1. What is a virus?
    is a program written with malicious intent and sent out by attackers. The virus is transferred to another computer through e-mail, file transfers, and instant messaging. The virus hides by attaching itself to a file on the computer. When the file is accessed, the virus executes and infects the computer. A virus has the potential to corrupt or even delete files on your computer, use your e-mail to spread itself to other computers, or even erase your entire hard drive.Some viruses can be exceptionally dangerous. The most damaging type of virus is used to record keystrokes. These viruses can be used by attackers to harvest sensitive information, such as passwords and credit card numbers. Viruses may even alter or destroy information on a computer. Stealth viruses can infect a computer and lay dormant until summoned by the attacker.
  2. What is a worm?
    is a self-replicating program that is harmful to networks. A worm uses the network to duplicate its code to the hosts on a network, often without any user intervention. It is different from a virus because a worm does not need to attach to a program to infect a host. Even if the worm does not damage data or applications on the hosts it infects, it is harmful to networks because it consumes bandwidth.
  3. What is a Trojan?
    is technically a worm. The Trojan does not need to be attached to other software. Instead, a Trojan threat is hidden in software that appears to do one thing, and yet behind the scenes it does another. Trojans are often disguised as useful software. The Trojan program can reproduce like a virus and spread to other computers. Computer data damage and production loss could be significant. A technician may be needed to perform the repairs, and employees may lose or have to replace data. An infected computer could be sending critical data to competitors, while at the same time infecting other computers on the network.
  4. ActiveX
    Technology created by Microsoft to control interactivity on web pages. If ActiveX is on a page, an applet or small program has to be downloaded to gain access to the full functionality.
  5. Java
    Programming language that allows applets to run within a web browser. Examples of applets include a calculator or a counter.
  6. JavaScript
    Programming language developed to interact with HTML source code to allow interactive websites. Examples include a rotating banner or a popup window.
  7. Adware
    is a software program that displays advertising on your computer. Adware is usually distributed with downloaded software. Most often, adware is displayed in a popup window. Adware popup windows are sometimes difficult to control and will open new windows faster than users can close them.
  8. Grayware
    or malware is a file or program other then a virus that is potentially harmful. Many grayware attacks are phishing attacks that try to persuade the reader to unknowingly provide attackers with access to personal information. As you fill out an online form, the data is sent to the attacker. Grayware can be removed using spyware and adware removal tools.
  9. Spyware
    a type of grayware, is similar to adware. It is distributed without any user intervention or knowledge. Once installed, the spyware monitors activity on the computer. The spyware then sends this information to the organization responsible for launching the spyware.
  10. Phishing
    is a form of social engineering where the attacker pretends to represent a legitimate outside organization, such as a bank. A potential victim is contacted via e-mail. The attacker might ask for verification of information, such as a password or username, to supposedly prevent some terrible consequence from occurring.
  11. Denial of service (DoS)
    is a form of attack that prevents users from accessing normal services, such as e-mail and a web server, because the system is busy responding to abnormally large amounts of requests. DoS works by sending enough requests for a system resource that the requested service is overloaded and ceases to operate.
  12. Name two common DoS(Denial of Service)attacks?
    • Ping of death – A series of repeated, larger than normal pings that crash the receiving computer
    • E-mail bomb – A large quantity of bulk e-mail that overwhelms the e-mail server preventing users from accessing it
  13. What is Distributed DoS(DDoS)?
    is another form of attack that uses many infected computers, called zombies, to launch an attack. With DDoS, the intent is to obstruct or overwhelm access to the targeted server. Zombie computers located at different geographical locations make it difficult to trace the origin of the attack.
  14. Spam
    also known as junk mail, is unsolicited e-mail, as shown in Figure 1. In most cases, spam is used as a method of advertising. However, spam can be used to send harmful links or deceptive content
  15. Name some common indications of Spam?
    • No subject line
    • Incomplete return addresses
    • Computer generated e-mails
    • Return e-mails not sent by the user
  16. What is social engineer?
    • is a person who is able to gain access to equipment or a network by tricking people into providing the necessary access information. Often, the social engineer gains the confidence of an employee and convinces the employee to divulge username and password information.
    • A social engineer may pose as a technician to try to gain entry into a facility, as shown in Figure 1. Once inside, the social engineer may look over shoulders to gather information, seek out papers on desks with passwords and phone extensions, or obtain a company directory with e-mail addresses.
  17. SYN Flood
    Randomly opens TCP ports, tying up the network equipment or computer with a large amount of false requests, causing sessions to be denied to others
  18. Spoofing
    Gains access to resources on devices by pretending to be a trusted computer
  19. Man-in-the-Middle
    Intercepts or inserts false information in traffic between two hosts
  20. Replay
    Uses network sniffers to extract usernames and passwords to be used at a later date to gain access
  21. DNS Poisoning
    Changes the DNS records on a system to point to false servers where the data is recorded
  22. Explain Hardware deconstruction
    • is the process of removing sensitive data from hardware and software before recycling or discarding. Hard drives should be fully erased to prevent the possibility of recovery using specialized software. It is not enough to delete files or even format the drive. Use a third party tool to overwrite data multiple times rendering the data unusable. The only way to fully ensure that data cannot be recovered from a hard drive is to carefully shatter the platters with a hammer and safely dispose of the pieces.
    • Media like CDs and floppy disks must also be destroyed. Use a shredding machine that is designed for the purpose.
  23. RFID stand for?
    Radio Frequency Identification
  24. There are two levels to passlock a computer?
    • BIOS – Prevents BIOS settings from being changed without the appropriate password
    • Login – Prevents unauthorized access to the network
  25. Data Encryption
    Encrypting data uses codes and ciphers. Traffic between resources and computers on the network can be protected from attackers monitoring or recording transactions by implementing encryption. It may not be possible to decipher captured data in time to make any use of it.
  26. Port Protection
    Every communication using TCP/IP is associated with a port number. HTTPS, for instance, uses port 443 by default. A firewall, as shown in Figure 2, is a way of protecting a computer from intrusion through the ports. The user can control the type of data sent to a computer by selecting which ports will be open and which will be secured. Data being transported on a network is called traffic.
  27. Wired Equivalent Privacy (WEP)
    the first generation security standard for wireless. Attackers quickly discovered that WEP encryption was easy to break. The encryption keys used to encode the messages could be detected by monitoring programs. Once the keys were obtained, messages could be easily decoded.
  28. Wi-Fi Protected Access (WPA)
    an improved version of WEP. It was created as a temporary solution until the 802.11i (a security layer for wireless systems) was fully implemented. Now that 802.11i has been ratified, WPA2 has been released. It covers the entire 802.11i standard.
  29. Lightweight Extensible Authentication Protocol (LEAP) also called EAP-Cisco
    a wireless security protocol created by Cisco to address the weaknesses in WEP and WPA. LEAP is a good choice when using Cisco equipment in conjunction with operating systems like Windows and Linux.
  30. Levels of Wireless Security
    • 1. Leap Security
    • 2. WPA
    • 3. WEP 128
    • 4. WEP 64
    • 5. No Securtiy
Card Set