INFORMATION PROTECTION AND SECURITY

Question 1

a person who breaks in to a security system only with a malicious intent. A person who breaks in to a computer system for the purpose of earning profit, finding security loopholes of the system, showing protest or just for the sake of challenge is called a hacker. In recent times the differentiation between the definitions of the two terms has become vague due to the misuse of them by the mass media and the existence of the people belonging to both
categories.

Answer 1

Cracker(BREAK)

Question 2

_______ build, while crackers break.

Answer 2

Hackers(BUILD)

Question 3

FRAUD TYPES

Answer 3

Skimming
Phishing
Pharming

Question 4

where the card is cloned

Answer 4

Skimming

Question 5

technique used to obtain your card and personal details
through a fake email

Answer 5

Phishing

Question 6

a similar technique using fake websites, such as imitating a
bank’s website

Answer 6

Pharming

Question 7

Attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the system so that no one else can use it.

Answer 7

Denial of Service (DOS) Attack

Question 8

ACTS OF UNLAWFUL INTERFERENCE (7)

Answer 8

 Unlawful seizure of aircraft,
 Destruction of an aircraft in service,
 Hostage-taking on board aircraft or on aerodromes,
 Forcible intrusion on board an aircraft, at an airport or on the premises of an aeronautical facility,
 Introduction on board an aircraft or at an airport of a weapon or hazardous device or material
intended for criminal purposes,
 Use of an aircraft in service for the purpose of causing death, serious bodily injury, or serious
damage to property or the environment,
 Communication of false information such as to jeopardize the safety of an aircraft in
flight or on the ground, of passengers, crew, ground personnel on the general public,
at an airport or on the premises of a civil aviation facility.

Question 9

has dual requirements of protection of the ATM system against threats and vulnerabilities and the provision of ATM security services in support of organizations and authorities engaged in aviation security, national security, defense, and law enforcement.

Answer 9

ATM security

Question 10

ATM SYSTEM INFRASTUCTURE PROTECTION

Answer 10

Facility physical security and access control
(ATM facility design considerations, NAVAIDs, etc.)

Personnel security program
(position risk categorization, personnel screening and vetting, third-party personnel security, etc.)

Information and Communication Technology (ICT)
system security (unauthorized access, tampering with the systems, attacks on the systems)

Contingency planning for ATM security
(planning, system degradation to a safe/secure situation, service continuity, recovery, maintenance of plans)

Question 11

ATM SECURITY OPERATIONS

Answer 11

ATM contribution to safeguarding against unlawful
interference

ATM support for law enforcement
(e.g. laser threats, man portable air defence system threats)

Disasters and public health emergencies
(e.g. disaster response and recovery, communicable disease and other public health risks on board aircraft)

Airspace management for ATM security
(monitoring and reporting over security identification zones, emergency security control of air traffic, creation and monitoring of temporary airspace/flight restrictions)

Question 12

ICAO HEADQUARTES AND BRANCHES

Answer 12

MONTREAL, CANADA (HEADQUARTERS)
MEXICO CITY (NORTHAMERICA AND CARIBBEAN)
LIMA (SOUTH AMERICA)
PARIS (EUROPEAN AND NORTHATLANTIC)
DAKAR (WESTERN AFRICA)
CAIRO (MIDDLE EAST)
NAIROBI (EASTERN AFRICA)
BEIJING (ASIA-PACIFIC SUB OFFICE)
BANGKOK (ASIA-PACIFIC)

Question 13

The Aviation Cybersecurity Strategy (7)

Answer 13

International Cooperation
Governance
Effective Legislation & Regulations
Cybersecurity Policy
Information Sharing
Incident Management & Emergency Planning
Capacity Building, Training, & Cybersecurity Culture

Question 14

Cyber Threats are ______, _______ and ________

Answer 14

BORDERLESS, COMPLEX, and AGILE

Question 15

Digitalization is _____ to Civil Aviation ________ and Future Development Across _______

Answer 15

KEY, INTEROPERABILITY , ALL DOMAINS

Question 16

a set of principles and practices designed to safeguard your computing assets and online information against THREATS

Answer 16

CYBERSECURITY

Question 17

refers to criminal activities that specifically target a computer or network for damage orinfiltration.

Answer 17

CYBERCRIME

Question 18

is a deliberate exploitation of computer systems, technology dependent enterprises, and networks.

it uses malicious code to alter computer code, logic, or data, resulting in disruptive consequences that can compromise data and lead to cyber-crimes, such as information and identity theft.

Answer 18

CYBERATTACK

Question 19

The ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively. When something is private to a person, it usually means that something is inherently special or sensitive to them.

Answer 19

PRIVACY

Question 20

WAYS OF PROTECTING INFORMATIONS

Answer 20

ANTI VIRUS SOFTWARE
TRUSTED SOFTWARE
UPDATED SOFTWARE
FIREWALL
BACKUP FILES

Question 21

also known as internet privacy or digital privacy, refers to how much of your personal, financial and browsing information remains private when you’re online.

