module 3 Flashcards
(73 cards)
1
Q
types of digital security risk
A
- internet and network attacks
- sytem failure
- unauthorized access and use
- software theft
- hardware theft, vandalism, and failure
- information theft
2
Q
types of internet and network attack
A
- active attack
- passive attack
3
Q
examples of active attacks
A
- denial of service attack
- malware infections
4
Q
how to know if system in infected?
A
- system performance
- unusual activity
- security issues
- internet behavior
5
Q
how to prevent malware?
A
- keep your software up to date
- install and maintain antivirus software
- be wary of email attachment and links
- be smart about downloading software
6
Q
how to protect from unauthorized access and use?
A
- password
- PIN
- possessed object
- biometric device
- two-step verification
7
Q
how software is protected?
A
- product activation
- software license agreement
8
Q
how to protect from info theft?
A
- encryption
- digital signature
- digital certificate
- secure site
9
Q
legal protection
A
- data privacy act of 2012 (RA 10173)
- electronic commerce act of 2000 (RA 8792)
- cybercrime prevention act of 2012 (RA 10175)
- anti wire-tapping law (RA 4200)
10
Q
any event or action that could cause a loss of or damage to a computer or mobile device hardware, software, data, information, or processing capability
A
digital security risk
11
Q
Any illegal act involving the use of a computer or related devices
A
computer crime
12
Q
an online or Internet-based illegal act
A
cybercrime
13
Q
unwanted intrusion into a computer network or system connected to the internet
A
internet and network attack
14
Q
Attackers can have different motives, such as stealing data (financial information, personal details), disrupting operations (taking down websites, causing outages), or installing malware for further attacks
A
internet and network attack
15
Q
The attacker actively tries to modify or harm data. This could involve installing malware, deleting files, or launching denial-of-service attacks (DoS/DDoS) to overload systems
A
active attack
16
Q
The attacker gathers information without being noticed. This might i nvolve eavesdropping on network traffic to steal data or spying on user activity
A
passive attack
17
Q
This attack aims to overwhelm a website or online service with a massive amount of traffic, making it unavailable to legitimate users. It’s like creating a huge crowd at a store entrance to prevent anyone from entering.
A
denial of service attack
18
Q
It is a program that actively modifies your system, steals data, or disrupts operations. Viruses, ransomware, and Trojan horses all fall under this category
A
malware infection
19
Q
spreads b/w computers
A
virus
20
Q
spreads b/w computers in one company or location
A
worm
21
Q
sneaks malware onto your computer
A
trojan
22
Q
steals your data
A
spyware
23
Q
spams with ads
A
adware
24
Q
records user activity
A
keylogger
25
turns pc into puppet
botnet
26
gives remote access to your device
rootkit
27
operates in system's memory
fileless malware
28
encrypts files and blackmails you
ransomware
29
a type of malicious software, or malware, specifically designed to spread itself from one computer to another.
computer virus
30
They replicate by attaching themselves to other programs or files, and then those infected programs or files spread the virus when they are opened or executed.
computer virus
31
a piece of malware similar to a virus, but with a key difference: how it spreads
computer worm
32
Unlike viruses that need to piggyback on other programs, ___ can replicate themselves independently.
computer worm
33
refers to someone gaining entry to a computer system, network, or data storage without permission and using it for unintended purposes. This is a major security concern because it can lead to a variety of harmful consequences.
unauthorized access
34
is the improper or unintended utilization of a computer system, network, or data storage after someone gains unauthorized access
unauthorized use
35
is a private combination of words, often containing mixed capitalization and punctuation, associated with a user name that allows access to certain computer resources
password
36
Most websites and applications will enforce a minimum password length, typically between ____ characters.
8 and 12
37
is a numeric password, either assigned by a company or selected by a user
PIN (personal identification number), sometimes called a passcode
38
any item that you must possess, or carry with you, i n order to gain access to a computer or computer facility
possess object
39
authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer or mobile device verifying a physical or behavioral characteristic
biometric device
40
uses two separate methods, one after the next, to verify the identity of a use
two-step verification
41
focuses on recovering and investigating data from digital devices. This data can i nclude anything from emails and documents to photos and videos
digital forensics
42
used in a variety of contexts, including law enforcement investigations, civil l itigation, and incident response
digital forensics
43
known as software piracy, is the i llegal copying, distribution, sharing, selling or use of software programs.
software theft
44
process that verifies a software license is valid. This helps prevent software piracy, where people use copied or illegal versions of software. When you activate software, you typically provide a license key that is linked to your purchase
product activation
45
is a legal contract between you (the licensee) and the software developer (the licensor) that spells out the terms of how you can use their software. It's essentially a permission slip that grants you certain rights to use the software, but you don't actually own the software itself
software license agreement
46
known as data theft, is the i llegal retrieval, copying, or storage of someone's personal information.
information theft
47
a process of converting data that is readable by humans into encoded characters to prevent unauthorized access
encryption
48
encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the message sender
digital signature
49
notice that guarantees a user or a website is l egitimate
digital certificate
50
A website that uses encryption techniques to secure its data is known
secure site
51
an act of stealing digital equipment
hardware theft
52
act of defacing or destroying digital equipment
hardware vandalism
53
how to protect from hardware theft, vandalism and failure?
- physical security measures
- data security measures
54
the branch of philosophy that explores what is morally right and wrong.
ethics
55
It's about studying the principles that govern human behavior and making reasoned judgments about complex situations.
ethics
56
refers to the guiding precepts and norms that are adopted and applied to regulate and control the use of computers and its applications
computer ethics
57
58
It is the moral guidelines that govern the use of computers, mobile devices, information systems, and related technologies
technology ethics
59
the right to be left alone when you want to be
privacy
60
right to be forgotten
information privacy
61
refers to the right of individuals and companies to deny or restrict the collection, use, and dissemination of information about them.
information privacy
62
a small text file that a web server stores on your computer
cookie
63
is a scam in which a perpetrator sends an official l ooking email message that attempts to obtain your personal and/or financial i nformation
phishing
64
is defined as gaining unauthorized access to or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others
social engineering
65
to protect the fundamental human right of privacy, of communication while ensuring free flow of information to promote innovation and growth.
Data Privacy Act of 2012 (Republic Act 10173)
66
An act providing for the recognition and use of electronic commercial and non-commercial transactions and documents, penalties for unlawful use thereof and for other purposes.
Electronic Commerce Act of 2000 (Republic Act 8792)
67
It aims to address legal issues concerning online interactions and the Internet in the Philippines. Among the cybercrime offenses included in the bill are cybersquatting, cybersex, child pornography, identity theft, illegal access to data and libel.
Cybercrime Prevention Act of 2012 (Republic Act 10175)
68
An act to prohibit and penalize wire tapping and other related violations of the privacy of communication, and for other purposes
Anti Wire-Tapping Law (Republic Act 4200)
69
protects any tangible form of expression (but not ideas) from being copied by others for a period of time.
copyright
70
I n the Philippines, copyright protection for artistic, literary and derivative works lasts during the lifetime of the author ____ after the author's death
plus 50 years
71
the act of copying of copyrighted materials done for purposes such as commenting, criticizing, or parodying a copyrighted work without the permission from the copyright owner. It i s used as a defense under copyright infringement.
fair use
72
Protects inventions and new processes. This could be a new machine, a chemical compound, or even a new way of doing business
patent
73
Distinctive words, phrases, symbols, or designs that identify and distinguish the source of goods or services from others.
trademark
