StudyGuide Flashcards
(132 cards)
1
Q
Name the three components to the collection of resources known as the World Wide Web distinguished by the way that the resources are accessed and indexed.
A
HTML, HTTP, URLs
2
Q
Define the visible web
A
Is a collection of resources accessible through HTTP and compatible protocols with index search engines.
3
Q
Define the deep web
A
Is a invisible result: its inaccessibility by search engines, and its a part internet that is not indexed by search engines. (Normally behind paywalls)
4
Q
Define the Dark Web
A
Designed to be conceal from search engines and casual web uses (only through anonymity) services such as Tor or I2P
5
Q
Name one dark web domain
A
.onion or .garlic
6
Q
Name 2 Dark Web services
A
TOR ( TORPROJECT.ORG)
I2P
7
Q
What was the motivation behind the dark web?
A
COMPLETE Anonymization of information exchange on internet (encryption: sender/servers)
8
Q
List two uses of the dark net that you find acceptable
A
Anonymity and untraceable location
9
Q
Name the two technologies were critical to the operation of Silk Road
A
Tor and bitcoin technology
10
Q
What is principle of dumb pipe?
A
Network providers provide equal access and pricing to all content providers and customers without regard to the nature of that content.
11
Q
What is “fait-based approach” to net neutraility”?
A
The ability of broadband providers to self-regulate and maintain an open and neutral internet without the need for extensive government regulations.
- No bandwidth throttling
- No preferential allocation of bandwidth
- No Traffic shaping
12
Q
What is evidence that there were cases of “broadband providers blocking customers from accessing the content, application or service of their choice?”
A
Many Cases:
T-Mobile Binge On (2015) - Throttling: reduce bandwidth resolution
Comcast and Bit Torrent (2007- US broadband p2p)
Verizon and Throttling fire Deportment (OIO)
AT&T and Facetime (unlimited data plans)
13
Q
What are the three prohibition listed in the 2010 FCC Open Internet Order
A
No blocking,
No unreasonable Discrimination,
Transparency
14
Q
What is the real reason behind broadband providers opposition to Net Neutrality as the FCC defines it.
A
Interferes with the ability of broadband providers to maximize corporate profits and for this reason faces strong opposition
15
Q
How did the FCC change the regulations of broadband providers in 2015?
A
Reclassification as Title II Service Providers:
Net Neutrality Rules: No blocking, no paid prioritization, Transparency
16
Q
What is regulatory capture?
A
Government regulatory agency, originally established to act in the public interest and regulate industries, ends up being heavily influenced or controlled by the industries or companies it is supposed to oversee.
17
Q
List 1 research focus that seem reasonable to you?
A
- Impact of Neoliberalism on Internet Policies
- Media and Public Perception of Net Neutrality
- Historical Analysis of Internet Regulation
18
Q
What was the government position on the merit of Project Truthy?
A
The NSF and government support weren’t in a position to detriment the “truth” of Project Truthy, though FCC chairman Ajit Pai and Fox News used deception and misinformation to fuel tribalism. (CHECK IT)
19
Q
____ target of the alleged recent Russian hack on our election infrastructure?
A
A developer - who was selling software about voting machine hardware
20
Q
Is the greater threat to the integrity of the US electron system foreign or domestic?
A
domestically is more potential as threat of election interference than foreign entities.
21
Q
According to political scientist Dov Levin which country has interfered with the most national elections over the past 50 years.
A
USA
22
Q
According to political scientist Dov Levin, the US and USSR/Russia interfered with what percentage of the 937 competitive national elections between 1946 and 2000?
A
117
23
Q
Where did the Russians find the greatest impact in the 2016 election?
A
Trolling, Fake news/(misinformation campaigns)
24
Q
What is the “Fake News phenomenon?
A
The widespread dissemination of false or misleading information presented as legitimate news
25
Provide 2 of the 3 examples of governmental use of propaganda to control global and domestic public over the past century given in the articles
Radio Free Europe (RFE)
Radio Library (RL)
China 50 cent party
26
According to the author, which country perfected the art of “misinformation campaigns.
USA
27
How many ports are potentially accessible on a modern computer?
131,072
28
What ports are associated with legacy NetBios API?
135, 137-139
29
What are the terms that IANA uses to refer to the following port ranges? 1)_________________
0-1023
Well Known
30
_________________1024-49151
Registered
31
_________________49152-65535
Dynamic/ or Private
32
(T / F) IANA approves ports based on the application and intended use
True
33
(T / F) IANA does not endorse the use of a port or service even if the application is approved.
