IA 2 - UNIT 4

Question 1

Focuses in protecting computers, networks, program and data from unintended or authorized access, change or destruction.

Answer 1

Cybersecurity

Question 2

is the environment in which communication over computer networks occurs

Answer 2

Cyberspace

Question 3

3 Features of Security

Answer 3

1. confidentiality
2. integrity
3. availability

Question 4

is a crime that involves computer, the network that may been used in the commission of a crime or it may be the target

Answer 4

Cybercrime

Question 5

It includes cybersquatting, cybersex, child pornography, identity theft, illegal access to data and libel..

Answer 5

CybercrimePrevention Act of 2012,
officially recorded as Republic Act No. 10175

Question 6

Types of Malwares

Answer 6

1. trojan
2. virus
3. worm
4. spyware
5. ransomare
6. adware
7. rootkit
8. keylogger
9. remote access

Question 7

SECURITY TOOLS

Answer 7

1. Network Security Monitoring
2. Encryption
3. Web Vulnerability Scanning
4. Penetration Testing
5. Packet Sniffers And Password Auditing

Question 8

identifying intrusions and detecting threats from both outside and within the organization.

Answer 8

Network Security Monitoring

Question 9

process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot

Answer 9

Encryption

Question 10

• software program which performs automatic black box testing on a web application and identifies security vulnerabilities.
• Scanners do not access the source code, they only perform functional testing and try to find security vulnerabilities.

Answer 10

Web Vulnerability Scanning

Question 11

• also called pen testing or ethical hacking,
• is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit.
• So it can be automated with software applications or performed manually.

Answer 11

Penetration Testing

Question 12

7 Best Cyber Security Penetration Testing Tools

Answer 12

1. metasploit
2. nmap
3. wireshark
4. aircrack-ng
5. John the Ripper
6. Nessus
7. Burpsuite

Question 13

• It is a small program that listens to all traffic in the attached network(s), builds data streams out of TCP/IP packets,
• and extracts user names and passwords from those streams that contain protocols that send clear text passwords.

Answer 13

Packet Sniffers And Password Auditing

Question 14

Security Devices

Answer 14

1. Video Management Platforms
2. Video Surveillance
3. Video Recording Devices
4. Intrusion detection system (IDS)
5. Intrusion prevention systems (IPS)
6. Access Control Devices
7. Firewalls
8. Unified Threat Management
9. Antivirus

Question 15

surveillance systemcapable of capturing images andvideosthat can be compressed, stored or sent over communication networks

Answer 15

Video Surveillance

Question 16

Records and stores recorded footages

Answer 16

Video Recording Devices

Question 17

• a device or software application that monitors a network for malicious activity or policy violations.
• Any malicious activity or violation is typically reported or collected centrally using a security information and event management system

Answer 17

Intrusion
detection system (IDS)

Question 18

• a network security device that can not only detect intruders, but also prevent them from successfully launching any known attack.
• combine the abilities of firewalls and intrusion detection systems.

Answer 18

Intrusion prevention systems

Question 19

• They prevent access to sensitive resources.
• For high protection of properties and resources, possession of well-designed and technically sound access control devices has become a trend

Answer 19

Access Control Devices

Question 20

• It is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.
• have been a first line of defense in network security for over 25 years.

Answer 20

Firewalls

Question 21

• It is a category of security appliances which integrates a range of security features into a single appliance.
• appliances combine firewall, gateway anti-virus, and intrusion detection and prevention capabilities into a single platform.

Answer 21

Unified Threat Management

Question 22

Also known as anti-malware, it is a computer program used to prevent, detect and remove malware

Answer 22

Antivirus

Question 23

In securing one’s systems,
actions must be taken in three
areas

Answer 23

1. prevention
2. detection
3. response

Question 24

involves those actions taken to discover failures in prevention (realizing that 100% prevention is never possible);

Answer 24

detection

Question 25

involves all those actions one must take to attempt to prevent unauthorized access to a system

Answer 25

PREVENTION

Question 26

is generally considered to include recovery measures, but might also include efforts to uncover what has been done to the system in the attack and how it was done

Answer 26

Response

Question 27

Types of Intrusion

Answer 27

1. PHYSICAL INTRUSION
2. TARGET INTRUSION
3. RANDOM INTRUSION

Question 28

occurs when an intruder has physical access to a machine

Answer 28

PHYSICAL INTRUSION

Question 29

occurs on a particular system (or host machine) and can be initiated by an authorized user with an account, an unauthorized user masquerading as an authorized user (e.g., with a stolen password)

Answer 29

TARGET INTRUSION

Question 30

a system is attacked simply due to the fact that a door was left open for access into the system and that door was discovered by happenstance over the network when intruders were looking for access into randomly selected potential systems

Answer 30

RANDOM INTRUSION

Question 31

• works in a similar way, baiting a trap for hackers.
• It’s a sacrificial computer system that’s intended to attract cyberattacks, like a decoy.
• It mimics a target for hackers, and uses their intrusion attempts to gain information about cybercriminals and the way they are operating or to distract them from other targets

Answer 31

HONEYPOT

Question 32

• technique that hackers use to entice victims into risky circumstances.
• Although it can take many forms, they usually entail developing a false identity or online presence to win over an unsuspecting victim

Answer 32

HONEY TRAP

Question 33

is a centralized collection of honeypots and
analysis tools

Answer 33

HONEY FARM

Question 34

DIFFERENT TYPES OF HONEYPOT AND
HOW THEY WORK

Answer 34

1. spam trap
2. decoy database
3. malware honeypot
4. spider honeypot

Question 35

place a fake email address in a hidden location where only an automated address harvester will be able to find it

Answer 35

spam trap

Question 36

can be set up to monitor software vulnerabilities and spot attacks exploiting insecure system architecture or using SQL injection, SQL services exploitation, or privilege abuse

Answer 36

DECOY DATABASE

Question 37

• is intended to trap webcrawlers (‘spiders’) by creating web pages and links only accessible to crawlers.
• Detecting crawlers can help you learn how to block malicious bots, as well as ad-network crawlers.

