information security

Question 1

Common Security Threats

Answer 1

Malware
potentially unwanted programs (Pups)
phishing
hacking
data breach
sniffing
attacks and unsecured software
Network & Mobile Platforms

Question 2

malware stands for

Answer 2

malicious software

Question 3

malware that comes with a downloaded file that a user requests

Answer 3

Drive-by downloads

Question 4

a computer program that has the ability to replicate or make copies of itself,
and spread to other files

Answer 4

Viruses

Question 5

-malware that is designed to spread from computer to computer

Answer 5

worms

Question 6

malware that prevents you from accessing your computer or files and
demands that you pay a fine

Answer 6

Ransomware

Question 7

-appears to be benign, but then does something other than expected.
Often a way for viruses or other malicious code to be introduced into a computer system

Answer 7

Trojan horses

Question 8

feature of viruses, worms, and Trojans that allows an attacker to remotely
access a compromised computer

Answer 8

backdoors

Question 9

• type of malicious code that can be covertly installed on a computer when
  connected to the Internet. Once installed, the bot responds to external commands sent by the attacker

Answer 9

bot

Question 10

• collection of captured bot computers

Answer 10

botnet

Question 11

is a threat at both the client and the server levels, although servers
generally engage in much more thorough anti-virus activities than do consumers.

Answer 11

Malicious code

Question 12

program that installs itself on a computer, typically without the user’s informed consent

Answer 12

Potentially unwanted programs (PUPs)

Question 13

a PUP that serves pop-up ads to your computer

Answer 13

adware

Question 14

a program that can monitor and change the settings of a user’s browser

Answer 14

Browser parasites

Question 15

a program used to obtain information such as a user’s keystrokes, e-mail,
instant messages, and so on

Answer 15

spyware

Question 16

any deceptive, online attempt by a third party to obtain confidential information for
financial gain

Answer 16

phishing

Question 17

exploitation of human fallibility and gullibility to distribute malware

Answer 17

Social engineering

Question 18

an individual who intends to gain unauthorized access to a computer
system

Answer 18

hackers

Question 19

within the hacking community, a term typically used to denote a hacker
with criminal intent

Answer 19

Crackers

Question 20

cybervandalism and data theft for political purposes

Answer 20

Hacktivism

Question 21

-intentionally disrupting, defacing, or even destroying a site

Answer 21

Cybervandalism

Question 22

occurs when an organization loses control over its information to outsiders

Answer 22

Data breach

Question 23

is one of the most feared occurrences on the Internet. Fear that credit card information will be stolen prevents users from making online purchases in
many cases.

Answer 23

Credit card fraud / theft

Question 24

involves the unauthorized use of another person’s personal data for illegal

Answer 24

Identity fraud

Question 25

involves attempting to hide a true identity by using someone else’s e-mail or IP address

Answer 25

Spoofing

Question 26

automatically redirecting a web link to an address different from the intended one, with the site masquerading as the intended destination

Answer 26

Pharming

Question 27

- also referred to as link farms; promise to offer products or services, but in fact are just collections of advertisements

Answer 27

spam

Question 28

-flooding a website with useless traffic to inundate and overwhelm the network

Answer 28

Denial of Service (DOS) Attack

Question 29

using numerous computers to attack the target network from numerous launch points

Answer 29

Distributed Denial of Service (DDOS) Attack

Question 30

is a type of eavesdropping program that monitors information traveling over a network

Answer 30

sniffer

Question 31

a method for recording or journaling e-mail traffic generally at the mail server level from any individual.

Answer 31

E-mail wiretaps

Question 32

the largest financial threats to business institutions come not from robberies but from embezzlement by insiders

Answer 32

Insider Attacks

Question 33

takes advantage of poorly coded web application software that fails to properly validate or filter data entered by a user on a web page

Answer 33

SQL injection attack

Question 34

- software vulnerability that has been previously unreported and for which no patch yet exists

Answer 34

Zero-day vulnerability

Question 35

verbal phishing

Answer 35

vishing

Question 36

uses SMS to perform phishing

Answer 36

Smishing

Question 37

mobile adware

Answer 37

madware

Question 38

Technology Solutions

Answer 38

encryption authentication procedures access controls anti-virus software proxy servers firewalls

Question 39

3 types of information security

Answer 39

cryptography steganography watermarking

Question 40

putting an information in different media elements

Answer 40

steganography

Question 41

putting original ownership

Answer 41

watermarking

Question 42

information needs to be hidden from unauthorized access

Answer 42

confidentiality

Question 43

Protected from unauthorized change

Answer 43

integrity

Question 44

Available to an authorized entity when it is needed

Answer 44

availability

Question 45

Security attacks that is threat to confidentiality

Answer 45

snooping traffic analysis

Question 46

Security attacks that is threat to integrity

Answer 46

modification masquerading replaying repudiation

Question 47

security attacks that is threat to availability

Answer 47

denial of service

Question 48

Protect devices, networks, programs, and data from attacks and unauthorized access – cyber realm

Answer 48

Cybersecurity

Question 49

Protecting the information regardless of the realm – digital or analog

Answer 49

Information Security

Question 50

one of the essential method of information system

Answer 50

cryptography

Question 51

a message in its natural format readable by an attacker; it is the original message or data

Answer 51

Plaintext

Question 52

– a message altered to be unreadable by anyone except the intended recipients.

Answer 52

ciphertext

Question 53

transforming the plaintext, under the control of the key

Answer 53

encryption

Question 54

it is the sequence that controls the operation and behavior of the cryptographic algorithm

Answer 54

Key

Question 55

transforming the ciphertext back to the original plaintext

Answer 55

Decryption

Question 56

Any character of plain text from the given fixed set of characters is substituted by some other character from the same set depending on a key

Answer 56

Substitution cipher

Question 57

it is a substitution cipher, named after Julius Caesar

Answer 57

The Caesar Cipher

Question 58

is one which rearranges the order of the letters in the ciphertext(encoded text), according to some predetermined method, without making any substitutions.

Answer 58

transposition cipher

Question 59

Types of ciphers

Answer 59

Private key ciphers Public key ciphers

Question 60

the secret key is shared between two parties

Answer 60

Private key ciphers

Question 61

the secret key is not shared and to parties can still communicate using public keys

Answer 61

Public key ciphers