True
34
(T / F) There is little or no control over the use of a registered port
True
35
(T / F) Registered ports are controlled by IANA whereas unregistered ports aren’t
False
36
(T / F) Port 445 is associated with Windows NetBios API
False
37
(T / F) NetBios and SMB can be disabled in the Windows Registry
True
38
(T / F) NetBios and SMB can be unbound from the network interface
True
39
(T / F) NetBios and SMB can be blocked at a network firewall.
True
40
(T / F) ports 135-139 are never used on Unix computers.
False
41
(T/F) Telnet and FTP services are relatively harmless so their ports should be left open.
False
42
What is the popular netizen refrain regarding trolling?
“Don’t feed the trolls”
43
How does the article define “online trolling”?
Practice of anonymously interrupting normal and customary information exchange in order to lure the recipient not reacting to the message
44
How is online trolling different from other interference technologies like signal jamming, network blocking, network filtering, etc.?
Attempts to either engage or inflame the receiver, usually through misinformation, lies, distortions, and so on
45
What is one of the main goals of trolling?
provoke a reaction and manipulate opinions
46
Trolling is a part of the Internet’s ________________ space.
negative
47
List two examples of pedestrian online trolling
* Shit posting
* hit and run posting
48
Define kakistocracy
Rules by the least competent, corrupt and mortally unfit individuals (worst or least qualified to govern)
49
Define pathocracy
Rule of individuals with personality disorder, psychopaths’ and narcissists: (leading authoritarian or destructive governance.
50
List five different types of trolling defined in the article:
1) Ad hominem Trolling:
2) Nuisance Trolling:
3) Provocation trolling
4) Snag trolling
5) Proxy Trolling:
51
Why is online trolling so effective at manipulating public opinion?
Very Easy to escape undetected and can cause emotional manipulation.
52
List and explain the 4 categories of trolling stimulus & response.
1) ~TROLL/~TROLL (ordinary exchange):
2) ~TROLL/TROLL (troll/trollop insertion):
3) TROLL/~TROLL (sucker/victim):
4) ROLL/TROLL (troll warfare):
53
What is the definition of a phishing attack used in the article?
Attempt to get people to click on information/website by acting as a trust-worth agent
54
What is the most common tactic used in phishing?
unauthorized (victim) bank, Emails- reveal won a prize
55
According to the article, phishing is a subset of two larger problems. What are they?
Social engineering
Identify theft
56
According to the article, phishing shares many characteristics with two similar techniques. Describe them?
* Pharming
* Abuse of alternate data streams.
57
In what year did the first phishing attack take place?
January 1996
58
What are the basic strategies (minimum requirements) of effective phishing according to the article?
bulk mailing tool,
standard email,
ghost (fake) website
database of email addresses
59
Here are five telltale signs of a phishing attack in the HTML fragment below that were discussed in class. List and briefly explain three of them.
“
”
Barbie Harley Davidson in 1803 in 1951 AVI
1) “href=http://218.1.73.124/.../e3b/>
60
The article discussed several URL obfuscation techniques. List 3.
*
URL Shortening Service: bitly or TnyUrl
*
Subdomain Spoofing: mimic legit domains
Unicode/
*
homograph attack: Change letter to different ex) "bаnk.com" with a Cyrillic "а" instead latin.
61
List three examples of non-standard URL representations
(domain name)
(ip address)
(dotted octal)
62
Give an example of a Unicode URL exploit
get a real url → changes what the pc sees → goes to the fake website
Enter url: www.trustsite.com
pc goes: fakesite.com/fakepage.html
63
Give an example of how HTML can be used to conceal a URL:
Utilizing the anchor tag's attributes, specifically the "href" attribute:
Click here to claim your prize!
64
Give an example of how a numeric domain tail may be used to give the appearance of a legitimate URL or an actual IP address:
* name spoofing with unicode
A: https://www.paypal-192.168.1.1.com
65
Give an example how bogus authentication may be used to obscure an actual URL
Bogus authentication is a technique used by malicious actors to trick users into revealing their credentials or personal information by creating fake login screens that appear legitimate.
*********************************
Subject: Urgent: Action Required - Account Verification
Dear [User],
We have noticed suspicious activity on your account. To secure your account, please click the following link and verify your identity.
[Verify Your Account]
https://www.bankingservices-secure.com/login
Thank you for choosing [Bank Name].
Sincerely,
[Bank Name] Support
----------------------------------------------------------------------
When you hover your mouse over the link, you see that the URL displayed in the status bar is indeed www.yourbank.com/verify, reinforcing the appearance of authenticity.
