Midterms

Question 1

this stands for malicious software. it is designed to gain access to a computer without the consent of the user

Answer 1

malware

Question 2

they perform unwanted tasks in the host computer for the benefit of a third party

Answer 2

malware

Question 3

special type of malware used for forced advertising. supported by the organizations whose products are advertised

Answer 3

adware

Question 4

malicious software downloaded along with the free software on the internet and installed in the computer without the user’s knowledge.

Answer 4

browser hijacking software

Question 5

this modifies the browsers setting and redirect links to other unintentional sites

Answer 5

browser hijacking software

Question 6

installed in the target computer with or without the user permission and is designed to steal sensitive information from the target machine

Answer 6

spyware

Question 7

this is a malicious code written to damage/harm the computer by deleting or appending a file, occupying memory space through code replication, slow down the performance of the computer, format the computer, etc…

Answer 7

virus

Question 8

true or false: virus can be spread via email attachment, pen drives, digital images, e-greeting, audio, or video clips

Answer 8

true

Question 9

true or false: a virus may be present in a computer but it cannot activate itself without human intervention or when the executable file (.exe) is executed

Answer 9

true

Question 10

this virus can replicate itself and doesn’t need human intervention to travel over the network and spread from the infected machine to the whole network; can spread through the network, using the loopholes of the OS or via email

Answer 10

worms

Question 11

the replication and spreading of the ____ over the network consume the network resources like space and bandwidth and force the network to choke

Answer 11

worm

Question 12

this is a malicious code that is installed in the computer by pretending to be useful software. this not only damages the computer but also creates a backdoor in the computer so it can be controlled by a remote computer

Answer 12

trojan horse

Question 13

this can become part of botnet (robot-network) or a network of computers infected by malicious code and controlled by a central controller

Answer 13

trojan horse

Question 14

the computers infected by trojan horse are known as

Answer 14

zombies

Question 16

true or false: trojans neither infect other computers in the network nor do they replicate

Answer 16

true

Question 17

networks of hijacked computer devices used to carry out various scams and cyberattacks. these automate mass attacks, such as data theft, server crashing, and malware distribution

Answer 17

botnet

Question 18

botnet is formed using two words

Answer 18

robot and network

Question 19

while surfing the internet, suddenly a pop-up alert appears in the screen which warns the presence of dangerous virus, spyware, etc., and urges the user to download the full paid version of the software to fix the problem

Answer 19

scareware

Question 20

as the user downloads the malicious code, their computer is held hostage until the ransom is paid. the malicious code can neither be uninstalled nor used until the ransom is paid

Answer 20

scareware

Question 21

when was the internet born

Answer 21

1960’s; access is limited to scientists, researchers, and the defense only

Question 22

when was the internet launched to the public

Answer 22

1996

Question 23

this is used to describe an unlawful activity in which computer or computing devices, such as smartphones, tablets, personal digital assistants are used as a tool for criminal activity

Answer 23

cyber crime

Question 24

this is often committed by the people of destructive and criminal mindset, either for revenge, greed or adventure

Answer 24

cyber crime

Question 25

an attack to the network or computer by some person with authorized system access

Answer 25

insider attack

Question 26

performed by dissatisfied or unhappy inside employees or contractors; motivation can be revenger or greed

Answer 26

insider attack

Question 27

true or false: it is easy for an insider to perform a cyber attack as he is well aware of the policies, processes, IT architecture, and wellness of the security system

Answer 27

true

Question 28

the insider attack could be prevented by planning and installing an _________ (IDS) in the organization

Answer 28

intrusion detection systems

Question 29

the attacker is either hired by an insider or an external entity to the organization

Answer 29

external attack

Question 30

cyber attacks can be classified as?

Answer 30

structure attacks and unstructured attacks base don the level of maturity of the attacker

Question 31

generally performed by amateurs who don’t have any predefined motives to perform the cyber attack; they test a tool available on the internet on the network of a random company

Answer 31

unstructured attacks

Question 32

performed by highly skilled and experienced people and the motives are clear in their mind; use tools that can’t be noticed by intrusion detection systems

Answer 32

structure attack

Question 33

true or false: cyber crimes have turned out to be low investment, low-risk business with huge returns

Answer 33

true

Question 34

people are motivated towards committing cyber crime to make quick and easy money

Answer 34

money

Question 35

some people try to take revenge with other person/organizations/society/or religion by defaming its reputation or bringing economical or physical loss; comes under the category of cyber terrorism

Answer 35

revenge

Question 36

one can have pride if they hack highly secured networks like defense sites or networks

Answer 36

recognition

Question 37

the anonymity that a cyber space provides motivate cyber crimes; it is easier to get away with criminal activity in cyber space than the real word

Answer 37

anonymity

Question 38

the government itself is involved in cyber trespassing to keep eye on other person/network/country; the reason could be politically, economically, or socially motivated

