Hola Flashcards

jeje

1
Q

possibility that a harmful event, such as an attack, will occur.

A

threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

weakness that makes a target susceptible to an attack.

A

vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

has become an umbrella

A

malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

malicious executable code attached to another executable file

A

Viruses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

In order to avoid detection, a virus

A

mutates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

malicious code that replicates by independently exploiting
vulnerabilities in networks.

A

worms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

malware that carries out malicious operations under the guise of a desired operation such as playing an online game

A

trojan horse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

is a malicious program that uses a trigger to awaken the
malicious code

A

logic bomb

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cybersecurity specialists recently discovered logic bombs that attack and destroy the hardware components in a workstation or server

A

true

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

holds a computer system, or the data it contains, captive until the target makes a payment

A

ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

refers to the program or code introduced by a criminal who has compromised a system

A

backdoor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

modifies the operating system to create a backdoor. Attackers then use the backdoor to access the computer remotely

A

rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

takes advantage of programming errors or design flaws

A

privilege escalation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

also known as junk mail, is unsolicited email. In most cases, is a method of advertising. However, can send harmful links, malware, or
deceptive content.

A

spam

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

is software that enables a criminal to obtain information about a user’s computer activities

A

spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

typically displays annoying pop-ups to generate revenue for its
authors.

A

adware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

persuades the user to take a specific action based on fear

A

scareware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

phishing is a form of …

A

fraud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

is a highly targeted phishing attack. Sends customized
emails to a specific person

A

spear phishing

20
Q

is phishing using voice communication technology. Criminals can spoof calls from legitimate sources using voice over IP (VoIP) technology

A

vishing

21
Q

(Short Message Service phishing) is phishing using text messaging on mobile phones. Malware is installed on the mobile phone

A

smishing

22
Q

is the impersonation of a legitimate website. Misdirects users to a fake website that appears to be official

A

pharming

23
Q

is a phishing attack that targets high profile targets within an
organization such as senior executives. Targets include politicians or celebrities

A

whaling

24
Q

Security breaches can affect web browsers. A criminal can hack a browser’s executable file, a browser’s components, or its plugins

A

browser plugins

25
Q

Search engines such as Google work by ranking pages and
presenting relevant results based on users’ search queries. uses to make a malicious website appear higher in search results

A

SEO Poisoning

26
Q

is a completely non-technical means for a criminal to gather
information on a target. is an attack that attempts to manipulate individuals into performing actions or divulging confidential information

A

social engineering

27
Q

A criminal observes, or shoulder surfs, to pick up PINs, access codes or credit card numbers

A

shoulder surfing

28
Q

“One man’s trash is another man’s treasure”. Is the process of going through a target’s trash to see what information an organization throws out. a
container that holds classified or sensitive documents for later destruction by fire

A

dumpster diving

29
Q

Similar to eavesdropping on someone. Attackers examine all network traffic their NIC. Criminals accomplish network with a software application,
hardware device, or a combination of the two

A

sniffing

30
Q

is an impersonation attack, and it takes advantage of a trusted
relationship between two systems

A

spoofing

31
Q

Attack by intercepting communications between computers to steal information crossing the network

A

man in the middle

32
Q

is a computer attack that tries to exploit software
vulnerabilities that are unknown or undisclosed by the software vendor.

A

zero-day attack

33
Q

Software program that records or logs the keystrokes of the user of the system. captured in the log file can reveal usernames,
passwords, websites visited, and other sensitive information

A

keyboard logging

34
Q

is becoming a problem area in mobile security with the popularity of smartphones. includes applications that behave in an annoying or
undesirable manner

A

grayware

35
Q

is a wireless access point installed on a secure network without explicit authorization

A

rogue access point

36
Q

Wireless signals are susceptible to electromagnetic interference
(EMI), radio-frequency. Disrupts the transmission of a radio or satellite station.

A

RF jamming

37
Q

Sending unauthorized messages to another Bluetooth device. A variation of this is to send a shocking image to the other device

A

bluejacking

38
Q

occurs when the attacker copies the victim’s information from his device. This information can include emails and contact lists

A

bluesnarfing

39
Q

uses a key for encryption. Since everyone is using
the same key, the criminal has access to a large amount of traffic for analytic attacks.

A

WEP and WPA

40
Q

has three participants: the criminal, the victim, and the website.
The cyber-criminal does not target a victim directly. The criminal exploits vulnerability
within a website or web application. Criminals inject client-side scripts into web
pages viewed by users, the victims. A malicious script of this type can access any
cookies, session tokens, or other sensitive information

A

cross-site scripting

41
Q

One way to store data at a website is to use a database. Types of databases: Structured Query Language (SQL) or Extensible Markup Language
(XML). Both injection attacks exploit weaknesses not validating database queries
properly

A

code injection

42
Q

Data goes beyond the limits of a buffer. Buffers are memory areas allocated to an application. The application accesses memory allocated to other processes. This can lead to a system crash, data compromise, or provide escalation of privileges

A

buffer overflow

43
Q

Allow a cybercriminal to execute malicious code and take control of a system. Allows a criminal to execute any
command on a target machine

A

remote code executions vulnerabilities

44
Q

Java operates through an interpreter, the Java Virtual Machine (JVM). The JVM enables the Java program’s functionality. Java is the second biggest
number of security vulnerabilities next to Adobe’s Flash plugin

A

Java extensions

45
Q

Use email, instant messaging, or other social media to try to gather information such as login credentials or account
information

A

phishing