Intro to cyber Final Quizzes
List four strategies for risk control:
Avoidance Transference Mitigation Acceptance
What is the term used to describe a type of attack where a computer works methodically through all possible passwords? Cryptographic attack Denial-of-service attack Brute force attack Man in the middle attack
Brute force attack
In a computer forensics investigation, what describes the route that evidence takes from the time you find it until the case is closed or goes to court? a. Rules of evidence b. Law of probability c. Chain of custody d. Policy of seperation
Chain of custody
Ethical Hackers __ Don't exist Work outside the law Are motivated by financial gain Do penetration testing to identify vulnerabilities.
Do penetration testing to identify vulnerabilities.
T/F A good risk management strategy involves annual monitoring.
False
Your organization has decided to use a biometric system to authenticate users. If the FAR is high, what happens? Legitimate users are denied access to the organization's resources. Legitimate users are granted access to the organization's resources. Illegitimate users are granted access to the organization's resources. Illegitimate users are denied access to the organization's resources.
Illegitimate users are granted access to the organization's resources.
List at least three different categories of assets for an organization,
People Data and information Software/Hardware
When cataloging digital evidence, the primary goal is to do what? a. Make bitstream images of all hard drives. b. Preserve evidence intgrity c. Avoid removing the evidence from the scene d. Prohibit the computer from being turned on.
Preserve evidence intgrity
Check all of the things that could indicate an email is a phishing attempt. multiple senders sense of urgency Grammatical errors Too good to be true
all
In the recovery phase of incident response, one step is ____ a. Restore data from clean backups b. Rebuild systems from scratch c. Restore confidence d. All of the above
d. All of the above
t/f Fraud is not a cyber crime.
f
t/f With a computer, always work on the original since when a person commits a crime something is always left behind.
f
Which are types of social engineering? hacking phishing whaling pretexting
hacking phishing whaling pretexting
Liability is _______ legal obligation to make restitution insuring employees know what constitutes acceptable behavior Making a valid effort to protect others None of the above
legal obligation to make restitution
Which of the following is NOT true about a threat? Any activity that represents a possible loss of availiability Any activity that represents a possible loss of confidentiality Any activity that represents a possible danger ALL are true. Any activity that represents a possible loss of integrity
All are true
Which is not true about digital forensics? a. Used to investigate what happened during attack on assets b. Used to determine how the attack occured c. Involved the preservation of computer media for evidentially analysis d. All of the above are true
All of the above are true
Which is not a type of hacking? Hactivism Nation-State Cyber Ethical
Cyber
All but one of the following are examples of two-factor authentication. Which of these is the odd one out, because it does not involve two factors? Password and Authentication App The chip and PIN on a bank card Fingerprint and PIN Entering your password twice
Entering your password twice
Which is NOT TRUE about the Computer Fraud and Abuse Act? It is the umbrella for anti- hacking law It contains 7 different parts on hacking Implementation is recommended but not required It doe not address cyber bullying
Implementation is recommended but not required
Why should you note all cable connections for a computer you want to seize as evidence? a. To know what outside connections existed b. In case other devices were connected c. To know what peripheral devices exist d. To know what hardware existed.
In case other devices were connected
Select the correct formula for calculating risk Risk = Asset Valuation x Vulnerability Valuation + Threat Valuation Risk = Asset Valuation x Threat Valuation x Vulnerability Valuation Risk = Asset Valuation - Asset Loss Cost * Threat Valuation Risk = Critical Asset Value * Threat likelihood
Risk = Asset Valuation x Threat Valuation x Vulnerability Valuation
List the three types of authentication and give an example of each. Something you _____________ Something you _____________ Something you _____________
Something you know: password/pin Something you have: cryptographic identification device Something you are: biometric
Which activity is not usually included in computer forensics? a. The secure collection of computer data. b. The examination of physical systems c. the identification of suspect data d. The application of laws to computer practice
The examination of physical systems
Which one of the following is not considered good practice when managing passwords? The password should be long and complex enough to make it difficult for someone else to guess The password should be stored in plaintext The password should not be shared with other people The same password should not be used across multiple locations
The password should be stored in plaintext
Which of the following is an example of a threat to a computer system? Act of human error or failure Force of nature Technological obsolescence All are threats.
all are threats
In preparing to collect incident data, ___ a. Collect only subjective data b. Collect all data available c. Pass all information onto management d. Document all information on the data that was acquired, such as location.
d
Incident response risk assessment requires a quantitative analysis which is __ a. Subjective - values, words, experts b. Collection of data within the organization c. Vulnerability assessment d. Objective - numbers, values and formulas
d
t/f A Business Continuity Planning is to establish critical business operations after a disaster impacts operations.
f
t/f A documentation trail is beneficial but not required.
f
t/f An incident response team should be formed once an incident is confirmed.
f
t/f Most Windows logs are turned on automatically.
f
t/f Most computer criminals are not really "criminals".
f
t/f Reacting to incidents is lost costly and more effective than preventing incidents.
f
Which is NOT a way to avoid being caught in a phishing scheme? Use Firewalls Think before you click Install Anit-virus software never send attachments
never send attachments
Risk Analysis in Information Systems is primarily: quantitaive qualitative monitoring asset valuation
qualitative
List the 5 steps of the Risk Management process
step 1: Asset Identification and Valuation step 2: Threat Identification step 3: Vulnerability Identification step 4: Risk Assessment step 5: Risk Control
t/f Incident response planning prepares IR team to be ready to react to an incident.
t
t/f Most attacks occur by exploiting a vulnerability.
t
t/f Privacy is the state of being free from unsanctioned intrusion.
t
t/f Single loss expectation is used to determine the total cost of an incident.
t
t/f Social Engineering is getting information through deception.
t
t/f When an affidavit is signed, it becomes a search warrent.
t
t/f When managing an incident, strong decisions making and communication are critical.
t
t/f incidents create pandemonium if not prepared.
t