IAS MT Flashcards
It stands for “Malicious Software”
Malware
it is designed to gain
access or installed into the computer without the consent of the user.
MALWARE
They
perform unwanted tasks in the host computer for the benefit of a third party.
MALWARE
simply written to distract/annoy the user, to the complex ones which
captures the sensitive data from the host machine and send it to remote
servers.
MALWARE
It is a special type of malware which is used for forced advertising.
ADWARE
They either redirect the page to some advertising page or pop-up an additional page which promotes some product or event.
ADWARE
are financially supported by
the organizations whose products are advertised.
ADWARE
There is some malicious software which are downloaded along with the free software offered over the internet and installed in the host computer without the
knowledge of the user.
Browser Hijacking software
This software modifies the browsers setting and redirect
links to other unintentional sites.
Browser Hijacking software
It is a special type malware of which is installed in the target computer with or without the user permission and is designed to steal sensitive information from the target machine.
SPYWARE
Mostly it gathers the browsing habits of the user and the send it to the remote server without the knowledge of the owner of the computer. Most of the time they are downloaded in to the host computer while downloading freeware i.e. free application programs from the internet.
Spyware
may be of various types; It can keeps track of the cookies
of the host computer, it can act as a keyloggers to sniff the banking
passwords and sensitive information, etc.
spyware
is a malicious code written to damage/harm the host computer by deleting or appending a file, occupy memory space of the computer by replicating the copy of the code, slow down the performance of the computer, format the host machine, etc. It can be spread via email attachment, pen drives, digital images, e-greeting, audio or video clips,
etc.
Virus
may be present in a computer but it cannot activate itself
without the human intervention. Until and unless the executable file(.exe)
is execute, cannot be activated in the host machine.
Virus
They are a class of virus which can replicate themselves.
Worm
They are different from the virus by the fact that they does not require human intervention to travel over the network and spread from the infected machine to the whole network.
Worms
can spread either through network, using the loopholes of the Operating System or via email. The replication and spreading of the this over the network consumes the network resources like space and bandwidth and force the network to chok
Worms
is a malicious code that is installed in the host machine
by pretending to be useful software.
Trojan Horse
The user clicks on the link or download the file which pretends to be a useful file or software from legitimate source. It not only damages the host computer by manipulating the data but also it
creates a backdoor in the host computer so that it could be controlled by a remote computer.
Trojan Horse
a network of computers which are infected by malicious code and controlled by central controller.
Botnet(robot network)
The computers of this network which are infected by malicious
code are known as
Zombies
are networks of hijacked computer devices used to
carry out various scams and cyberattacks.
Botnet
The term “botnet” is
formed from the word’s
Robot and network
serve as a tool to automate mass attacks, such as data theft,
server crashing, and malware distribution.
Bots
It holds the host computer hostage until the
ransom is paid. The malicious code can neither be
uninstalled nor can the computer be used till the ransom is
paid.
Scareware
When was the internet born?
Around 1960’s
When was the the
trend changed from causing the physical damaging to computers to making a
computer malfunction using a malicious code
Around 1980’s
This term is used to describe a unlawful activity in
which computer or computing devices such as smartphones, tablets,
Personal Digital Assistants(PDAs), etc. which are stand alone or a part
of a network are used as a tool or/and target of criminal activity.
Cyber Crime
It is
often committed by the people of destructive and criminal mindset
either for revenge, greed or adventure.
Cyber Crime
An attack to the network or the computer system by some person with authorized system access is known as?
Insider attack
It is generally performed
by dissatisfied or unhappy inside employees or contractors.
Insider attack
The
insider attack could be prevented by planning and installing an?
internal intrusion detection systems (IDS)
When the attacker is either hired by an insider or an external entity
to the organization
External attacker
These attacks are generally performed by amateurs who don’t have
any predefined motives to perform the cyber attack. Usually these
amateurs try to test a tool readily available over the internet on the network
of a random company.
Unstructured attack
These types of attacks are performed by highly skilled and
experienced people and the motives of these attacks are clear in their
mind. They have access to sophisticated tools and technologies to gain
access to other networks without being noticed by their Intrusion Detection
Systems(IDSs).
Structure attack
these attacker have the necessary expertise to develop or
modify the existing tools to satisfy their purpose.
Structured attacker
These types of attacks are
usually performed by professional criminals, by a country on other rival
countries, politicians to damage the image of the rival person or the country,
terrorists, rival companies, etc.
Structured attacker
6 reasons for commission of cyber crimes
Money
Revenge
Fun
Recognition
Anonymity
Cyber Espionage
One of the six reasons for commission of cyber crimes, It is considered to be pride if someone hack the highly secured
networks like defense sites or networks.
Recognition
One of the six reasons for commission for cyber crime, At times the government itself is involved in cyber trespassing to
keep eye on other person/network/country. The reason could be politically, economically
socially motivated.
Cyber Espionage
19 kinds of cyber crime
Cyber stalking
Child pornography
Forgery and counterfeiting
Software piracy and crime related to IPRs
Cyber Terrorism
Phishing
Computer vandalism
Computer hacking
Creating and distributing viruses over internet
Spamming
Cross site scripting
Online auction fraud
Cyber squatting
Logic bombs
Web jacking
Internet time thefts
Denial of service attack
Salami attack
Data diddling
Email spoofing
It is a process of changing the header information of an e-mail so that its
original source is not identified and it appears to an individual at the receiving end that
the email has been originated from source other than the original source
Email spoofing
It is a practice of changing the data before its entry into the computer system.