However, in reality, the link doesn't lead to your bank's website. Instead, it directs you to a malicious website controlled by the attacker
66
What data was leaked in the Equifax breach?
personal data
67
What was the nature of the vulnerability in the Equifax hack?
vulnerability in the Apache Struts Server software
68
What was the specific attack vector?
The parser had incorrect exception handling during file uploads
69
According to Forbes Magazine, what penalties did the CEO of Equifax receive from the Board of Directors?
A "forced" retirement with a $90 million dollar payout
70
To what extent was information about the Struts vulnerability known before the attack?
very well known, was announced earlier in March: By many major security-breach reporting sites.
71
Was Equifax aware that a patch was available for the Struts vulnerability? If so how much time did they delay in applying the patch?
They were aware since March 8 2017, but didn't apply it for THREE months
72
What was the educational and training background of the Equifax CIO?
Degree in Russian History
73
viii. What was the education and training background of the Equifax CISO?
Degree in Music Composition
74
Describe the “too big to fail era”?
when a company is so large their failure would hurt the economy: So, they must be supported by the government when facing failure
75
Are credit reporting companies held liable for data loss?
No
76
What was the “payload” of the SCDOR hack?
Email phish bait containing a link to online malware
77
Why was there no Computer Information Security Officer overlooking the Department of Revenue’s security practices.
They felt that the $100,000 salary was too expensive
78
(T / F) The SCDOR hack used 33 unique pieces of malware and data management utilities
T
79
(T / F) According to the FBI, the perpetrators of the SCDOR hack were the Chinese
F
80
Was the Sony hack “one of the most vicious and malicious cyberattacks that we’ve known certainly in recent history”
no,
It doesn't even qualify for second or third tiered echelons of cyber attacks.
81
What did FBI Director James Comey offer in terms of justification of his accusation?
Regarding how he knew it was North Korea, he said "Trust me.”
82
Has there been any confirmable evidence offered by the government that identifies the source of the hack?
No
83
(Fill in the blank) “humans tend to be _________________________ in that they search for the simplest explanation of events consistent with their disposition, biases, and world view.”
Cognitive misers
84
Name three sources that state sponsors may use to obtain cyber weaponry
State sponsored agencies,
Multimillion dollar greyware market
individual hackers
85
When people try to attribute some crime/hack/attack/etc. to someone else, the first principle should be what?
Cui bono - ("what agendas are hidden?”)
86
(T / F) In general claims of cyber attribution are testable and repeatable?
F
87
(T / F) Evidence used for cyber attribution have to abide by the rules of evidence
F
88
Which of the following would be considered totally reliable network forensic data:
{IP address, MAC address}
None , both can be spoofed
89
Is it possible that a forensic investigator might have biometric evidence of a cybercrime
conducted by a skilled cyberwarrior? Is it likely?
It is possible, but not likely
90
The Payeck GPS starter interrupt system is used for what purpose?
Financing and used car dealerships can immobilize the car if payments become delinquent
91
The label that the author uses to describe the irrational belief in the security of a computing/network system that was not build around a robust security model.
Faith-based security
92
What vehicle telematics component was exploited by the FBI in operation G-Sting?
OnStar
93
Why did the Ninth Circuit Court rule that the Operation G-Sting convictions were illegal?
Tampering with OnStar violated the OnStar terms of service
94
What type of computer appliances are “never optimal for security-sensitive applications?”
RF (Radio Frequency)
95
What is the name of the tool developed by Samy Kamkar to run replay attacks against keyless entry systems?
OwnStar
96
(T / F) The use of rolling code algorithms defeat replay attacks against keyless entry systems.
T
97
What is Samy Kamkar’s program that offers replay attacks for RF based keyless entry systems
that use rolling codes?
RollJam
98
What information is in principle accessible to Black Box OBD devices?
Accelerometer, Speed, GPS
99
Which is more vulnerable to hacking, a modern mobile phone or an modern automobile’s computer system?
Automobile's computer system
100
What is the definition of 911 swatting given in the article?
“911 swatting,” is a malicious act that involves making fraudulent 911 calls to cause emergency response teams,
101
The article gives 7 examples of 911 swatting. List 3 of them:
Celebrity's swatting
Gamer swatting(targeting)
Hate swatting/ mean-spirted attacks
102
What is the definition of “criminal doxing” given in the article?
the act of maliciously revealing or publishing private and sensitive information about individuals (doxing) with harmful intent, potentially leading to criminal charges.
103
At the time of writing, how was 911 swatting typically prosecuted?
No federal statue, but state can range from misdemeanors to felonies based on incident.
104
In terms of ambiguous federal statutes, 911 swatting is similar to what other crime?