Answer 37

SPIDER
HONEYPOT

Question 38

a single service or computer on a network,
that is configured to act as a decoy, attracting and
trapping would-be attackers

Answer 38

honeypot

Question 39

• collection of high-interaction honeypots designed to capture extensive information on threats.
• It is a combination of several honeypots to represent a
  network subnet

Answer 39

HONEYNET

Question 40

provide real operating systems and services with real content with which attacker can interact.

Answer 40

high-interaction
honeypots

Question 41

is one that uses emulated services and signatures to respond to an attacker’s probes.

Answer 41

low-interaction
honeypot

Question 42

LEGAL RISK OF DEPLOYMENT

Answer 42

1. Entrapment
2. Wiretapping
3. The Patriotic Act
4. Pen Trap Act

Question 43

• is defined as enticing the other party to commit an act that he/she was not already predisposed to do.
• the action of tricking someone into committing a crime in order to secure their prosecution
• his style of investigation constitutes entrapment

Answer 43

ENTRAPMENT

Question 44

was enacted to limit the ability for any individual to intercept communications

Answer 44

The Wiretap Act

Question 45

allows the government to monitor electronic
communication when in conjunction with an ongoing
investigation

Answer 45

THE PATRIOT ACT

Question 46

This statute prohibits the capture of non-content related
data like the information contained in the IP-packet
headers

Answer 46

PEN TRAP ACT

Question 47

TWO ISSUES THAT MUST BE ADDRESSED WHEN
DEVELOPING AND DEPLOYING A HONEY NET

Answer 47

1. data control
2. data capture

Question 48

• is crucially important to the implementation of a honey net.
• The key to protecting the rest of your network is to provide a mechanism for catching and mitigating all outbound packets.

Answer 48

Data control

Question 49

• The honey net won’t help you if you don’t record the data and set alerts.
• The data can also be utilized for forensic investigation to understand more about the attack in addition to capturing traffic for event notification

Answer 49

Data Capture

Question 50

The word steganography is derived from
the Greek words

Answer 50

steganos (meaning hidden or covered) and the Greek root graph
(meaning to write)

Question 51

The term was first used in the 14th
century by the German mathematician —— as the title
for his book ——-

Answer 51

Johannes Trithemius (1606)
Steganographia

Question 52

• approach allows the last bit in a byte to be altered.
• While one might think that this would significantly alter the colors in an image file, it does not.
• In fact, the change is indiscernible to the human eye.

Answer 52

least significant bit
(LSB)

Question 53

• is hiding and protecting the content of information
• messages can be transported by themselves

Answer 53

cryptography

Question 54

• hides the presence of information itself
• to hide information, the secret content has to be hidden in a cover message
• refers to the technique of hiding secret messages into media such as text, audio, image and video without any suspicion

Answer 54

steganography

Question 55

is the art and
science of detection of the
presence of steganography

Answer 55

steganalysis

Question 56

the scientific bridge between law and computer science that
allows digital evidence to be collected in a legally sound manner

Answer 56

COMPUTER FORENSICS

Question 57

• a branch of forensic science that focuses on identifying, acquiring, processing, analysing, and reporting on data stored electronically
• dependent on the integrity, dependability, and admissibility of digital evidence in judicial proceedings
• process of locating, safeguarding, analyzing, and documenting digital evidence

Answer 57

DIGITAL
FORENSIC

Question 58

digital forensic investigation process

Answer 58

1. identification
2. documentation
3. preservation
4. analysis
5. presentation

Question 59

digital forensic investigation process - identification

Answer 59

identify purpose of investigation & resource required

Question 60

digital forensic investigation process - documentation

Answer 60

document the crime scene with the help of photographic sketches

Question 61

digital forensic investigation process - preservation

Answer 61

isolate from network, secure and preserve the device

Question 62

digital forensic investigation process - analysis

Answer 62

identify tools and techniques to use and interpret the analysis results

Question 63

digital forensic investigation process - presentation

Answer 63

report the findings in a legally acceptable manner

Question 64

PREREQUISITES OF A
COMPUTER
FORENSIC EXAMINER

Answer 64

1. forensic skills
2. forensic techniques and tools
3. media and file system forensics

Question 65

The foremost common forensic
skill is

Answer 65

scientific method in which it ensures that the examiner is merely a finder of facts.

Question 66

the expert must by supported by forensically sound skills, tools, and methods.

Answer 66

FORENSIC TECHNIQUES AND TOOLS

Question 67

Successful forensic analysis requires a thorough
knowledge of file types and digital media
used to store data and the file structures
used on those devices

Answer 67

MEDIA AND FILE SYSTEM FORENSICS

Question 68

types of digital forensics

Answer 68

1. media forensics
2. network forensics
3. wireless forensics
4. database forensics
5. software forensics
6. email forensics
7. memory forensics
8. mobile phone forensics