Final Exam Review

Computer Security: Attacks

Computer Security: Protection

User Data and Privacy

100

How can a computer be attacked?

- Ransomware

- Plug-ins, Add-ons, Extensions

- Social Engineering

100

Describe things that a typical user can do to increase their computer security.

- Use different passwords for different accounts

- Use a good-length password

- Use a mix of upper-case letters, lower-case letters, numbers, and punctuation

- Use a passphrase

- Use a password manager

- Keep your software updated

- Use multi-factor authentication

- Use anti-virus or anti-malware software

- Don’t click on email links you don’t trust

- Watch out for phishing

- Use a script blocker which disables/blocks JavaScript when surfing the web

100

TRUE OR FALSE: Living in the age of the internet affects your privacy

TRUE

200

Why might we want to be cautious about installing Add-Ons, Plug-Ins, or Extensions to our web browser?

If you install an untrustworthy plug-in, add-on, or extension, you could compromise your web security and accidentally grant access to your private information.

200

How do services protect their users from attacks?

- Multi-Factor Authentication

- Asymmetric Encryption

200

TRUE OR FALSE: Most companies provide services that are ENTIRELY free to use with no catches.

FALSE

300

What is Ransomware?

A type of computer attack that encrypts (or locks) your computer’s hard drive and asks for payment to decrypt (or unlock) your information.

300

What is multi-factor authentication?

When you’re logging into a website, in addition to knowing your name and your password, there is an additional requirement.

300

TRUE OR FALSE: Companies are NOT allowed to sell users personal information/data, even with the user's consent

FALSE

400

What is Social Engineering?

A type of computer attack where the attacker targets the weakest link: the human!

400

What is asymmetric encryption?

When someone encrypts a message with a public key, but it can only be decrypted with a private key.

400

What is the famous phrase that privacy advocates point out?

"You're either a Customer or a Product"

500

What are some examples of Social Engineering?

- Calling tech support and pretending to be somebody else to get information to hack into that somebody else’s account

- Phishing! (Cat-fishing but for hacking) Sending out emails/texts pretending to be a company so that the recipients enter their account information/passwords.

500

Give an example of what Asymmetric Encryption (also known as Public Key/Private Key) might be used for.

To send secure emails so only people with the private key can see it.

500

What does the phrase “You’re either a Customer or a Product” refer to?

- If you’re paying to use a company’s service, you’re a customer.
- If you’re using a company’s service for free, that company’s problem selling your information/data, you’re a product.