BCOR 330: Ch 7
According to the CIA triad, in which of the following examples is an organization ensuring data integrity? More than one answer may be correct.
- A corporation backs up all of its data to a cloud server every night. - An organization has a formal policy for alerting the IT department when employees leave the company.
According to Norton, which of the following steps should be taken to defend against rootkits? More than one answer may be correct.
1. Don't ignore software updates2. Be aware of phishing emails3. Watch out for drive-by downloads
How does conducting an inventory of where its critical data is stored most help a business to minimize the damage from natural disasters? More than one answer may be correct.
1. It helps to ensure geographic data redundancy. 2. It helps with retrieving data immediately after a disaster.
From the following list, select the techniques and tools that are used by both white-hat hackers and illegitimate hackers.
1. rootkits 2. social engineering 3. back door programs
Recently, TechJury compiled a list of cybersecurity statistics that show the impact of different malware and network attacks. What percentage of cyberattacks are aimed at small businesses?
43%
Describe computer viruses. More than one answer may be correct.
A computer virus is software A computer virus can take over an operating system. A computer virus can destroy a computer's programs.
Select three accurate statements that use correct terminology to describe the process denial-of-service (DoS) attacks.
A hacker uses software to infect computers, including laptops, desktops, tablets, and Internet of Things (IoT) devices, turning each computer into a zombie. a DoS attack takes place when a hacker gains unauthorized access to and control of a network of internet-connected computers when an IP address is targeted, each zombie computer simultaneously sends requests to that IP address; this can cause the targeted server to slow or even shut down
Which of the following is an example of data in process? More than one answer may be correct.
A username that has been submitted for authentication credit card information used to pay for an order placed on Amazon A password that has been submitted for authentication
Explain how the trojan "EventBot" works. More than one answer may be correct.
Aimed at Android devices Steals financial information Reads and intercepts SMS messages
Which of the following are examples of spear phishing?
An email is sent to employees at a specific company, instructing them to click on a link. That link deploys malware to their device.
Why do organizations need to determine their highest priority security risk? More than one answer may be correct.
An organization may not have the resources to protect all of its data. The level of protection provided may be determined by the priority level.
magine you are speaking with a friend about how to protect yourself from phishing scams. Your friend, who works in cybersecurity, gives you some advice about what to do if you receive a phishing message. Which of the following statements would be considered good advice?
Banks and credit card companies will never ask you to provide personal information via email messages. If you receive a suspicious message, contact the institution that the message was allegedly sent from Contact US-CERT to report the suspected scam.
Imagine you are speaking with a friend about how to protect yourself from phishing scams. Your friend, who works in cybersecurity, gives you some advice about what to do if you receive a phishing message. Which of the following statements would be considered good advice?
Banks and credit card companies will never ask you to provide personal information via email messages. If you receive a suspicious message, contact the institution that the message was allegedly sent from. Contact US-CERT to report the suspected scam.
The term virus is a useful way to identify this malware for which of the following reasons? More than one answer may be correct.
Both biological and computer viruses have the ability to reproduce themselves. A virus needs a host body or computer system to do its work.
Which of the following statements describe Internet robots, or bots? More than one answer may be correct.
Bots are used for both legitimate and malicious purposes. Malicious bots can compromise a user's control of the computer. "Good bots" have useful functions and do not pose security risks.
Who is protected by California's SB-327 for IoT Security and who is accountable for ensuring the guidelines are met? 4
California's SB-327 for IoT Security helps to protect consumers; the responsibility lies with makers of devices that connect with the Internet.
Which of the following is the clearest definition of a computer virus?
Code-created malware that, when executed, damages programs and performance.
Describe the goals of the National Institute of Standards Technology (NIST) Cybersecurity Framework. More than one answer may be correct.
Create an atmosphere where organizations can effectively discuss cybersecurity risks internally and with those outside of the organization Help organizations develop appropriate policies and procedures to mitigate data breaches Give guidance to organizations who wish to understand potential security breaches
Alyssa says that no one would risk selling operable or effective malware programs, even on the Dark Web. Why is she wrong?