Often, the original data is retained after the execution on the data is done.
Data diddling
It is an attack which proceeds with small increments and final add up to lead to
a major attack. The increments are so small that they remain unnoticed
Salami attack
It is a cyber attack in which the network is chocked and often collapsed by
flooding it with useless traffic and thus preventing the legitimate network traffic
Denial of service attack
Hacking the username and password of ISP of an individual and surfing the
internet at his cost is?
Internet time Theft
The hacker gain access to a website of an organization and either blocks it or
modify it to serve political, economical or social interest.
Web jacking
These are malicious code inserted into legitimate software. The
malicious action is triggered by some specific condition. If the conditions holds
true in future, the malicious action begins and based on the action defined in
the malicious code, they either destroy the information stored in the system or
make system unusable.
Logic bombs
It is an act of reserving the domain names of someone else‟s trademark
with intent to sell it afterwards to the organization who is the owner of the
trademark at a higher price.
Cyber Squatting
There are many genuine websites who offers online auction over internet. Taking
the advantage of the reputation of these websites, some of the cyber criminals lure the
customers to online auction fraud schemes which often lead to either overpayment of
the product or the item is never delivered once the payment is made.
Online auction fraud
It is an activity which involves injecting a malicious client side script into a trusted
website. As soon as the browser executes the malicious script, the malicious script gets
access to the cookies and other sensitive information and sent to remote servers. Now
this information can be used to gain financial benefit or physical access to a system for
personal interes
Cross site scripting
Sending of unsolicited and commercial bulk message over the internet
is known as
Spamming
3 criterias that an email cab be classified as spam
Mass mailing
Anonymity
Unsolicited
One of the criteria in spamming, the email is not targeted to one particular person but to a
large number of peoples.
Mass mailing
One of the criteria in spamming, The real identify of the person not known
Anonymity
One of the criteria in spamming, the email is neither expected nor requested for the recipient.
Unsolicited
The spreading of a virus can cause business and financial loss to an organization. The loss
includes the cost of repairing the system, cost associated with the loss of business during
downtime and cost of loss of opportunity. The organization can sue the hacker, if found, for
the sum of more than or equivalent to the loss borne by the organization.
Creating and distributing viruses over internet
One of the classification of hackers,someone outside computer security consulting firms who is used to
bug-test a system prior to its launch, looking for exploits so they can be closed.
Blue Hat
One of the classification of hackers, find out the security vulnerabilities and report to the site administrators
and offer the fix of the security bug for a consultancy fee.
Grey Hat
One if the classification of hackers, They may
hack the system for social, political or economically motivated intentions. They find the security
loopholes the system, and keep the information themselves and exploit the system for
personal or organizational benefits till organization whose system is compromised is aware of
this, and apply security patches.
Black hat
One of the classification of hackers and also known as the crackers
Black hat
One of the classification of hackerd, are the persons who hack the system to find the security vulnerabilities
of a system and notify to the organizations so that a preventive action can be taken to protect
the system from outside hackers
White hat
They are also known as ethical hackers
White hat
It is a practice of modifying computer hardware and software to
accomplish a goal outside the creator‟s original purpose.
Computer hacking
t is an act of physical destroying computing resources using physical
force or malicious code.
Computer vandalism
It is a process of acquiring personal and sensitive information of an
individual via email by disguising as a trustworthy entity in an electronic
communication.
Phishing
The purpose of this is identity theft and the personal
information like username, password, and credit card number etc. may be used
to steal money from user accoun
Phishing
It is defined as the use of computer resources to intimidate or coerce
government, the civilian population or any segment thereof in furtherance of
political or social objectives.
Cyber Terrorism
is an illegal reproduction and distribution for personal
use or business. It comes under crime related to IPR infringement. Some of the
other crimes under IPR infringement are: download of songs, downloading
movies, etc.
Software piracy snd Crime related to IPRS
It is an act of possessing image or video of a minor (under 18),
engaged in sexual conduct.
Child pornography
It is an act of stalking, harassing or threatening someone using
Internet/computer as a medium. This is often done to defame a person and
use email, social network, instant messenger, web-posting, etc. as a using
Internet as a medium as it offers anonymity. The behaviour includes false
accusations, threats, sexual exploitation to minors, monitoring, etc.
Cyber stalking
With
the advancement in the hardware and the software, it is possible to produce
counterfeit which matches the original document
Forgery and counterfeiting
it acts as a
fundamental system in case of a mishap where data is inadvertently lost or corrupted
from original system
Backup System
where data is backed up on a full-scale and recovered back from the
same
full back up
where only changed or newly added data is backed up
subsequently after the last full or incremental backup.
Incremental Backup
where only changed or newly added data is backed up
subsequently after last full or differential backup but changes made in the previous
differential backup are updated in next differential backup
differential back up
Methods in an enterprise can be improved based ono performance metrics, is measured in terms of cost for infrastructure,
operations and maintenance.
Total Cost of ownership
AOB stands for?
Age of Backup
RTO stands for?
Recovery time objective
RPO stands for?
Recovery Point Objective
