UARK ISYS 2103 - Exam 2 Questions and
answers 2025
Computer .Fraud
unauthorized .use .of .computer .data .for .personal .gain .such .as .transferring
.money .from .another's .account .or .charging .purchases .to .someone .else's
.account
Spyware
software .that .secretly .gathers .information .about .users .while .they .browse .the
.Web
Adware
form .of .spyware .that .collects .information .about .the .user .to .display
.advertisements .in .the .Web .browser
Phishing
sending .fraudulent .e-mails .that .seem .to .come .from .legitimate .sources
-spear .phishing .= .targeted .phishing
Pharming
trick .users .to .visit .fraudulent .web .sites .and .provide .private .information
-real .web .sites .can .be .hijacked
Keystroke .Loggers
-monitor .and .record .keystrokes
-can .be .software .or .hardware .devices .sometimes .used .by .companies .to .track
.employees' .use .of .e-mail .and .the .Internet
-can .be .used .for .malicious .purposes
Sniffing
capturing .and .recording .network .traffic .often .used .by .hackers .to .intercept
.information
Spoofing
attempt .to .gain .access .to .a .network .by .posing .as .an .authorized .user .to .find
.sensitive .information
Ransomware
stealing .data .and .demand .money .for .return
or .encrypt .data .and .demand .money .for .key
, Why .is .security .critical .for .any .organization?
(especially .in .recent .years) .with .hackers .becoming .more .numerous .and .adept
.at .stealing .and .altering .private .information
Script .Kiddies
inexperienced .hackers .who .use .tools .that .others .have .developed
Black .Hats
specialized .hackers, .for .profit, .fun, .political .causes, .social .causes;
.modify/destroy .data
White .Hats
aka ."Ethical .Hackers", .pentetration .testers
What .kind .of .tools .do .hackers .use .to .break .into .computers .and .networks?
-Sniffers, .password .crackers, .and .rootkits
-Journals .Phrack .and .2600: .The .Hacker .Quarterly
-dark .web .- .untraceable .web .within .the .web; .easy .to .hide .illegal .activity
Comprehensive .Security .System
Protects .an .organization's .resources .(information .and .computer .and .network
.equipment, .e-mails, .invoices .transferred .via .electronic .data .interchange .(EDI),
.new .product .designs, .marketing .campaigns, .and .financial .statements, .etc.)
Security .(CIA)
-confidentiality
-integrity
-availability
Confidentiality
system .must .not .allow .disclosing .information .to .anyone .who .isn't .authorized .to
.access .it
Integrity
ensures .the .accuracy .of .information .resources .in .an .organization
Availability
ensures .that .computers .and .networks .are .operating .and .authorized .users .can
.access .the .information .they .need
3 .Levels .of .Security
-Level .1 .- .front .end .servers
-Level .2 .- .back .end .servers
-Level .3 .- .corporate .network
Fault-Tolerant .System
ensure .availability .in .the .event .of .a .system .failure .by .using .a .combination .of
.hardware .and .software
What .are .some .technologies .used .in .fault-tolerant .systems?
UPS, .RAID, .Mirrored .(Raid-1) .disks
Intentional .Threats
viruses, .worms, .trojan .programs, .logic .bombs, .backdoors, .blended .threats,
.rootkits, .denial-of-service .(DoS) .attacks, .social .engineering
Viruses
consists .of .self-propagating .program .code .that's .triggered .by .a .specified .time
.or .event
(attached .to .real .computer .files)
answers 2025
Computer .Fraud
unauthorized .use .of .computer .data .for .personal .gain .such .as .transferring
.money .from .another's .account .or .charging .purchases .to .someone .else's
.account
Spyware
software .that .secretly .gathers .information .about .users .while .they .browse .the
.Web
Adware
form .of .spyware .that .collects .information .about .the .user .to .display
.advertisements .in .the .Web .browser
Phishing
sending .fraudulent .e-mails .that .seem .to .come .from .legitimate .sources
-spear .phishing .= .targeted .phishing
Pharming
trick .users .to .visit .fraudulent .web .sites .and .provide .private .information
-real .web .sites .can .be .hijacked
Keystroke .Loggers
-monitor .and .record .keystrokes
-can .be .software .or .hardware .devices .sometimes .used .by .companies .to .track
.employees' .use .of .e-mail .and .the .Internet
-can .be .used .for .malicious .purposes
Sniffing
capturing .and .recording .network .traffic .often .used .by .hackers .to .intercept
.information
Spoofing
attempt .to .gain .access .to .a .network .by .posing .as .an .authorized .user .to .find
.sensitive .information
Ransomware
stealing .data .and .demand .money .for .return
or .encrypt .data .and .demand .money .for .key
, Why .is .security .critical .for .any .organization?
(especially .in .recent .years) .with .hackers .becoming .more .numerous .and .adept
.at .stealing .and .altering .private .information
Script .Kiddies
inexperienced .hackers .who .use .tools .that .others .have .developed
Black .Hats
specialized .hackers, .for .profit, .fun, .political .causes, .social .causes;
.modify/destroy .data
White .Hats
aka ."Ethical .Hackers", .pentetration .testers
What .kind .of .tools .do .hackers .use .to .break .into .computers .and .networks?
-Sniffers, .password .crackers, .and .rootkits
-Journals .Phrack .and .2600: .The .Hacker .Quarterly
-dark .web .- .untraceable .web .within .the .web; .easy .to .hide .illegal .activity
Comprehensive .Security .System
Protects .an .organization's .resources .(information .and .computer .and .network
.equipment, .e-mails, .invoices .transferred .via .electronic .data .interchange .(EDI),
.new .product .designs, .marketing .campaigns, .and .financial .statements, .etc.)
Security .(CIA)
-confidentiality
-integrity
-availability
Confidentiality
system .must .not .allow .disclosing .information .to .anyone .who .isn't .authorized .to
.access .it
Integrity
ensures .the .accuracy .of .information .resources .in .an .organization
Availability
ensures .that .computers .and .networks .are .operating .and .authorized .users .can
.access .the .information .they .need
3 .Levels .of .Security
-Level .1 .- .front .end .servers
-Level .2 .- .back .end .servers
-Level .3 .- .corporate .network
Fault-Tolerant .System
ensure .availability .in .the .event .of .a .system .failure .by .using .a .combination .of
.hardware .and .software
What .are .some .technologies .used .in .fault-tolerant .systems?
UPS, .RAID, .Mirrored .(Raid-1) .disks
Intentional .Threats
viruses, .worms, .trojan .programs, .logic .bombs, .backdoors, .blended .threats,
.rootkits, .denial-of-service .(DoS) .attacks, .social .engineering
Viruses
consists .of .self-propagating .program .code .that's .triggered .by .a .specified .time
.or .event
(attached .to .real .computer .files)
