ETHICS

risk

________ is any possibility that something might occur resulting in an injury or a loss

digital security risk

__________ is any event or action that could cause a loss of or damage to computer or mobile device hardware, software, data, information, or processing capability.

types of digital security risks

_________ include threats to our information, physical health, mental health, and the environment

nation-state actors

State-sponsored attackers are employed by the government to launch computer attacks against their enemies through _________

cyberwarfare

_________ describes an attack whose goal ranges from disabling a government’s computer network to crippling a country

data mining

These attackers try to steal and then use your credit card numbers, online financial account information, or social security numbers using ________

data mining

___________ is the process of sifting through big data to find important questions that will yield fruitful results

cyber extortionist

___________ is an individual who threatens to expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization’s network.

social engineering

___________ is a category of attack that attempts to trick the victim into giving valuable information to the attacker.

hoaxes and phishing

Two examples of social engineering

computer crime

Any illegal act involving the use of a computer or related devices is generally referred to as a ___________

cybercrime

___________refers to online or internet-based illegal acts, such as distributing malicious software or committing identity theft.

crimeware

Software used by cybercriminal is called __________

cybersecurity

__________ is the practice of protection against digital threats, including unauthorized or illegal access to data.

digital or cyber forensics

____________ is the discovery, collection, and analysis of evidence found on computers and networks.

digital forensics examiner

________________ must have knowledge of the law, technical experience with many types of hardware and software products, superior communication skills, familiarity with corporate structures and policies, a willingness to learn and update skills, and a knack for problem-solving

digital detox

_________ is a period of time during which an individual refrains from using technology.

threat actoor

________ is a more general and common term used to describe individuals who launch attcks against other users and their computers

dark web

___________ is a part of the web that is accessed using specialized software, where users and website operators can remain anonymous while performing illegal actions

script kiddies

__________ are individuals who want to attack computers

hacker

_______ is a person who intends to access a computer system without permission

cracker

________ is someone who accesses a computer or network illegally but has the intent of destroying data, stealing information, or other malicious action

hacktivists

_________ are attackers who are strongly motivated by principles or beliefs

cyberterrorists

___________ attack a nation’s computer networks, like the electrical power grid, to cause disruption and panic among citizens.

authority

Directed by someone impersonating authority figure or falsely citing their authority

intimidation

To frighten and coerce by threat

consensus

Influences by what others do

scarcity

Something is in short supply

urgency

Immediate action is needed

familiarity

Victim well-known and well-received

trust

Help a person known to you

ethics

The standards that determine whether an action is good or bad is known as _______

technology ethics

_________are the moral guideline that govern the use of computers, mobile devices, information systems, and related technologies

information accuracy

intellectual property rights

green computing

Frequently discussed areas of computer ethics include ____________

information accuracy

___________ is a concern today because many users access information maintained by other people or companies. such as on the internet

graphics equipment and software

With ______________, users can easily digitize photos and then add. change. or remove images

intellectual property rights

______________ are the rights to which creators are entitled to their work

creative commons

_________ is another source for finding content that may or may not be used, along with any restriction or payment needed to use it

piracy

A common infringement of copyright is ________, where people illegally copy software, movies, and music

digital rights management

These issues with copyright law led to the development of the _____________ strategy

green computing

___________ involved reducing electricity and environmental waste while using computers, mobile devices, and related technologies

electrical waste

Organizations can implement a variety of measures to reduce _______

true

T or F: Information transmitted over networks has higher degree of a security risk than information kept on an organization’s premises

networks

Information transmitted over __________ has higher degree of a security risk than information kept on an organization’s premises

malware

________ is short for malicious software which consists of programs that act without user’s knowledge and deliberately alter the operations of computers and mobile devices

payload or destructive event or prank

Malware can deliver its ___________ or __________ or __________, on a computer or mobile device in a variety of ways

email attachments

A common way that computers and mobile devices become infected with viruses and other malware is through users opening infected ___________

adware

A program that displays an online advertisement in a banner, pop-up window, or pop-under window on web pages, email messages, or other internet services

ransomware

A program that blocks or limits access to a computer, phone or file until the user pays a specified amount of money

rootkit

A program that hides in a computer or mobile device and allows someone from a remote location to take full control of the computer or device