Domestic terrorism: “Hoax bomb threats whether true or false”
105
At what layer of the TCP/IP protocol does the “magic” of VoIP take place according to the article?
application layer of the TCP/IP protocol stack.
106
The article discusses 3 differences between VoIP and most other packet-based applications within the TCP/IP protocol suite. List 2 of them.
1) VoIP is vulnerable to spoofing, involving the manipulation of inauthentic caller IDs.
2) VoIP can be used for toll fraud because it's a revenue-based service.
107
The author mentions some major deficiencies in the Truth in Caller ID Act of 2009. Name one.
it focuses on the intent of the source rather than the activity.
108
What were the two rules introduced by the FCC to enable law enforcement agencies to identify the source of 911 calls that took effect in 2020?
Kari's Law and RAY BAUM'S Act (CHECK- LOOKUP)
109
What federal statutes relate to 911 swatting and doxing?
Kari’s Law and the Repack Airwaves Yielding Better Access (RAY BAUM’S)
110
What is an air gap?
A network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecure networks, such as the internet or an unsecured LAN.
111
What was Operation Olympic Games/Stuxnet?
Cyberattack against Iranian uranium enrichment facility at Natanz
112
What exactly did OOG/Stuxnet do?
Stuxnet caused damage to Iran's nuclear program.
113
How did the OOG/Stuxnet attackers cross the air gap?
By using a Flame platform Autorun exploit through infected USB drives, which were carried to the Natanz facility and inserted into network computers.
114
Topic: Farewell to Air Gaps
What injection strategies were used?
The initial v0.5 injection was accomplished using a Flame platform Autorun exploit through infected USB drives
115
What was the flaw in the Windows Icon Handler within the Windows shell?
Windows shell incorrectly parses of .LNK files.
116
Have air gaps ever been an effective deterrent to protecting LAN-based computers?
No
117
What implications does OOG/Stuxnet have for IoT? For critical infrastructures?
The exploit potential of the Stuxnet family of malware extends to virtually the entire global infrastructure.
Also, critical infrastructures were built around a weak security model; they were built around no security model.
118
What is a zero-day exploit?
An exploitation of a software or hardware vulnerability before a developer has the opportunity to patch the vulnerability.
119
Who is the big player in the gray market in cyber-weapons?
The NSA
120
What is the US Government's System Vulnerabilities Equities Policy and Process document?
It outlines what the government does when it discovers or purchases malware that could affect the privacy and security of its citizens.
121
What is the approximate going rate for a zero-day exploit?
$50,000 to $100,000
122
What is representative money?
A guarantee by the issuer that the money may be used as legal tender in its jurisdiction.
123
What is fractional-reserve banking?
System in which only a fraction of the deposits in a bank is kept on hand, or in reserve; the remainder is lend.
124
What is money laundering?
illegally obtained money, making it appear as if it comes from legitimate sources.
125
Give two examples of a money service business
1. Western Union
2. Check Cashing Services
126
List two types of traditional money exchange
1. Bank Account
2. Money Service Business
## Footnote
```
```
127
List two types of non-traditional money exchange systems used in money laundering
1. Charities
2. Hawala Networks
128
What did the so-called Holder Memorandum outline?
Collateral Consequences Doctrine; noncriminal settlements like deferred prosecution have become the default for banks that are "too big to jail”
129
The article claims that correspondent accounts, bearer shares, tax havens are inherently criminogenic. What does this mean?
It means that these things can lead to crime; they are golden opportunities for future money launderers.
130
Bitcoin, Litecoin, and Peercoin are examples of ____________________________
Cryptocurrencies
131
**__________ According to the IRS, the domestic US “tax gap” in 2013? Was:**
**(a) $100million, (b) $1 billion, (c) $450 billion, (d) $1 trillion ??**
$450 Billion
132
IP/TCP EXAMPLE
4500 0030 df3c 4005 8006 633f d544 d587
e4dd 47a4 0b64 0015 48f3 05b1 0000 0000
7002 2000 50b6 0000 0204 05b4 0101 0402
Fill out the following information:
What is the IP version number?
What is the IP packet header length?
What type-of-service flags are set?
What is the total length of the packet?
What is the ID number?
What IP flags are set?
What is the offset of this fragment?
What is the TTL value?
What is the embedded protocol?
What is the header checksum?
What is the SRC IPaddress?
What is the DST IP address?
What is the SRC port of the embedded header?
What is the DST port of the embedded header?
What is the sequence number?
What is the acknowledgement number?
What is the header length (offset)?
What flags are set?
What is the window size?
What is the checksum?
Is there a value for the urgent pointer?
