In Class Exercises Ch. 3 & 4 (True/False)

The function of homepage hijacking is to change a browser's homepage to point to the attacker's site.

True

The goal of a command injection is to execute commands on a host operating system.

True

Unlike viruses, worms do NOT require a host program in order to survive and replicate.

True

A computer virus is an executable program that attaches to, or infects, other executable programs.

True

A successful denial of service (DoS) attack may create so much network congestion that authorized users cannot access network resources.

True

ActiveX is used by developers to create active content.

True

An electronic mail bomb is a form of malicious macro attack that typically involves an email attachment that contains macros designed to inflict maximum damage.

True

Attacks against confidentiality and privacy, data integrity, and availability of services are all ways malicious code can threaten business.

True

Backdoor programs are typically more dangerous than computer viruses.

True

Because people inside an organization generally have more detailed knowledge to the IT infrastructure than outsiders do, they can place logic bombs more easily.

True

Defense in depth is the practice of layering defenses to increase overall security and provide more reaction time to respond to incidents.

True

A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information.

False

A worm is a self-contained program that has to trick users into running it.

False

Retro viruses counter the ability of antivirus programs to detect changes in infected files.

False

Spyware does NOT use cookies.

False

System infectors are viruses that attack document files containing embedded macro programming capabilities.

False

The four primary types of malicious code attacks are unplanned attacks, planned attacks, direct attacks, and indirect attacks.

False

The term "web defacement" refers to someone gaining unauthorized access to a web server and altering the index page of a site on the server.

False

Trojans are self-contained programs designed to propagate from one host machine to another using the host's own network communication protocols.

False

It is common for rootkits to modify parts of the operating system to conceal traces of their presence.

True