spyware

A program places on a computer or mobile device without the user’s knowledge that secretly collects information about the user and then communicate the information it collects to some outside source while the user is online

trojan horse

A program that hides within or looks like a legitimate program. Unlike a virus or worm, a _______ does not replicate itself to other computers or devices

virus

A potentially damaging program that affects or infects a computer or mobile device negatively by altering the way the computer or device works without the user’s knowledge or permission

worm

A program that copies itself repeatedly, for example, in memory or on a network, using up resources and possibly shutting down the computer, device, or network

zombie

A compromised computer or device known as a _______, is one whose owner is unaware that the computer or device is being controlled remotely by an outsider

botnet

__________ or zombie army, is a group of compromised computers or mobile devices connected to a network that are used to attack other netowrks, usually for nefarious purposes

zombie army

botnet is also known as

bot

______ is a program that performs a repetitive task on a network

botnets

Cybercriminals install malicious bots on unprotected computers and devices to create _______

DoS attack

__________ is a type of attack, usually on a server, that is meant to overload the server with network traffic so that it cannot provide necessary services such as the web or email

Denial of Service

DoS stands for ___________

distributed Dos

A more devasting type of DoS attack is ________________, in which multiple computers such as a zombie army, are used to attack a server or other network resource.

extensive

The dame caused by a DoS or DDoS attack usually is ________

back door

A program or set of instructions in a program that allows user to bypass security controls when accessing a program, computer, or network

bypass

A program or set of instructions in a program that allows user to _______ security controls when accessing a program, computer, or network

true

T or F: A rootkit can be a backdoor

worms

Some ________ leave backdoors which have been used to spread other worms or to distribute spam from the unsuspecting victim’s computers

true

T or F: Programmers often build back doors intro programs during system development to save development time

spoofing

_________ is a technique intruders use to make their network or internet transmission appear legitimate to a victim’s computer or network

IP and address spoofing

Two common types of spoofing schemes

IP spoofing

_________ occurs when an intruder computer tricks a network into believing its IP adress is associated with a trusted source

address spoofing

__________ occurs when the sender’s email address or other components of an email header are altered

digital footprint

________ is the record of everything you do online

false

T or F: A digital footprint can be nearly impossible to completely erase.

firewalls

_________ and access controls protect data and information on computers and other devices.

financial gain

For most computer users, the greatest risk comes from attackers who want to steal their information for their own ______==

virtual private network

Mobile users today often access their company networks through a ________

VPN

A private, secure path across a public network that allows authorized users to secure access to a company or other network

VPN

A _____ provides the mobile user with a secure connection to the company’s network server as if the user has a private line

VPN

________ help ensure that data is safe from being intercepted by unauthorized people by encrypting data it transmits from a laptop, smartphone, or other mobile devices

firewalls

___________ protect network resources from outsiders and to restrict employee’s access to sensitive data, such as payroll or personnel records

proxy server

It is a server outside the organization’s network that controls which communications pass in and out of the organization’s network

true

T or F: Both Windows and Mac operating systems include firewall capabilities

unauthorized access

__________ is the use of a computer or network without permission

acceptable use policy or AUP

An organization’s ____________ should specify the acceptable use of technology by employees for personal reaons

AUP

An organization should document and explain AUP to employees

access controls

Many organizations use _________ to minimize the change that a perpetrator, intentionally or an employee accidentally may access confidential information on a computer

audit trail

The computer device or network should maintain an _________ that records access attempts

backup

To protect against data loss caused by hardware, software, or information theft or system failure, ________ is required

online backup

____________ services use special software on the computer to monitor what files have change or have been created

cloud backup

_________ services can save you the cost of maintaining hardware

full backup

Copies all of the files on media in the computer

differential backup

Copies only the files that have changed since the last full backup

incremental backup

Copies only the files that have changed since the last or full incremental backup

selective backup

Users choose which folders and files to include in a backup

continuous data protection

All data is backed up whenever a change is made

remote management

________ allows the configuration settings to be changed from anywhere through an internet connection

access password

This requires a password to access the configuration settings of the device

SSID

______ is the name of the local wireless network

WPA2

_______encrypts the wireless data transmission and also limits who can access the Wi-Fi network