Midterm Lesson 1 Flashcards
This stands for “Malicious Software” and it is designed to gain access or installed into the computer without the consent of the user. They perform unwanted tasks in the host computer for the benefit of a third party.
Malware
8 types of malwares:
Adware
Browser hijacking software
Spyware
Virus
Worms
Trojan Horse
Botnet
Scareware
It is a special type of malware which is used for forced advertising. They either redirect the page to some advertising page or pop-up an additional page which promotes some product or event. These are financially supported by the organizations whose products are advertised.
adware
There is some malicious software which are downloaded along with the free software offered over the internet and installed in the host computer without the knowledge of the user. This software modifies the browsers setting and redirect links to other unintentional sites.
Browser hijacking software
It is a special type of which is installed in the target computer with or without the user permission and is designed to steal sensitive information from the target machine.
Spyware
Mostly it gathers the browsing habits of the user and the send it to the remote server without the knowledge of the owner of the computer. Most of the time they are downloaded in to the host computer while downloading freeware i.e. free application programs from the internet.
Spyware
________ may be of various types; It can keeps track of the cookies of the host computer, it can act as a keyloggers to sniff the banking passwords and sensitive information, etc.
Spywares
A _____ is a malicious code written to damage/harm the host computer by deleting or appending a file, occupy memory space of the computer by replicating the copy of the code, slow down the performance of the computer, format the host machine, etc.
virus
True or False:
A virus may be present in a computer but it cannot activate itself without the human intervention. Until and unless the executable file(.exe) is execute, a virus cannot be activated in the host machine.
True
They are a class of virus which can replicate themselves. They are different from the virus by the fact that they does not require human intervention to travel over the network and spread from the infected machine to the whole network.
Worms
True or False:
Worms can spread either through network, using the loopholes of the Operating System or via email. The replication and spreading of the worm over the network consumes the network resources like space and bandwidth and force the network to choke.
True
It is a malicious code that is installed in the host machine by pretending to be useful software.
Trojan horse
True or False:
Trojan horse can become a part of botnet(robot-network), a network of computers which are infected by malicious code and controlled by central controller. The computers of this network which are infected by malicious code are known as zombies.
True or False:
Trojans neither infect the other computers in the network nor do they replicate.
True
These are networks of hijacked computer devices used to carry out various scams and cyberattacks. The term “______” is formed from the word’s “robot” and “network.”
botnet
While surfing the Internet, suddenly a pop-up alert appears in the screen which warns the presence of dangerous virus, spywares, etc. in the user’s computer. As a remedial measure, the message suggests the used download the full paid version of the software. The malicious code can neither be uninstalled nor can the computer be used till the ransom is paid.
Scareware
The term ________ is used to describe a unlawful activity in which computer or computing devices such as smartphones, tablets, Personal Digital Assistants(PDAs), etc. which are stand alone or a part of a network are used as a tool or/and target of criminal activity. It is often committed by the people of destructive and criminal mindset either for revenge, greed or adventure.
cyber crime
Two categories of Cyber Crimes:
Insider Attack
External Attack
An attack to the network or the computer system by some person with authorized system access is known as _________. It is generally performed by dissatisfied or unhappy inside employees or contractors.
insider attack
When the attacker is either hired by an insider or an external entity to the organization, it is known as ________.
external attack
These attacks are generally performed by amateurs who don’t have any predefined motives to perform the cyber attack. Usually these amateurs try to test a tool readily available over the internet on the network of a random company.
Unstructured attacks
These types of attacks are performed by highly skilled and experienced people and the motives of these attacks are clear in their mind. They have access to sophisticated tools and technologies to gain access to other networks without being noticed by their Intrusion Detection Systems(IDSs).
