IS 456 Ch.11
polymorphic virus
Adam discovers a virus on his system that is using encryption to modify itself. The virus escapes detection by signature-based antivirus software. What type of virus has he discovered?
Confidentiality
Alison discovers that a system under her control has been infected with malware, which is using a key logger to report user keystrokes to a third party. What information security property is this malware attacking?
SQL injection
Bob is developing a web application that depends upon a database backend. What type of attack could a malicious individual use to send commands through his web application to the database?
Trojan Horse
Breanne's system was infected by malicious code after she installed an innocent-looking solitaire game that she downloaded from the Internet. What type of malware did she likely encounter?
Nmap
Brian would like to conduct a port scan against his systems to determine how they look from an attacker's viewpoint. What tool can he use for this purpose?
Whitelisting
Val would like to limit the websites that her users visit to those on an approved list of pre-cleared sites. What type of approach is Val advocating?
27002
What ISO security standard can help guide the creation of an organization's security policy?
.docx
What file type is least likely to be impacted by a file infector virus?
Fear
What is NOT a common motivation for attackers?
Unexpected power failures
What is NOT a typical sign of virus activity on a system?
Data import
What is NOT one of the four main purposes of an attack?
Crypt0L0cker
What program, released in 2013, is an example of ransomware?
Whois
What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?
Remote Access Tool (RAT)
What type of malicious software allows an attacker to remotely control a compromised computer?
Honeypot
What type of system is intentionally exposed to attackers in an attempt to lure them out?
System infector
Which type of virus targets computer hardware and software startup functions?
Internet Control Message Protocol (ICMP)
Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she block?
Session hijacking
Gwen is investigating an attack. An intruder managed to take over the identity of a user who was legitimately logged into Gwen's company's website by manipulating Hypertext Transfer Protocol (HTTP) headers. Which type of attack likely took place?
Cross-site scripting (XSS)
Larry recently viewed an auction listing on a website. As a result, his computer executed code that popped up a window that asked for his password. What type of attack has Larry likely encountered?
Spear phishing
The CEO of Kelly's company recently fell victim to an attack. The attackers sent the CEO an email informing him that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place?