CS 249 - Test 1
What language below is used to view and manipulate data that is stored in a relational database?
SQL
Spam filtering software that analyzes every word in an email and determines how frequently a word occurs in order to determine if it is spam.
Bayesian filtering
A logical computer network of zombies under the control of an attacker.
Botnet
An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer
Buffer overflow attack
The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?
C:\Inetpub\ wwwroot
What type of video surveillance is typically used by banks, casinos, airports, and military installations, and commonly employs guards who actively monitor the surveillance?
CCTV
Injecting and executing commands to execute on a server
Command injection
Malicious computer code that, like its biological counterpart, reproduces itself on the same computer.
Computer virus
Most DLP systems make use of what method of security analysis below?
Content inspection
An attack that uses the user's web browser settings to impersonate the user
Cross-site request forgery
An attack that injects scripts into a web application server to direct attacks at clients.
Cross-site scripting
When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:
DNS
XSS attacks occur when an attacker takes advantage of web applications that accept user input without validating it and then present it back to the user.
True
How can an area be made secure from a non-secured area via two interlocking doors to a small room?
Using a mantrap
The two types of malware that require user intervention to spread are:
Viruses and trojans
A phishing attack that uses telephone calls instead of e-mails.
Vishing
What type of attack is targeted against a smaller group of specific individuals, such as the major executives working for a manufacturing company?
Watering hole
What is the name for a standard or checklist against which systems can be evaluated and audited for their level of security (security posture)?
baseline
Most portable devices, and some computer monitors, have a special steel bracket security slot built into the case, which can be used in conjunction with a:
cable lock
An attack that corrupts the ARP cache
ARP Poisoning
A paper or electronic record of individuals who have permission to enter a secure area, the time that they entered, and the time they left the area
Access list
Subtypes of security controls, classified as deterrent, preventive, detective, compensation, or corrective.
Activity phase controls
Part of the TCP/IP protocol for determining the MAC address based on the IP address.
Address Resolution Protocol
What kind of software program delivers advertising content in a manner that is unexpected and unwanted by the user, and is typically included in malware?
Adware
A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
Adware
An operating system for Google Android smartphones and other devices.
Android
Software code that gives access to a program or a service that circumvents normal security protections.
Backdoor
What type of system security malware allows for access to a computer, program, or service without authorization?
Backdoor
A structure designed to block the passage of traffic
Barricade
How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?
DNS poisoning
An attack that substitutes DNS addresses so that the computer is automatically redirected to an attacker's device.
DNS poisoning
Select the tool below that consists of a system of security tools that is used to recognize and identify data that is critical to an organization and ensure that it is protected:
Data Loss Prevention
A system such as a printer, smart TV, or HVAC controller, typically uses an operating system on what is called a:
Embedded system
What is the best way to prevent data input by a user from having potentially malicious effects on software?
Escaping user responses
Successful attacks on computers today consist of a single element, malicious software programs that are created to infiltrate computers with the intent to do harm.
False
Another name for locally shared object (LSO)
Flash cookie
A software testing technique that deliberately provides invalid, unexpected, or random data as inputs to a computer program.
Fuzz testing
What portion of the HTTP packet consists of fields that contain information about the characteristics of the data being transmitted?
HTTP header
A false warning designed to trick users into changing security settings on their computer
Hoax
Software or a hardware device that captures and stores each keystroke that a user types on the computer's keyboard.
Keylogger
Computer code that lies dormant until it is triggered by a specific logical event
Logic bomb
A computer virus that is written in a script known as a macro
Macro virus
A nonrelational database that is better tuned for accessing large data sets.
NoSQL
Of the three types of mutating malware, what type changes its internal code to one of a set number of predefined mutations whenever it is executed?
Oligomorphic malware
An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets.
Ping flood
On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?
Privilege escalation
Proximity readers utilize a special type of tag that can be affixed to the inside of an ID badge. What is the name for this type of tag?
Radio Frequency Identification tag (RFID)
Malware that locks or prevents a device from functioning properly until a fee has been paid is known as:
Ransomware
Which of the following is not one of the types of settings that would be included in a Microsoft Windows security template?
Resolution settings
An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:
Session hijacking
A form of verification used when accessing a secure web application
Session token
An attack that broadcasts a ping request to computers yet changes the address so that all responses are sent to the victim.
Smurf attack
What is used to describe a means of gathering information for an attack by relying on the weaknesses of individuals?
Social engineering
Which of the following is not one of the four methods for classifying the various types of malware?
Source
A phishing attack that targets only specific users
Spear phishing
What is the term used to describe unsolicited messages received on instant messaging software?
Spim
Anti-virus products typically utilize what type of virus scanning analysis?
Static analysis
Large-scale, industrial control systems.
Supervisory control and data aquisition
One of the armored virus infection techniques utilizes encryption to make virus code more difficult to detect, in addition to separating virus code into different pieces and inject these pieces throughout the infected program code. What is the name for this technique?
Swiss cheese
Cipher locks are sometimes combined with what type of sensor, which uses infrared beams that are aimed across a doorway?
Tailgate sensors
The physical procedure whereby an unauthorized person gains access to a location by following an authorized user is known as?
Tailgating
Select below the type of malware that appears to have a legitimate use, but actually contains or does something malicious:
Trojan
What language below is for the transport and storage of data, with the focus on what the data is?
XML
A user has become compromised as a result of visiting a specific web page, without clicking on any kind of content. What type of attack has occurred?
drive-by-download
What type of device, sometimes called a packet filter, is designed to prevent malicious network packets from entering or leaving computers or networks?
firewall
Instead of trying to make a match, modern AV techniques are beginning to use a type of detection that attempts to identify the characteristics of a virus. What is the name for this technique?
heuristic detection
A mobile operating system for Apple iPhones
iOS
Instead of using a key or entering a code to open a door, a user can use an object, such as an ID badge, to identify themselves in order to gain access to a secure area. What term describes this type of object?
physical token
A virus that infects an executable program file is known as?
program virus
Which type of attack below is similar to a passive man-in-the-middle attack?
replay
To what specific directory are users generally restricted to on a web server?
root
What type of malware consists of a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms?
rootkit
Attacks that take place against web based services are considered to be what type of attack?
server-side
What is the name for a cumulative package of all patches and hotfixes as well as additional features up to a given point?
service pack
A macro virus takes advantage of the ____________________ relationship between the application and the operating system.
trusted
What type of malware is heavily dependent on a user in order to spread?
virus
Which of the following is malicious computer code that reproduces itself on the same computer?
virus
The exchange of information among DNS servers regarding configured zones is known as:
zone transfer
