ICT Security 1.

Discuss Security Issues: Threats to Computers and Communication Systems –

GROUP 7

1. In the internet network, there is a security gap that is always targeted by people who are not
responsible. TRUE
2. There is only one digital infection which is a threat to computer users. FALSE
3. Spam refers to the email that directs the recipient to click on a link for a website that turns
out to be malicious. FALSE
4. One of the things to do to avoid spam is to keep software and security out of date. FALSE
5. Spyware is said to be the program that is difficult to be discarded even though the
computer is already doing the recovery process. TRUE
6. It refers to the messages that are sent to somebody that contains unrelated information
during internet activity. B. SPAM
7. This happens when the email directs the recipient to click on a link for a website that
turns out to be malicious. A. PHISHING
8. It delivers email that could contain trojan horses, viruses, worms, spyware, and targeted
attacks aimed at obtaining sensitive, personal identification information. B. SPAM
9. It is said to be the program that is difficult to be discarded even though the computer is
already doing the recovery process. A. SPYWARE
10. This program secretly records any computer network activity that can steal PIN,
password, bank account and others. B. SPYWARE
11. It has the potential to become malicious and harm your device by slowing it down,
hijacking your browser and installing viruses and/or spyware. A. ADWARE
12. An infective agent that typically consists of nucleic acid molecules in a protein coat, is
too small to be seen by light microscopy, and is able to multiply only within the living
cells of a host. B. VIRUS
13. It is a sort of malware that conceals its true content in order to trick a user into believing
it is a harmless program. A. VIRUS
14. This is typically bundled and deployed within legal software and is designed to spy on
victims or steal data. B. TROJAN
15. It is a type of malware that copies itself in order to propagate to other systems and does
not require the activation of their host life. A. WORM

III. Enumeration
1-5. Enumerate the types of viruses.
FILE VIRUS, BOOT SECTOR VIRUS, MACRO VIRUS, EMAIL VIRUS, POLYMORPHIC
VIRUS
DISTINGUISH SAFEGUARDS; PROTECTING COMPUTER AND COMMUNICATIONS –
GROUP 8
1. “Eavesdropping” occurs when unauthorized individuals inadvertently or through the use of
deceptive techniques gain access to health information. B. FALSE
2. “Interception” occurs when unauthorized individuals inadvertently or through the use of
deceptive techniques such as remote monitoring of conventional telephone or cellular phone
conversations, voice mail or text messaging, gain access to personal health information. B.
FALSE
3. “Diversion” occurs when the direction of the flow of personal health information is changed
inadvertently or through the use of deceptive techniques so that an unauthorized recipient can
gain access to it. A. TRUE
4. It is also important to maintain our computer security and its overall health by preventing
viruses and malware which would impact on the system performance. A. TRUE
5. Use the internet with caution and ignore pop-ups, drive-by downloads while surfing. A.
TRUE
6. All systems hardware and software must be secured from inappropriate access, accident,
misappropriation, viruses and systems failure. A. TRUE
7. “All methods of communication” includes verbal communication, transmission of written
documentation, telephone, cellular phone, fax, e-mail, video and audio communication or any
other form of electronic communication. A. TRUE
8. All methods of communication of personal health information must not be secured from
unauthorized access, including eavesdropping, interception and diversion. B. FALSE
9. Cyber Security is an act performed by a knowledgeable computer user, sometimes called a
"hacker," that illegally browses or steals a company's or an individual's private information.
B. FALSE
10. Sometimes, safeguards may be malicious and destroy or otherwise corrupt the computer or
data files. B. FALSE
11. Protective measures and controls prescribed to meet the security requirements specified for an
information system. B. SECURITY SAFEGUARDS
12. It is the protection of computer systems and information from harm, theft, and unauthorized
use. A. COMPUTER SECURITY
13. Alternatively known as cybercrime, e-crime, electronic crime, or hi-tech crime. C.
COMPUTER CRIMES
14. Is put into place before an event occurs, to prevent the potential for a breach or other incident.
Regular risk assessments and compliance monitoring can help you to identify risks and
prevent breaches. B. PREVENTIVE
15. These are controls that help you identify a suspected breach. They also help you determine
the scope of the breach. Monitoring compliance with privacy policies and auditing the access
to and use of information systems can help you to detect potential breaches. A. DETECTIVE
16. These are additional safeguards that you put into place after a breach has been discovered to
limit the potential harm, to recover PI that has been breached, and prevent this type of breach
from happening again. C. CORRECTIVE
17. Are operational procedures and mechanisms, implemented primarily by staff or owners of an
organization to ensure proper handling of PI, as opposed to through the use of automated
systems or physical measures. C. ADMINISTRATIVE
18. Use physical restrictions to limit access to PI by unauthorized individuals. It also include
using appropriate methods to destroy personal information, such as cross-shredders for paper
records. And, in the event of an emergency, mechanisms such as fire extinguishers and
sprinkler systems are physical controls that can be used to protect PI. A. PHYSICAL
19. Are for protecting PI held in computer systems. Much of the PI businesses collect nowadays
is electronic information, so having adequate technological security is really important. B.
TECHNOLOGICAL
20. It may include security features, management constraints, personnel security, and security of
physical structures, areas, and devices. D. SAFEGUARDS
EXPLAIN PRIVACY SURVEILLANCE: DATA COLLECTORS AND SPIES – GROUP 9