Answer 38

cyber espionage

Question 39

this is an act of stalking, harassing or threatening someone using internet/computer as a medium; this is often done to defame a person using the internet as it offers anonymity; behavior includes false accusations, threats, sexual exploitation to minors, monitoring, etc…

Answer 39

cyber stalking

Question 40

an act of possessing image or video of a minor (under 18) engaged in sexual conduct

Answer 40

child pornography

Question 41

use of computer to forge or counterfeit a document

Answer 41

forgery and counterfeiting

Question 42

true or false: because of the internet, it is possible to produce counterfeit that matches the original document to such an extent that it is not possible to judge the authenticity of the document without expert judgement

Answer 42

true

Question 43

this is an illegal reproduction and distribution for personal use or business. it comes under crime related to IPR infringement

Answer 43

software piracy and crime related to IPRs

Question 44

it is defined as the use of computer resources to intimidate or coerce government, the civilian population in furtherance of political or social objectives

Answer 44

cyber terrorism

Question 45

process of acquiring personal and sensitive information (identity theft) of an individual via email by disguising as a trustworthy entity in an electronic communication

Answer 45

phishing

Question 46

if a telephone is used as a medium for identity theft, it is known as _______

Answer 46

Vishing

Question 47

This uses SMS to lure customers or steal their personal information

Answer 47

Smishing

Question 48

the act of physical destroying computer resources using physical force or malicious code

Answer 48

computer vandalism

Question 49

practice of modifying computer hardware and software to accomplish a goal outside the creator’s original purpose

Answer 49

computer hacking

Question 50

persons who hack the system to find security vulnerabilities of a system and notify to the organizations so that a preventive action can be taken to protect the system from outside hackers; may be paid employee of an organization or a freelancer

Answer 50

white hat

Question 51

white hat are popularly known as

Answer 51

ethical hackers

Question 52

hack the system with ill intentions. they find security loopholes and exploit the system for personal or organizational benefits until the organization who’s hacked apply security patches

Answer 52

black hat

Question 53

black hat hackers are popularly known as

Answer 53

crackers

Question 54

they find out security vulnerabilities and report to the site administrators and offer the fix of the security bug for a consultancy fee

Answer 54

grey hat

Question 55

someone outside computer security consulting firms who bug-test a system prior to its launch, looking for exploits so they can be closed

Answer 55

blue hat

Question 56

true or false: the organization can sue the hacker, if found, for the sum of more than or equivalent to the loss borne by the organization

Answer 56

true

Question 57

sending of unsolicited and commercial bulk message over the internet is known as

Answer 57

spamming

Question 58

the email is not targeted to one particular person but to a large number of people

Answer 58

mass mailing

Question 59

the real identity of the person is not known

(spamming)

Answer 59

anonymity

Question 60

the email is neither expected nor requested for the recipient

Answer 60

unsolicited

Question 61

an activity involving injecting a malicious client side script into a trusted website. the information gained can be used for financial benefits or physical access to a system for personal interest

Answer 61

cross-site scripting

Question 62

cyber criminals lure the customers to online auction fraud schemes which often lead to either overpayment of the product or the item is never delivered once the payment is made

Answer 62

online auction fraud

Question 63

an act reserving the domain names of someone else’s trademark with intent to sell it afterwards to the organization who is the owner of the trademark at a higher price

Answer 63

cyber squatting

Question 64

malicious code inserted into legitimate software, in which the malicious action is triggered by some specific condition. this can either destroy the information stored in the system or make system unusable

Answer 64

logic bombs

Question 65

hacker gains access to a website of an organization and either blocks it or modify it to serve political, economical, or social interest

Answer 65

web jacking

Question 66

examples of web jacking

Answer 66

• educational institutes were hacked by pakistani hackers and an animation which contains pakistani flags were flashed in the homepage of these websites
• indian hackers hacked website of pakistani railways and flashed indian flag for several hours on the occasion of independencce day of india in 2014

Question 67

hacking the username and password of ISP of an individual and surfing the internet at his cost

Answer 67

internet time theft

Question 68

a cyber attack in which the network is chocked and often collapsed by flooding it with useless traffic and thus preventing the legitimate network traffic

Answer 68

denial of service attack

Question 69

an attack which proceeds with small increments and finally add up to lead to a major attack, like gaining access to online banking of an individual and withdrawing small amounts unnoticed by the owner

Answer 69

salami attack

Question 70

a practice of changing the data before its entry into the computer system.

Answer 70

data diddling

Question 71

DA or the basic salary of the person is changed in the payroll data of an individual for pay calculation. once the salary is calculated and transferred to his account, the total salary is replaced by his actual salary in the report

Answer 71

data diddling

Question 72

a process of changing the header information of an email so that its original source is not identified and it appears to an individual at the receiving end that the email has been originated from source other than the original source