Professional Documents
Culture Documents
1. In the internet network, there is a security gap that is always targeted by people who are not
responsible. TRUE
2. There is only one digital infection which is a threat to computer users. FALSE
3. Spam refers to the email that directs the recipient to click on a link for a website that turns
out to be malicious. FALSE
4. One of the things to do to avoid spam is to keep software and security out of date. FALSE
5. Spyware is said to be the program that is difficult to be discarded even though the
computer is already doing the recovery process. TRUE
6. It refers to the messages that are sent to somebody that contains unrelated information
during internet activity. B. SPAM
7. This happens when the email directs the recipient to click on a link for a website that
turns out to be malicious. A. PHISHING
8. It delivers email that could contain trojan horses, viruses, worms, spyware, and targeted
attacks aimed at obtaining sensitive, personal identification information. B. SPAM
9. It is said to be the program that is difficult to be discarded even though the computer is
already doing the recovery process. A. SPYWARE
10. This program secretly records any computer network activity that can steal PIN,
password, bank account and others. B. SPYWARE
11. It has the potential to become malicious and harm your device by slowing it down,
hijacking your browser and installing viruses and/or spyware. A. ADWARE
12. An infective agent that typically consists of nucleic acid molecules in a protein coat, is
too small to be seen by light microscopy, and is able to multiply only within the living
cells of a host. B. VIRUS
13. It is a sort of malware that conceals its true content in order to trick a user into believing
it is a harmless program. A. VIRUS
14. This is typically bundled and deployed within legal software and is designed to spy on
victims or steal data. B. TROJAN
15. It is a type of malware that copies itself in order to propagate to other systems and does
not require the activation of their host life. A. WORM
III. Enumeration
1-5. Enumerate the types of viruses.
FILE VIRUS, BOOT SECTOR VIRUS, MACRO VIRUS, EMAIL VIRUS, POLYMORPHIC
VIRUS
DISTINGUISH SAFEGUARDS; PROTECTING COMPUTER AND COMMUNICATIONS –
GROUP 8
1. “Eavesdropping” occurs when unauthorized individuals inadvertently or through the use of
deceptive techniques gain access to health information. B. FALSE
2. “Interception” occurs when unauthorized individuals inadvertently or through the use of
deceptive techniques such as remote monitoring of conventional telephone or cellular phone
conversations, voice mail or text messaging, gain access to personal health information. B.
FALSE
3. “Diversion” occurs when the direction of the flow of personal health information is changed
inadvertently or through the use of deceptive techniques so that an unauthorized recipient can
gain access to it. A. TRUE
4. It is also important to maintain our computer security and its overall health by preventing
viruses and malware which would impact on the system performance. A. TRUE
5. Use the internet with caution and ignore pop-ups, drive-by downloads while surfing. A.
TRUE
6. All systems hardware and software must be secured from inappropriate access, accident,
misappropriation, viruses and systems failure. A. TRUE
7. “All methods of communication” includes verbal communication, transmission of written
documentation, telephone, cellular phone, fax, e-mail, video and audio communication or any
other form of electronic communication. A. TRUE
8. All methods of communication of personal health information must not be secured from
unauthorized access, including eavesdropping, interception and diversion. B. FALSE
9. Cyber Security is an act performed by a knowledgeable computer user, sometimes called a
"hacker," that illegally browses or steals a company's or an individual's private information.
B. FALSE
10. Sometimes, safeguards may be malicious and destroy or otherwise corrupt the computer or
data files. B. FALSE
11. Protective measures and controls prescribed to meet the security requirements specified for an
information system. B. SECURITY SAFEGUARDS
12. It is the protection of computer systems and information from harm, theft, and unauthorized
use. A. COMPUTER SECURITY
13. Alternatively known as cybercrime, e-crime, electronic crime, or hi-tech crime. C.
COMPUTER CRIMES
14. Is put into place before an event occurs, to prevent the potential for a breach or other incident.
Regular risk assessments and compliance monitoring can help you to identify risks and
prevent breaches. B. PREVENTIVE
15. These are controls that help you identify a suspected breach. They also help you determine
the scope of the breach. Monitoring compliance with privacy policies and auditing the access
to and use of information systems can help you to detect potential breaches. A. DETECTIVE
16. These are additional safeguards that you put into place after a breach has been discovered to
limit the potential harm, to recover PI that has been breached, and prevent this type of breach
from happening again. C. CORRECTIVE
17. Are operational procedures and mechanisms, implemented primarily by staff or owners of an
organization to ensure proper handling of PI, as opposed to through the use of automated
systems or physical measures. C. ADMINISTRATIVE
18. Use physical restrictions to limit access to PI by unauthorized individuals. It also include
using appropriate methods to destroy personal information, such as cross-shredders for paper
records. And, in the event of an emergency, mechanisms such as fire extinguishers and
sprinkler systems are physical controls that can be used to protect PI. A. PHYSICAL
19. Are for protecting PI held in computer systems. Much of the PI businesses collect nowadays
is electronic information, so having adequate technological security is really important. B.