Answer 21

ONLINE PRIVACY

Question 22

is the need to preserve and protect any personal data being collected by any organization.

Answer 22

DATA PRIVACY

Question 23

information or an opinion forming part of a database, whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent,
or can reasonably be ascertained, from the information.

Answer 23

PERSONAL INFORMATION

Question 24

DATA PRIVACY RIGHTS

Answer 24

THE RIGHT TO:
INFORM
ACCESS
OBJECT
ERASE OR BLOCK
RECTIFY
DAMAGES
FILE A COMPLAINT

Question 25

CYBERSECURITY SCOPE:

Answer 25

-Physical Security
-Data Security
-Security roles, responsibilities,
and accountabilities
-Risk Management
-Education and
training
-Monitoring
-Recovery

Question 26

AIR TRANSPORT ECOSYSTEM:

Answer 26

ATM, AIRCRAFT AND AIRPORT

Question 27

GLOBAL CYBER TRENDS:

Answer 27

More users and devices
Wider networks and faster connections
Easier data storage and new efficient data types
More usages and new services
Less isolated architectures
Quick adoption of new technologies

Question 28

WHAT ARE THE COMMON CYBERTHREATS?

Answer 28

-Malware
-Hacking
-Social Engineering
-Ransomware
-Man in the Middle ( MitM)
-phishing
-The DOS (Denial of Service)
- Identity Theft
-Sextortion
-Password Attack
1. brute force attack
2. dictionary attack
3. keylogging

Question 29

malicious software intended to damage or disable computers and computer systems.

Answer 29

Malware

Question 30

unauthorized access to data in a system, to steal information, exchange of data, and damage data.

Answer 30

Hacking

Question 31

is an art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems or data.

Answer 31

Social Engineering

Question 32

is a subset of malware in which the data on a victim’s computer is locked, typically by encryption, and payment is demanded before the ransomed data is decrypted and access returned to the victim.

Answer 32

Ransomware

Question 33

attack is when an attacker intercepts communications between two parties either to secretly eavesdrop or modify traffic traveling between the two. Attackers might use MitM attacks to steal login credentials or personal information, spy on the victim, or sabotage communications or corrupt data.

Answer 33

Man in the Middle ( MitM)

Question 34

involves running through as many combinations
of potential passwords as necessary to hit on the right one.

Answer 34

brute force attack

Question 35

common passwords is used to attempt to gain access to a user’s computer and network

Answer 35

dictionary attack

Question 36

relies on getting a piece of malware onto your
computer that watches what you’re doing and keeps track of what you type, sending that information to a hacker.

Answer 36

keylogging

Question 37

trick users into clicking on malicious links or opening
unknown attachments for them to provide sensitive data, such as personal identifiable information, financial details, and passwords.

Answer 37

phishing

Question 38

attack typically uses one computer and one internet connection to flood a targeted system or resource.

Answer 38

The DOS (Denial of Service)

Question 39

is using other people’s personal identity without authorization for personal motives and do harm

Answer 39

Identity Theft

Question 40

sexual exploitation in which threatened release of sexual
images or information is the means of coercion.

Answer 40

Sextortion

Question 41

ELECTRONIC COMMERCE ACT OF 2000
aims to facilitate domestic and international dealings, transactions, arrangements agreements, contracts and exchanges and storage of information through the utilization of electronic, optical and similar medium, mode, instrumentality and technology to recognize the authenticity and reliability of electronic documents related to such activities and to promote the universal use of electronic transaction in the government and general public

Answer 41

REPUBLIC ACT NO. 8792

Question 42

ANTI-CHILD PORNOGRAPHY ACT OF 2009
Guarantee the fundamental rights of every child from all forms of neglect, cruelty and other conditions prejudicial to their development;
Protect the child from all forms of exploitation and abuse including, but not limited to:
(1) the exploitative use of a child or children in pornographic performances and materials;
and
(2) the inducement or coercion of a child to engage in or perform any sexual activity or
practices, through whatever means;

Answer 42

REPUBLIC ACT NO. 9775

Question 43

ANTI-PHOTO AND VIDEO VOYEURISM ACT OF 2009
The law prohibits recording videos or taking photos of a sexual act, the male or female genitalia, and of the female breast, among others, without consent of the persons featured in the material.

Answer 43

REPUBLIC ACT NO. 9995

Question 44

DATA PRIVACY ACT OF 2012
To protect the fundamental human right of privacy, of communication while ensuring free flow of information to promote innovation and growth. An act protecting individual personal information in information and communications systems in the government and the private sector, creating for this purpose a national privacy commission, and for other purposes.

Answer 44

REPUBLIC ACT NO. 10173

Question 45

CYBERCRIME PREVENTION ACT OF 2012
punishes content-related offenses such as cybersex, child pornography and libel which may be committed through a computer system. It also penalizes unsolicited commercial communication or content that advertises or sells products or services.

Answer 45

REPUBLIC ACT NO. 10175

Question 46

Top Cyber Threats in the Philippines
during the Pandemic

Answer 46

FAKE NEWS
SOCIAL MEDIA SCAM
PHISHING