Cyber Security Midterm
Please distinguish between vulnerability, threat, and control.
A threat is a potential to do harm. A vulnerability is a means by which a threat agent can cause harm. A control is a protective measure that prevents a threat agent from exercising a vulnerability.
____________________ ensures authorized users — persons or computer systems — can access (or use) information without interference or obstruction, and in the required format.
Availability
The investigation phase of the Security Systems Development Life cycle (SecSDLC) begins with a directive from upper management. (true or false)
True
Distinguish between vulnerability, threat, and control
Vulnerability- there is a flaw within the company that can be compromised by attackers Threat- attackers initiate an attack by making use of a company's vulnerability Control- a company maintains in power of their assets
List and describe the three ways of control.
Technical- passwords, firewalls, encryption Educational- people are the weakest link in information security Procedural- policies, contracts, regulations
____________________ is initiated by upper management with issue policy, procedures, and processes.
Top-down approach
Threats are always malicious
False
Threats are always targeted
False
Confidentiality ensures that only those with the rights and privileges to modify information are able to do so
False (integrity is correct)
Which group is the most likely target of a social engineering attack? a. Receptionists and administrative assistants b. Information security response team c. Internal auditors d. Independent contractors
a. receptionists and administrative assistants
The CEO of Kelly's company recently fell victim to an attack. The attackers sent the CEO an email informing him that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place? 5 a. Spear phishing b. Pharming c. Adware d. Command injection
a. spear fishing
Of the following malware types, which one is MOST likely to monitor a user's computer? a. Trojan b. Spyware c. Ransomwares d. Adware
b. spyware
After Tom turned on his computer, he saw a message indicating that unless he made a payment, his hard drive would be formatted. What does this indicate? a. Armored virus b. Backdoor c. Ransomwares d. Trojan
c. ransomwares
Users in your organization have reported receiving a similar email from the same sender. The email included a link, but after recent training on emerging threats, all the users chose not to click the link. Security investigators determined the link was malicious and was designed to download ransomeware. Which of the following BEST describes the email? a. Phishing b. Spam c. Spear phishing d. Vishing
c. spear fishing
What type of malicious software masquerades as legitimate software to entice the user to run it? a. Virus b. Worm c. Trojan horse d. Rootkit
c. trojan horse
Which of the following functions does information security perform for an organization? a. Protects the organization's ability to function. b. Enables the safe operation of applications implemented on the organization's IT systems. c. Protects the data the organization collects and uses. d. All of the above.
d. all of the above
You are reviewing security controls and their usefulness. You notice that account lockout policies are in place. Which of the following attacks will these policies thwart? (choose two) a. DNS poisoning b. Replay c. Buffer overflow d. Brute force e. Dictionary
d. brute force e. dictionary
Which term describes an action that can damage or compromise an asset? a. Risk b. Vulnerability c. Countermeasure d. Threat
d. threat
A phishing email is a fake or bogus email intended to trick the recipient into clicking on an embedded URL link or opening an email attachment. (true or false)
true
Attacks against confidentiality and privacy, data integrity, and availability of services are always malicious code can threaten businesses. (true or false)
true
Hypertext Transfer Protocol (HTTP) is the communications protocol between web browsers and websites with data in clear text. (true or false)
true
Unlike viruses, worms do NOT require a host program in order to survive and replicate. (true or false)
true
A phishing attack "poisons" a domain name on a domain name server. (true or false)
false
A worm is a self-contained program that has to trick users into running it. (true or flase)
false
The main difference between a virus and a worm is that a virus does not need a host program to infect. (true or false)
false
Within the context of information security, ____________________ is the process of using interpersonal skills to convince people to reveal access credentials or other valuable information to the attacker.
social engineering
____________________ is a technique used to gain unauthorized access to computers, wherein the intruder sends messages to a computer that has an IP address that indicates that the messages are coming from a trusted host and not the actual source computer.
spoofing