Khỏe Đẹp Son

Is the act of fraudulently using email to try to get the recipient to reveal personal data?

phish·ing | \ ˈfi-shiŋ

: the practice of tricking Internet users [as through the use of deceptive email messages or websites] into revealing personal or confidential information which can then be used illicitly The most common form … is called phishing, a one-two punch using both email and Web browsing to trick people into typing confidential information into Web sites that look like the sites of real companies, especially financial institutions.— Walter S. Mossberg Social engineering tactics, such as phishing schemes, are often used by attackers to obtain valid credentials or other personal information.— Jack Morse — see also spear phishing

_____ involves the deployment of malware that secretly steals data in the computer systems of organizations.

Cyber-espionage

_____ is a program in which malicious code is hidden inside a seemingly harmless program.

A Trojan horse

_____ is the act of fraudulently using email to try to get the recipient to reveal personal data.

Phishing

_____ occurs when the personal information of an individual is stolen and used.

Identify theft

Which of the following terms is used to describe a large group of computers controlled from one or more remote locations by hackers without the knowledge of their owners?

Botnet [zombies]

A thorough _____ should test system safeguards to ensure that they are operating as intended.

Security audit

Identify a true statement about the bring your own device [BYOD] business policy.

It can improve employee productivity

Identify the attack in which a malicious hacker floods a target site with demands for data and other small tasks.

Distributed denial-of-service [DDoS]

In computing, a[n] _____ is an attack on an information system that takes advantage of a particular system vulnerability.

Exploit

In the context of computer crimes, those who attempt to destroy the infrastructure components of governments and financial institutions are known as _____.

Cyberterrorists

In the context of general security risk assessment, which of the following is true of the concept of reasonable assurance?

It recognizes that managers must use their judgement to ensure that the cost of control does not exceed a system's benefits

Jack was shocked to witness the sudden drop in performance of his laptop. He also found that the screen saver constant changed and that the task bar had disappeared. The given problems are symptoms of _____ infections.

Rootkit

The additional security option, used for credit card transactions, that keeps track of a customer's historical shopping patterns and notes deviations from the norm is _____.

Transaction-risk scoring software

Which of the following best describes a cybercriminal?

An individual who attacks a computer system or network for financial gain

Which of the following defines computer forensics?

It is a discipline that combines elements of law and computer science to identify, collect, examine, and preserve data from computer systems, networks, and storage devices.

Which of the following exploits when downloaded onto a smartphone takes control of the device and its data until the owner agrees to pay a sum of money to the attacker?

Ransomware

Which of the following is created and issued by software engineers to remove a system vulnerability?

A patch

Which of the following limits network access based on an organization's access policy?

A firewall

Which of the following statements defines an intrusion detection system [IDS]?

An IDS is software and/or hardware that monitors system and network resources for breaches

Which perpetrator violates computer or Internet security maliciously for illegal personal gain?

A black hat hacker

Is a form of malware in which malicious code is hidden inside a seemingly harmless program?

Trojan horses: programs in which malicious code is contained inside an seemingly harmless program. Worms: replicating programs that use a computer network to spread to other computers without attaching to an existing program.

What is the preferred method of phishing?

Spear phishing attacks, which are directed at specific individuals or companies. These attacks usually employ gathered information specific to the victim to more successfully represent the message as being authentic.

Which of the following best describes phishing?

Which of the following correctly defines phishing? The use of social engineering to trick a user into responding to an e-mail to initiate a malware-based attack.

What reroutes requests for legitimate websites to false websites?

reroutes requests for legitimate websites to false websites. For example, if you were to type in the URL to your bank, pharming could redirect to a fake site that collects your information. is a program that secretly takes over another computer for the purpose of launching attacks on other computers.