chap 9

33問 • 1年前

問題一覧

Unauthorized access to sensitive business and customer data.

Data Breaches

Falling victim to phishing attacks can damage a business reputation, customers may lose trust in the organization’s ability to protect their information.

Reputational Damage

System Crashes, Slow Performance or Disabling Critical Services and Application

Operational/Service Disruption

Through the theft of financial information, fraudulent transactions or ransom demands.

Financial Loss

Inaccessible until ransom is paid. If backups are not available or compromised. Business may permanently lose data.

Data Encryption & Loss

“malicious software” designed to disrupt, damage or gain unauthorized access to computer systems or networks.

MALWARE

Primary goal of ___ is to compromise the security and integrity of system, steal sensitive information, enable unauthorized access, can be spread such as infected email attachments, compromised websites, malicious downloads, or removable media.

MALWARE

MALWARE short for “___” designed to disrupt, damage or gain unauthorized access to computer systems or networks.

malicious software

___ rely on user action or human intervention to spread. Propagation: File sharing, email attachments, infected removable media (flash drive), executing infected programs.

VIRUSES

___ encrypts files or locks down computer systems, rendering them inaccessible to users until a ransom is paid.

RANSOMWARE

____ capture and record keystrokes made by a user’s, enabling attackers to obtain sensitive information, password, credit card details and other confidential data.

KEYLOGGERS

____ is a common tactic used by cybercriminals to trick individuals into revealing sensitive information, such as login credentials or financial details.

PHISHING

(email or text messages) - requesting personal information such as account numbers, passwords, PIN or pretext account verification.

BANKING & FINANCIAL SCAMS

(emails or advertisements) - these messages may offer exclusive deals or discounts. Enticing recipients to click on malicious links.

ONLINE SHOPPING SCAMS

(emails sent to job seekers) – offering lucrative job opportunities with well-known companies or abroad. Requesting passport details, bank account for employment verification.

JOB OFFER SCAMS

(target users of popular social media platforms) - victims receive messages that appear from the official support team, claiming account security issues or unauthorized access.

SOCIAL MEDIA ACCOUNT COMPROMISES

(emails or messages) - impersonating government agencies in the Philippines are sent to individuals claiming urgent notifications, tax, refunds or penalties

GOVERNMENT AGENCY SCAMS

____ refers to risks posed by individuals within an organization who have authorized access to sensitive data and misuse it intentionally or inadvertently. This can include employees, contractors, or partners with access to critical systems or information.

INSIDER THREAT

intentionally exploit their access privileges to carry out harmful activities. Include theft, unauthorized disclosure of sensitive data, sabotage of system.

MALICIOUS INSIDERS

unknowingly or carelessly compromise security through their actions or lack of adherence to policies and procedures.

NEGLIGENT INSIDERS

access credentials have been compromised, either through external hacking or insider collusion.

COMPROMISED INSIDERS

___ intentionally steal confidential information such as customer records, intellectual property, with the intention of selling or using it for personal gain or to benefit a competitor

DATA THEFT

misuse their privilege access rights to gain unauthorized access to systems, database or accounts, potentially for malicious purpose.

UNAUTHORIZED SYSTEM ACCESS

This can be motivated by revenge, dissatisfaction by revenge, dissatisfaction or as an act of protest.

SABOTAGE

intentionally or unintentionally shares sensitive or confidential information with unauthorized individuals or the public such as social media, personal email accounts or communication channels.

UNAUTHORIZED DISCLOSURE

accidentally sending confidential information to the wrong recipients, leaving sensitive documents unattended.

NEGLIGENT DATA HANDLING

leverages human psychology to manipulate individuals into divulging sensitive information or performing actions that compromise security. It often involves impersonation, manipulation, or exploiting trust to gain unauthorized access.

SOCIAL ENGINEERING

attackers make phone calls pretending to be from a trusted organization or authority.

PHONE SCAMS

create fraudulent websites that resemble legitimate ones.

FAKE WEBSITES

attackers pose as technical support, contact individuals claiming that their device is infected or experiencing issues.

KEYLOGGERS

impersonate someone else to gain trust and deceive individuals.

IMPERSONATION ATTACKS

leave physical or digital in public spaces like flash drive, CD or download links.

BAITING

exploit people’s goodwill by creating fake charity organization.

CHARITY SCAMS

exam

Lydster Joy Baquero Alonzo · 24問 · 1年前

exam