1. It provides information about a certain item. B. METADATA

2. Is the close monitoring of a person’s behaviour or activities to gather information about them.
C. PRIVACY SURVEILLANCE

3. This type of covert surveillance uses eavesdropping devices planted in private properties of
the target person like in houses or in private vehicles. A. INTRUSIVE SURVEILLANCE

4. This type of covert surveillance involves the physical observation or monitoring either on
foot, vehicle or on a fixed post, of the subject’s movements, conversation and other activities. 
D. DIRECTED SURVEILLANCE

5. It involves surveillance monitoring equipment that is intentionally placed so it is highly

visible and fitted in plain view to deter criminal activity and provide a sense of security and
give people or businesses a peace of mind. B. OVERT SURVEILLANCE

6. In 2010, Google claimed that their company was attacked by a series of cyber threats
originated from China. These series of cyber threats also affected 20 other international
companies like Adobe Systems and Yahoo. A. OPERATION AURORA

7. In 1997 Steven Louis Davis an engineer for the development of Gillette’s new razor system,
has stole the design and revealed it to their competitors via Email and Fax. E. GILLETTE
INDUSTRIAL ESPIONAGE

8. McAfee reported in 2011 about the operation initiated by Chinese hackers, called as the Night
Dragon. It targeted the largest energy businesses in America and Europe, which includes
Royal Dutch Shell and the Baker Hughes. B. NIGHT DRAGON

9. It is a malware that was spread through e-mail with a link to a self-reloading Remote Access
Tool (RAT), giving the cyber terrorist an uninterrupted access to legal contracts, government
secrets and other sensitive contracts. D. OPERATION SHADY RAT

10. US Federal Bureau of Investigation, reported the infestation of the computers used by the
Former US President Obama and US Former Senator McCain by a spyware that allegedly
belongs to Chinese or Russian hackers. C. SPYWARE ON OBAMA AND MCCAIN

11. These are the electronic transmission that can be collected by ships, planes, ground sites, or
satellites. B. SIGNALS INTELLIGENCE (SIGINT)

12. It is also known as the Photo Intelligence (PHOTINT), it is a type of intelligence that gathers
visual information of the surroundings. C. IMAGERY INTELLIGENCE
(IMINT)

13. It collects data about weapons capabilities and industrial activities. D.

MEASUREMENT AND SIGNATURE INTELLIGENCE (MASINT)
14. It is the collection of information from human sources, such as conducting an interview or it
may be done through clandestine or covert surveillance. A. HUMAN INTELLIGENCE
(HUMINT)