Criminal hackers do make money by selling actual malware.
From the following list, select all of the ways in which cybersecurity helps preserve the integrity of data, information, and systems.
Cybersecurity policies and procedures are designed to protect the consistency, accuracy, and dependability of these assets. Cybersecurity tools such as user-access controls, file permission, and version controls help prevent unauthorized changes Cybersecurity systems are designed to detect unauthorized or unanticipated changes to data that suggest a loss of integrity.
Which type of cybersecurity breach makes a computer, network, or online service malfunction or become unavailable to users?
DDOS attacks
Determine which of the following is an example of data that has integrity.
Data that are used to set sales goals for account executives are stored on a secure server; managers are allowed read-only access to the sales data for the reps they directly manage.
A hacker launches an attack on a network that is designed to interrupt or stop network traffic by flooding it with too many requests. This would be considered a _________ attack.
DoS
Which of these online functions are most susceptible to MitM attacks? More than one answer may be correct.
Financial applications E-commerce
How does a firewall work?
It determines what Internet traffic can leave or enter a network or computer.
How does a Network Address Translation (NAT) type of firewall work?
It hides internal IP addresses.
Which statement accurately describes the need to keep sensitive data, information, and systems confidential?
It is both a major goal and a requirement for cybersecurity.
Why might a government choose to get involved in state-sponsored cyberwarfare? More than one answer may be correct.
It is relatively inexpensive compared to traditional warfare. It is often difficult to trace and identify. It can cause widespread damage to IT infrastructure.
Which statement describes state-sponsored cyberwarfare? More than one answer may be correct.
It originates with foreign governments. It is launched or executed by a foreign government or a paid third-party It can be used to send warnings or to create conflict between countries.
What are keystroke loggers? More than one answer may be correct.
Keystroke loggers can be hardware devices and software applications Keystroke loggers can record passwords and confidential information. Organizations often install keystroke loggers to monitor user behavior.
Adrian and Frank began the online process of applying for a short-term loan for their business. They created an account with a username and password, looked over the privacy statement, reviewed the security policy, and accepted the terms of use. After logging on, however, they became increasingly uncomfortable answering so many detailed questions about income, employment, and more. What specific risk might they have remembered from studying cybersecurity?
Man-in-the-Middle (MITM)
TechJury compiled a list of cybersecurity statistics that show the impact of different malware and network attacks. Which three of the following are correct?
Ninety-one percent of cyberattacks are launched with a phishing email. Thirty-eight percent of malicious attachments are masked as Microsoft Office files. Eighty-five percent of daily email attachments are harmful for their intended recipient.
Which of the following statements describes phishing? More than one answer may be correct.
Phishing scams use emails that appear to be from established organizations. Phishing scams try to con a user into giving up private information.
Which of the following is an example of an event that may occur during the protect stage of the plan-protect-respond cycle? More than one answer may be correct. 2
Provide employees with information regarding the specific types of security threats their organization faces. Make sure resources are protected through routine maintenance. Limit remote access to sensitive data.
Why is data that is located in the RAM of a device considered data in transit?
RAM only holds data and instructions temporarily; nothing is permanently stored in RAM.
Describe how ransomware attacks work. More than one answer may be correct.
Ransomware is malware that makes a computer's data inaccessible until a ransom is paid. Ransomware attacks invade computers via trojan horse programs and worms. One of the most popular methods used in ransomware attacks is phishing.
From the following list, select all the examples of different cybersecurity breaches.
Spyware Impersonation Distributed Denial of Service (DDOS) Viruses
Which of these statements support the assertion that MitMo is a growing security risk? More than one answer may be correct.
The world is flooded with smartphones and other mobile devices. Mobile devices function in many of the same ways that computers do.
What is a characteristic shared by all devices that can be infected by a computer virus?
They are connected to the Internet.
Which statement about white-hat hackers is true? More than one answer may be correct.
They use the same techniques and tools as illegitimate hackers. They use breach and attack simulation technologies to automate their work. Their goal is to find gaps in network security and to test security defenses.
