phish·ing | \ ˈfi-shiŋ
: the practice of tricking Internet users [as through the use of deceptive email messages or websites] into revealing personal or confidential information which can then be used illicitly The most common form … is called phishing, a one-two punch using both email and Web browsing to trick people into typing confidential information into Web sites that look like the sites of real companies, especially financial institutions.— Walter S. Mossberg Social engineering tactics, such as phishing schemes, are often used by attackers to obtain valid credentials or other personal information.— Jack Morse — see also spear phishing
_____ involves the deployment of malware that secretly steals data in the computer systems of organizations.
Cyber-espionage
_____ is a program in which malicious code is hidden inside a seemingly harmless program.
A Trojan horse
_____ is the act
of fraudulently using email to try to get the recipient to reveal personal data.
Phishing
_____ occurs when the personal information of an individual is stolen and used.
Identify theft
Which of the following terms is used to describe a large group of computers controlled from one or more remote locations by hackers without the knowledge of their owners?
Botnet [zombies]
A thorough _____ should test system safeguards to ensure that they are operating as intended.
Security audit
Identify a true statement about the bring your own device [BYOD] business policy.
It can improve employee productivity
Identify the attack in which a malicious hacker floods a target site with demands for data and other small tasks.
Distributed denial-of-service [DDoS]
In computing, a[n] _____ is an attack on an information system that takes advantage of a particular system vulnerability.
Exploit
In the context of computer crimes, those who attempt to destroy the infrastructure components of governments and financial institutions are known as _____.
Cyberterrorists
In the context of general security risk assessment, which of the following is true of the concept of reasonable assurance?
It recognizes that managers must use their judgement to ensure that the cost of control does not exceed a system's benefits
Jack was shocked to witness the sudden drop in performance of his laptop. He also found that the screen saver constant changed and that the task bar had disappeared. The given problems are symptoms of _____ infections.
Rootkit
The additional security option, used for credit card transactions, that keeps track of a customer's historical shopping patterns and notes deviations from the norm is _____.
Transaction-risk scoring software
Which of the following best describes a cybercriminal?
An individual who attacks a computer system or network for financial gain
Which of the following defines computer forensics?
It is a discipline that combines elements of law and computer science to identify, collect, examine, and preserve data from computer systems, networks, and storage devices.
Which of the following exploits when downloaded onto a smartphone takes control of the device and its data until the owner agrees to pay a sum of money to the attacker?
Ransomware
Which of the following is created and issued by software engineers to remove a system vulnerability?
A patch