15. It is the use of the a broad array of information that are widely available like information
obtained from media, professional or academic record, and public data. E. OPEN SOURCE
INTELLIGENCE (OSINT)

16. Visible Cameras B. COVERT SURVEILLANCE 

17. The subjects is unaware of the surveillance B. COVERT SURVEILLANCE
18. Plain-Clothed security officers who pretends to be a normal citizen. A. OVERT
SURVEILLANCE 
19. Nanny Cams or Camouflaged Cameras A. OVERT SURVEILLANCE 
20. Detectives are on stakeout. B. COVERT SURVEILLANCE 

Cybercrime Quiz – Group 10

1. This refers to any crime that involves a computer and network, where the computers may or
may not have played an instrumental part in the commission of the crime. Cybercrime

2. It is a crime involving an attack or threat of an attack coupled with a demand for money to
stop the attack. Cyberextortion 

3. It is an attack that occurs when hackers infiltrate retailers’ systems to get the credit card
and/or banking information of their customers. Credit card fraud

4. It is a technique used in spam and phishing attacks to trick users into thinking that a message
came from a person or entity they either know or can trust. E-mail Spoofing

5. It is an act of identifying and then exploiting weaknesses in a computer system or network,

usually to gain unauthorized access to personal or organizational data. Hacking

6. It is an attack that involves the unlawful copying, distribution and use of software programs
with the intention of commercial or personal use. Software Piracy

7. It is an attack that uses scripts to mine cryptocurrencies within browsers without the user’s
consent. Cryptojacking

8. It is also known as internet defamation or online defamation, is an act of slandering an

individual’s identity or entity through a new medium via Internet. Cyber Defamation
9. It is an attack that occurs when an individual accesses a computer to glean a user’s
information, which they then use to steal that person’s identity or access their valuable
accounts, such as banking and credit cards. Identity Theft

10. It is a crime involving a cybercriminal who hacks into systems or networks to gain access to
confidential information held by a government or other organization.  Cyberespionage 

11. Includes substantive rules, procedural rules and focuses on the preemption, prevention and
prosecution of cybercrimes.  Cybercrime Prevention Act of 2012 - Republic Act No. 10175
12. An act providing for the recognition and use of electronic commercial and non-commercial
transactions, and documents, penalties for unlawful use thereof and for other purposes. 
Electronic Commerce Act of 2000 - Republic Act No. 8792

13. It is the written or broadcast form of defamation, distinguished from slander, which is oral
defamation. Libel

14. Use of technology that is unauthorized, which threatens, humiliates, harasses, or intimidates
school-related individuals, disrupts the educational process, and/or violates local, state, or
federal law. Misuse of Devices

15. It is the practice of registering, trafficking in, or using an internet domain name, with a bad
faith intent to profit from the goodwill of a trademark belonging to someone else. Cyber-
squatting

16. Describe Computer Exploitation in one word Hack, Attack, (Answers may vary)

17. What is the acronym of SQL in SQL injection. Structured Query Language

18. It is an attack that forces an end user to execute unwanted actions on a web application in
which they’re currently authenticated. Cross-Site Request Forgery

19. It is a type of injection, in which malicious scripts are injected into otherwise benign and
trusted websites. Cross-Site Scripting

20. Give at least 2 notorious hackers that got involved in Computer Exploitation. Kevin Mitnick,
Adrian Lamo, Albert Gonzalez