TECHNOLOGICAL
20. It may include security features, management constraints, personnel security, and security of
physical structures, areas, and devices. D. SAFEGUARDS
EXPLAIN PRIVACY SURVEILLANCE: DATA COLLECTORS AND SPIES – GROUP 9
2. Is the close monitoring of a person’s behaviour or activities to gather information about them.
C. PRIVACY SURVEILLANCE
3. This type of covert surveillance uses eavesdropping devices planted in private properties of
the target person like in houses or in private vehicles. A. INTRUSIVE SURVEILLANCE
4. This type of covert surveillance involves the physical observation or monitoring either on
foot, vehicle or on a fixed post, of the subject’s movements, conversation and other activities.
D. DIRECTED SURVEILLANCE
6. In 2010, Google claimed that their company was attacked by a series of cyber threats
originated from China. These series of cyber threats also affected 20 other international
companies like Adobe Systems and Yahoo. A. OPERATION AURORA
7. In 1997 Steven Louis Davis an engineer for the development of Gillette’s new razor system,
has stole the design and revealed it to their competitors via Email and Fax. E. GILLETTE
INDUSTRIAL ESPIONAGE
8. McAfee reported in 2011 about the operation initiated by Chinese hackers, called as the Night
Dragon. It targeted the largest energy businesses in America and Europe, which includes
Royal Dutch Shell and the Baker Hughes. B. NIGHT DRAGON
9. It is a malware that was spread through e-mail with a link to a self-reloading Remote Access
Tool (RAT), giving the cyber terrorist an uninterrupted access to legal contracts, government
secrets and other sensitive contracts. D. OPERATION SHADY RAT
10. US Federal Bureau of Investigation, reported the infestation of the computers used by the
Former US President Obama and US Former Senator McCain by a spyware that allegedly
belongs to Chinese or Russian hackers. C. SPYWARE ON OBAMA AND MCCAIN
11. These are the electronic transmission that can be collected by ships, planes, ground sites, or
satellites. B. SIGNALS INTELLIGENCE (SIGINT)
12. It is also known as the Photo Intelligence (PHOTINT), it is a type of intelligence that gathers
visual information of the surroundings. C. IMAGERY INTELLIGENCE
(IMINT)
15. It is the use of the a broad array of information that are widely available like information
obtained from media, professional or academic record, and public data. E. OPEN SOURCE
INTELLIGENCE (OSINT)
2. It is a crime involving an attack or threat of an attack coupled with a demand for money to
stop the attack. Cyberextortion
3. It is an attack that occurs when hackers infiltrate retailers’ systems to get the credit card
and/or banking information of their customers. Credit card fraud
4. It is a technique used in spam and phishing attacks to trick users into thinking that a message
came from a person or entity they either know or can trust. E-mail Spoofing
6. It is an attack that involves the unlawful copying, distribution and use of software programs
with the intention of commercial or personal use. Software Piracy
7. It is an attack that uses scripts to mine cryptocurrencies within browsers without the user’s
consent. Cryptojacking
10. It is a crime involving a cybercriminal who hacks into systems or networks to gain access to
confidential information held by a government or other organization. Cyberespionage
11. Includes substantive rules, procedural rules and focuses on the preemption, prevention and
prosecution of cybercrimes. Cybercrime Prevention Act of 2012 - Republic Act No. 10175
12. An act providing for the recognition and use of electronic commercial and non-commercial
transactions, and documents, penalties for unlawful use thereof and for other purposes.
Electronic Commerce Act of 2000 - Republic Act No. 8792
13. It is the written or broadcast form of defamation, distinguished from slander, which is oral
defamation. Libel
14. Use of technology that is unauthorized, which threatens, humiliates, harasses, or intimidates
school-related individuals, disrupts the educational process, and/or violates local, state, or
federal law. Misuse of Devices
15. It is the practice of registering, trafficking in, or using an internet domain name, with a bad
faith intent to profit from the goodwill of a trademark belonging to someone else. Cyber-
squatting
16. Describe Computer Exploitation in one word Hack, Attack, (Answers may vary)
17. What is the acronym of SQL in SQL injection. Structured Query Language
18. It is an attack that forces an end user to execute unwanted actions on a web application in
which they’re currently authenticated. Cross-Site Request Forgery
19. It is a type of injection, in which malicious scripts are injected into otherwise benign and
trusted websites. Cross-Site Scripting
20. Give at least 2 notorious hackers that got involved in Computer Exploitation. Kevin Mitnick,
Adrian Lamo, Albert Gonzalez