flow of data?

Answer 11

by opening or closing ports for the various transmission protocols like http, email, ftp, etc.

Question 12

“default-deny” firewall rule

Answer 12

the only network connections that are permitted are the ones that have been explicitly allowed

Question 13

“default-allow” firewall rule

Answer 13

set in that all traffic is allowed unless it has been specifically blooked

Question 14

which configuration is the most difficult and detailed?

Answer 14

“default-deny”

Question 15

computer virus/ metamorphic viruses

Answer 15

computer files that reproduce by making copies of them within a computer’s memory, storage, or on a network

Question 16

malware

Answer 16

programs specifically intended to penetrate or damage a computer system without the end user’s knowledge

Question 17

experimental malware

Answer 17

written as a research project to understand how to combat them

Question 18

what is malware most often used for?

Answer 18

financial gain (identity theft, plant spyware, or extortion)

Question 19

worms

Answer 19

like a virus in that it is self-replicating but can be potentially more insidious in that it does not need to attach itself to an existing program to spread

Question 20

what do worms use to travel?

Answer 20

networks

Question 21

how can a worm harm a computer system?

Answer 21

slowing a computer’s performance, erasing files, and damaging physical hardware

Question 22

trojan horses

Answer 22

a program that often seems harmless and possibly interesting at first until it is executed

Question 23

when are Trojan horses executed?

Answer 23

need no user intervention but, instead, wait for a particular computer action or even a particular date

Question 24

spyware

Answer 24

a computer program that is installed covertly on a computer to capture or take control of the system without the user’s knowledge or consent

Question 25

spyware secretly…

Answer 25

monitors a user’s keystroke and behavior

Question 26

“spyware cleaning software”

Answer 26

sometimes a third party pretends to be able to fix spyware only to employ their own spyware

Question 27

adware/ advertising-supported software

Answer 27

typically more irritating to a user as it is not usually as malicious

Question 28

what is the motivation for adware?

Answer 28

economic

Question 29

spam or junk email

Answer 29

the abuse of an email system to arbitrarily send millions of unsolicited bulk messages

Question 30

is spam just limited to computers?

Answer 30

no, faxes, phones, blogs, and newsgroups as well

Question 31

denial-of-service (DoS)

Answer 31

an attempt to make a computer or any of its resources unavailable to its intended users

Question 32

how does DoS slow down a computer?

Answer 32

extra computing cycles being used up and it will often simply stop running altogether, thereby denying any use of the computer

Question 33

reverse phishing/keylogging

Answer 33

a perpetrator logs on to a computer workstation and installs a program that simply records every keystroke made at the workstation’s keyboard

Question 34

how does keylogging work?

Answer 34

waits for a legitimate user to sign in, and then the keylogging software records the login ID, password, and any other sensitive information

Question 35

antivirus software

Answer 35

includes computer programs that attempt to identify, prevent and eliminate computer viruses and malware, typically before they reach a computing system or network

Question 36

what are two popular antivirus programs?

Answer 36

Symantec Corporation’s Norton AntiVirus

McAfee’s VirusScan

Question 37

updates/system patches

Answer 37

Microsoft and Mac OS are constantly vigilant to protect their user’s operating systems

Question 38

malevolent attachment

Answer 38

often an executable program that waits for an event for the program to run, and often the event is simply downloading it from an email

Question 39

strong passwords consist of…

Answer 39

typically between 8 to 12 characters

mixed case letters, numbers, and special characters

Question 40

what is the problem with a strong password?

Answer 40

they are hard to remember

Question 41

passphrase

Answer 41

a strong memorable password

Question 42

internet fraud

Answer 42

refers to any fraudulent activity in an online setting

Question 43

how does internet fraud occur?

Answer 43

through email systems, message boards, chat rooms, or websites

Question 44

what are some of the more serious crimes committed on the internet?

Answer 44

stealing credit card numbers and intercepting wire transfers

Question 45

stealing credit card information->constitutes

Answer 45

identity theft

Question 46

click fraud

Answer 46

schemes have been developed by hackers by writing programs inserted into advertising network websites that automatically pass a user to the advertiser whether they had any intention of visiting or not, and subsequently collecting the ill-gotten per-click fee

Question 47

purchase scams

Answer 47

a buyer (typically in another country) who approaches merchants via spam and asks if they can pay for shipping with a credit card, credit card is cancelled

Question 48

Google AdSense

Answer 48

advertising network

Question 49

phishing

Answer 49

involves using social engineering techniques and attempts to deceptively gain private information, like usernames, PIN numbers, passwords and credit card details by masquerading as a legitimate business organization, typically in a legitimate looking email

Question 50

what are two very common targets for phishing schemes?

Answer 50

PayPal and eBay

Question 51

what does a phisher what?

Answer 51

control of the bank account

Question 52

privacy

Answer 52

the ability of an individual to keep their personal information out of public view

Question 53

anonymous

Answer 53

one’s personal identity is not known

Question 54

“tracking cookie”

Answer 54

the cookie fills in information like a personal greeting along with the user’s name, address, and credit card information so it does not have to be re-entere

Question 55

you don’t visit a website…

Answer 55

it visits you

Question 56

what is an advantage of a cookie?

Answer 56

the user doesn’t have to fill out information multiple times

Question 57

what is a disadvantage of a cookie?

Answer 57

they can be used for tracking website browsing behavior

Question 58

data mining

Answer 58

experts extract useful data and information from recorded data, like a cookie

Question 59

computer privacy

Answer 59

protecting one of its most important assets: its data and information

Question 60

history files

Answer 60

a list of stored or cached websites on a user’s computer that are essentially an account of where and what a user’s web browser has visited on the web

Question 61

identity theft

Answer 61

a crime concerning the unlawful practice of assuming another individual’s identity

Question 62

what is one of the fastest growing crimes in the United States and Canada?

Answer 62

identity

Question 63

what is the key piece of information a criminal needs to steal an identity?

Answer 63

social security number

Question 64

credit.undefined

Answer 64

someone with another person’s social security can attempt to apply

Question 65

shoulder surfing

Answer 65

a criminal in a public place will simply glance over their victims’ shoulder and watch them dial a phone number, or type in a password on a laptop, or simply listen for a credit card number

Question 66

dumpster diving

Answer 66

criminals sift through trash to get information

Question 67

SCAM

Answer 67

Stingy
Check
Ask
Maintain

Question 68

“Stingy”

Answer 68

be stingy, treat all of your personal information on a “need to know” basis

Question 69

“Check”

Answer 69

check your financial information on a regular basis and inspect what should and shouldn’t be there

Question 70

“Ask”

Answer 70

ask periodically for your credit report: it is a good idea to check your credit score on a regular basis as a barometer of your financial status and watch for any unusual fluctuations

Question 71

“Maintain”

Answer 71

maintain careful records of your banking and financial records