TEN COMMANDMENTS OF COMPUTER ETHICS – GROUP 11

1. Mails from trusted sources advertising certain products or spreading some hard-to-believe
information are not uncommon. FALSE
2. In case of a developer writing software for the organization she works for, the organization
holds copyright for it. TRUE
 3. False news or rumors cannot spread speedily through social networking sites or emails.
FALSE
4. Commandment 07 states that, "Thou shalt not use a computer to steal". FALSE
5. Unlike any other artistic or literary work, software is not copyrighted. FALSE
6. Commandment 10 states that, " Thou shalt always use a computer in ways that ensure
consideration and respect for other humans." TRUE
7. It is not really important to think about the social impact of a certain program before
developing a software. FALSE
8. Looking at the social consequences that a program can have, describes a broader perspective
of looking at technology. TRUE
9. Commandment 08 states that, "Thou shalt appropriate other people's intellectual output"
FALSE
10. Stealing sensitive information or leaking confidential information is as good as robbery.
TRUE
11. "Thou shalt not snoop around in other people's computer files."
C. COMMANDMENT 03
12. Commandment 05 states that: A. THOU SHALT NOT USE A COMPUTER TO BEAR
FALSE WITNESS.
13. "Thou shalt always use a computer in ways that ensure consideration and respect for other
humans." B. COMMANDMENT 10
14. "Thou shalt not appropriate other people's intellectual output."
A. COMMANDMENT 08
15. "Thou shalt not use a ___ to steal." A. COMPUTER
16. Commandment 03 states that: B. THOU SHALT NOT SNOOP AROUND IN OTHER
PEOPLE'S COMPUTER FILES.
17. "Thou shalt not appropriate other people's intellectual ___." C. OUTPUT
18. "Thou shalt think about the social consequences of the program you are writing or the system
you are designing." B. COMMANDMENT 09
19. Establishing ownership on a work which is not yours is ethically ___.
B. WRONG
20. Do not use someone else's computer resources unless ___ to.
B. AUTHORIZED
APPLICABLE PHILIPPINE LAWS THAT PENALIZE CYBERCRIME- GROUP 12

1. Illegal Access is sometimes called, “hacking”, “cracking”, or “computer trespass.” TRUE

2. There are sixteen (16) types of cybercrime covered under the Cybercrime Prevention Act of 2012
TRUE
3. Computer-related forgery refers to the acquisition of a domain name in bad faith on the internet to
profit, deceive, harm reputation, and prevent others from registering it. FALSE
4. Republic Act No. 10175 is also known as "Cybercrime Prevention Act of 2012" TRUE
5. Cybercrime is also called computer crime. TRUE
6. “Man-in-the-Middle” attack is an example of Illegal Interception. TRUE
7. Libel is defined as defamation of character by writings or other means. TRUE
8. In the Philippines, Filipinos are encouraged to commit illegal access. FALSE
9. Child Pornography is considered to be any depiction of a minor or an individual who appears to
be a minor who is engaged in sexual or sexually related conduct? TRUE
10. Cybersex is defined as the willful engagement, maintenance, control, or operation, directly or
indirectly, of any lascivious exhibition of sexual organs or sexual activity, with the aid of a
computer system, for favor or consideration. TRUE
11. a.k.a Domain Squatting. CYBERSQUATTING
12. The email sender pretends to be from a legitimate organization or agency in an attempt to get
users to trust the content and follow the instructions of the email is an example of what crime?
COMPUTER RELATED FORGERY
13. Republic Act No. is also known as "Cybercrime Prevention Act of 2012" 10175
14. The President who signed the "Cybercrime Prevention Act of 2012.”
PRES. BENIGNO SIMEON C. AQUINO III
15. Under the 16 types of cybercrime, what is considered to be any depiction of a minor or an
individual who appears to be a minor who is engaged in sexual or sexually related conduct?
CHILD PORNOGRAPHY
16. – 20. ENUMERATION (Any of these)
1. Illegal Access
2. Illegal Interception
3. Data Interference
4. System Interference
5. Misuse of Devices
6. Cyber squatting
7. Computer-related Forgery
8. Computer-related Fraud
9. Computer-related Identity Theft
10. Cybersex
11. Child Pornography
12. Unsolicited Commercial Communications
13. Libel
14. Aiding or abetting in the Commission of Cybercrime
15. Attempt in the Commission of Cybercrime
16. Corporate Liability