How does spyware potentially harm the individual user?
This malware steals confidential information from the user.
As reported by Andrei Ene, one of the worst malware attacks in the last 10 years is the TBT, or
Tiny Banker Trojan.
From the following list, select all the examples of cybercrimes.
Trojan horse viruses computer hacking digital identity theft
Explain how trojans are designed and used. More than one answer may be correct.
Trojans are commonly used by hackers to gain access to systems and devices. Trojans are designed using some sort of social engineering tactic. Hackers use trojans to create a backdoor that bypasses security.
One of the behavioral science methods organizations are using to deal with the increase in cybersecurity threats and the decrease in effectiveness of traditional security means is known as UEBA (User and Entity Behavior Analytics). Which of the following is true about UEBA? More than one answer may be correct.
UEBA uses statistical analysis, machine learning, and artificial intelligence to create a map of behavior patterns. UEBA creates behavior maps that it uses to report when an anomaly arises.
Which of these statements about packet sniffers are true? More than one answer may be correct.
Unauthorized sniffers are used to steal information. Legitimate sniffers are used for routine examination and problem detection.
What is the goal of the planning phase of the plan-protect-respond cycle?
Understand common threats that an organization may face and determine how vulnerable they are to such threats.
How can packet sniffers, rootkits and denial-of-service (DoS) actions impact MIS systems? More than one answer may be correct.
Used with ill intent, these can cause financial losses, lost productivity, and downtime. System damage can occur if plans for monitoring, detection, and remediation are not in place.
From the following list, select all the steps that the Federal Emergency Management Agency (FEMA) recommends businesses take to help protect their systems, data, and information from natural disasters.
Utilize off-site cloud storage Create a business continuity plan Store data in different areas across the United States (geographic data redundancy)
List characteristics of computer viruses. More than one answer may be correct.
Viruses can destroy programs or alter the operations of a computer or network. A computer virus is software that infects computers and is created using computer code.
What questions are answered by the cybersecurity risk assessment recommended by the National Institute of Standards Technology (NIST)? More than one answer may be correct.
What data breach would have a major impact on our business? What is the impact if our vulnerabilities are exploited?
Software-based keyloggers often infect a system through
a malicious email or link opened by an unsuspecting user
Which of the following would be prohibited under the Electronic Communications Protection Act?
an employee leaking confidential emails they were not authorized to receive
Which of the following names a type of cybersecurity threat? More than one answer may be correct.
an event or act that may lead to asset loss a condition that may lead to asset loss a harmful result or consequence of asset loss
"Cybersecurity threat mitigation" includes all of the policies, procedures, and tools that help organizations
anticipate and counter threats from security vulnerabilities or incidents and reduce their impact.
Social engineering is used to target people whom
are not cautious about giving out confidential or sensitive information.
Which of the following is an example of an activity that would be useful during the planning stage of the plan-protect-respond cycle?
attempting to exploit flaws from the outside, simulating attacks that a hacker would try
Malicious bots are cybersecurity risks because they
can reproduce and link to an outside server.
Spyware's basic function is to
capture the user's account data, passwords, keystrokes, and more.
In addition to planning, analysis, and mitigation, select the remaining two categories of the respond (RS) function of the NIST Cybersecurity Framework from the list below.
communication, improvements to cybersecurity response plans
In the context of California's SB-327 for IoT Security, an "Internet-connected device" ________Blank. More than one answer may be correct.
connects to the Internet has a Bluetooth address has an Internet Protocol (IP) address
What are the core actions of the protect (PR) function?
controlling access to systems and preventing unauthorized access
A ________ deliberately modifies the normal operations of a computer or network through the use of malicious code.
cyberattack
A ________ is committed when a computer is the object of the crime or a computer is used to commit a criminal offense.
cybercrime
A Trojan horse succeeds through
deceptive access
What is the "DE" function in the National Institute of Standards Technology (NIST) Cybersecurity Framework?
detect function
Which of the following is an example of a task that might be completed during the planning stage of the plan-protect-respond cycle? More than one answer may be correct.
