Module 2 Flashcards

1
Q

Computer virus

A

Malicious code written to interfere with computer operations and cause damage to data and software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Malware

A

Software designed to harm devices or networks (aka viruses)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Social engineering

A

A manipulation technique that exploits human error to gain private information, access, or valuables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Phishing

A

The use of digitial communications to trick people into revealing sensitive data or deploying malicious software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Business email compromise (BEC)

A

A threat actor sends an email message that seems to be from a known source to make a seemingly legitimate request for info in order to obtain a financial advantage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Spear phishing

A

A malicious email attack that targets a specific user or group of users. The email seems to originate from a trusted source

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Whaling

A

A form of spear phishing. Threat actors target company executives to gain access to sensitive data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Vishing

A

The exploitation of electronic voice communication to obtain sensitive info or to impersonate a known source

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Smishing

A

The use of text messages to trick users in order to obtain sensitive info or to impersonate a known source

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Malware

A

Is software designed to harm devices or networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the types of malware attacks?

A
  • viruses
  • worms
  • ransomware
  • spyware
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Viruses

A

Malicious code written to interfere with computer operations and cause damage to data and software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Worms

A

Malware that can duplicate and spread itself across systems on its own. Does not need to be downloaded by a user. It self replicates and spread from an already infected computer to other devices on the same network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Ransomware

A

A malicious attack where threat actors encrypt an organization’s data and demand payment to restore access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Spyware

A

Malware that’s used to gather and sell info without consent. Can be used to access devices. This allows threat actors to collect personal data, such as private emails, texts, voice, and image recordings and locations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Social engineering

A

Is a manipulation technique that exploits human error to gain private info, access, or valuables

17
Q

What are types of social engineering attacks?

A
  • social media phishing
  • watering hole attack
  • USB baiting
  • physical social engineering
18
Q

Social media phishing

A

A threat actor collects detailed info about their target from social media sites then they initiate an attack

19
Q

Watering hole attack

A

A threat actor attacks a website frequently visited by a specific group of users

20
Q

USB baiting

A

A threat actor strategically leaves a malware USB stick for an employee to find and install to unknowingly infect a network

21
Q

Physical social engineering

A

A threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location

22
Q

What are the reasons why social engineering attacks are effective?

A
  • authority
  • intimidation
  • consensus/social proof
  • scarcity
  • familiarity
  • trust
  • urgency
23
Q

Authority

A

Threat actors impersonate individuals with power

24
Q

Intimidation

A

Threat actors use bullying tactics. This includes persuading and intimidating victims into doing what they’re told

25
Q

Consensus/social proof

A

Because people sometimes do things that they believe many others are doing, threat actors use others’ trust to pretend they are legitimate

26
Q

Scarcity

A

A tactic used to imply that goods or services are in limited supply

27
Q

Familiarity

A

Threat actors establish a fake emotional connection with users that can be exploited

28
Q

Trust

A

Threat actors establish an emotional relationship with users that can exploited over time. They use this relationship to develop trust and gain personal info

29
Q

Urgency

A

A threat actor persuades others to respond quickly and without questioning