Structure Attack
Reasons for Commission of Cyber Crimes:
Money
Revenge
Fun
Recognition
Anonymity
Cyber Espionage
Kinds of cybercrime:
Cyber Stalking
Child Pornography
Forgery and Counterfeiting
Software Piracy and Crime related to IPRs
Cyber Terrorism
Phishing
Computer Vandalism
Computer Hacking
Creating and distributing viruses over internet
Spamming
Cross Site Scripting
Online Auction Fraud
Cyber Squatting
Logic Bombs
Web Jacking
Internet Time Thefts
Denial of Service Attack
Salami Attack
Data Diddling
Email Spoofing
It is an act of stalking, harassing or threatening someone using Internet/computer as a medium. This is often done to defame a person and use email, social network, instant messenger, web-posting, etc. as a using Internet as a medium as it offers anonymity.
Cyber Stalking
It is an act of possessing image or video of a minor (under 18), engaged in sexual conduct.
Child Pornography
It is a use of computer to forgery and counterfeiting is a document.
Forgery and Counterfeiting
______ is an illegal reproduction and distribution for personal use or business. It comes under crime related to IPR infringement. Some of the other crimes under IPR infringement are: download of songs, downloading movies, etc.
Software piracy
It is defined as the use of computer resources to intimidate or coerce government, the civilian population or any segment thereof in furtherance of political or social objectives.
Cyber Terrorism
It is a process of acquiring personal and sensitive information of an individual via email by disguising as a trustworthy entity in an electronic communication. The purpose of phishing is identity theft and the personal information like username, password, and credit card number etc. may be used to steal money from user account.
Phishing
It is an act of physical destroying computing resources using physical force or malicious code.
Computer Vandalism
It is a practice of modifying computer hardware and software to accomplish a goal outside the creator’s original purpose.
Computer Hacking
They are the persons who hack the system to find the security vulnerabilities of a system and notify to the organizations so that a preventive action can be taken to protect the system from outside hackers.
White hat hackers
_____ hack the system with ill intentions. They may hack the system for social, political or economically motivated intentions. They find the security loopholes the system, and keep the information themselves and exploit the system for personal or organizational benefits till organization whose system is compromised is aware of this, and apply security patches. They are popularly known as crackers.
black hat
______ find out the security vulnerabilities and report to the site administrators and offer the fix of the security bug for a consultancy fee.
Grey hat hackers
It is someone outside computer security consulting firms who is used to bug-test a system prior to its launch, looking for exploits so they can be closed.
blue hat hacker
The spreading of a virus can cause business and financial loss to an organization.
Creating and distributing viruses over internet
Sending of unsolicited and commercial bulk message over the internet is known as ______.
spamming
the email is not targeted to one particular person but to a large number of peoples.
Mass mailing
The real identify of the person not known
Anonymity
the email is neither expected nor requested for the recipient.
Unsolicited
It is an activity which involves injecting a malicious client side script into a trusted website. As soon as the browser executes the malicious script, the malicious script gets access to the cookies and other sensitive information and sent to remote servers.
Cross Site Scripting
Taking the advantage of the reputation of these websites, some of the cyber criminals lure the customers to online auction fraud schemes which often lead to either overpayment of the product or the item is never delivered once the payment is made.
Online Auction Fraud
It is an act of reserving the domain names of someone else’s trademark with intent to sell it afterwards to the organization who is the owner of the trademark at a higher price.
Cyber Squatting
These are malicious code inserted into legitimate software. The malicious action is triggered by some specific condition.
Logic Bombs
The hacker gain access to a website of an organization and either blocks it or modify it to serve political, economical or social interest.
Web Jacking
Hacking the username and password of ISP of an individual and surfing the internet at his cost is ___________.
Internet Time Theft
It is a cyber attack in which the network is chocked and often collapsed by flooding it with useless traffic and thus preventing the legitimate network traffic.
Denial of Service Attack
It is an attack which proceeds with small increments and final add up to lead to a major attack.
Salami Attack
It is a practice of changing the data before its entry into the computer system. Often, the original data is retained after the execution on the data is done.
Data Diddling
It is a process of changing the header information of an e-mail so that its original source is not identified and it appears to an individual at the receiving end that the email has been originated from source other than the original source.
Email Spoofing