determine security weaknesses determine existing vulnerabilities by having an employee attempt to hack into a system figure out where vulnerabilities within your systems currently exist
The purpose of adware is to ________Blank. More than one answer may be correct.
display ads to users based on their browsing behaviors redirect your search requests to advertising websites collect marketing-type data about you
Which of the following is generally not protected by an organization's network firewall?
files stored in a cloud-based system such as Dropbox or Google Drive
How does ransomware invade digital devices? More than one answer may be correct.
in a trojan horse by email with a worm
An email that appears to be from a legitimate company is most likely to be a social engineering cybersecurity attack if
it contains a link to a free offer that seems too good to be true.
Where would you expect to encounter a hardware keystroke logger? More than one answer may be correct.
library computer school computer work computer
A form of spyware that records all actions typed on a keyboard is called a keystroke
logger
Which of the following is a goal of confidentiality as defined by the CIA triad?
making sure the right people have access to secure information
What does the identify (ID) function of the NIST Cybersecurity Framework focus on?
organizational understanding of how to manage cybersecurity risks
What type of firewall would filter messages coming from a specific, predefined IP address to a spam filter?
packet filler
Social engineering hacks are designed to get a victim to divulge which of the following types of information?
passwords account information
What methods are used to launch a ransomware attack? More than one answer may be correct.
phishing trojan horse
From the following list, select all the primary components of cybersecurity threat mitigation.
policies and procedures for threat prevention tools and procedures for threat identification policies, tools, and strategies for threat "curing" or minimization
Which of the National Institute of Standards Technology (NIST) Cybersecurity Framework functions entails an analysis of cybersecurity risk and reduction of potential damage to IT infrastructures? 9
protect (PR) function
One version of this type of malware encrypts a victim's data until a payment is made. Another version threatens to make public a 'victim's personal data unless a payment is made. This type of malware is called
ransomware
Malware that encrypts a computer's data, forcing the victim to purchase a decryption code, is called
ransomware ** payware software piracy cryptoware
Which NIST Cybersecurity Framework function involves correcting an organization's cybersecurity plans due to a cybersecurity event?
recover (RC) function
Rootkits are typically used to allow hackers to do which of the following? More than one answer may be correct.
remotely control the operations of a computer create a backdoor into a computer
What is the "RS" function in the National Institute of Standards Technology (NIST) Cybersecurity Framework?
respond function
Describe the categories of the Recover (RC) function of the NIST Cybersecurity Framework. More than one answer may be correct.
restoration of impaired systems improvements to cybersecurity plans communication with all stakeholders
For which type of cybersecurity vulnerability do organizations maintain and share databases of known problems?
security weaknesses in operating systems or application software
Specialized hardware or software that capture packets transmitted over a network are called packet
sniffers
As of 2020, all legislation that has been passed to protect elections from cybersecurity threats are part of
state-specific cybersecurity laws.
What is the only way to guarantee that computers and networks are safe from cyberattacks?
take them offline
What is the meaning of the term "social engineering" in the area of cybersecurity?
the act of manipulating or tricking people into sharing confidential, personal information
What distinguishes the two main types of cybercrimes?
their frequency (how often they are committed)
What does the General Data Protection Regulation (GDPR) strive to achieve?
to ensure EU companies protect the privacy and personal data of EU citizens
What is the goal of the NIST Cybersecurity Framework Protect (PR) function? 7
to help protect an organization's IT infrastructure from security breaches by offering guidelines on IT infrastructure protection
What is the purpose of social engineering in conjunction with ransomware?
tricks victims into allowing access to data
Which type of cybersecurity breach can cause the most damage to an organization's systems, data, and information? 3
viruses
From the following list, select the common types of malware used today.
viruses worms trojans
The NIST Cybersecurity Framework is a 1
voluntary guide for organizations.
A benign Internet robot that gathers data is called a(n)
web crawler
Ransomware is typically introduced into a network by a ________Blank and to an individual computer by a Trojan horse.
worm
