ITM 350 chapter 8 study guide

¡Supera tus tareas y exámenes ahora con Quizwiz!

True or False? A port-scanning tool enables an attacker to escalate privileges on a network server.

False

True or False? A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information.

False

True or False? Hijacking refers to the use of social engineering to obtain access credentials, such as usernames and passwords.

False

True or False? Stealth viruses attack countermeasures, such as antivirus signature files or integrity databases, by searching for these data files and deleting or altering them.

False

True or False? System infectors are viruses that attack document files containing embedded macro programming capabilities.

False

True or False? Worms operate by encrypting important files or even the entire storage device and making them inaccessible.

False

True or False? Attackers have established thousands of botnets, which they use to distribute malware and spam and to launch denial of service (DoS) attacks against organizations or even countries.

True

True or False? Attacks against confidentiality and privacy, data integrity, and availability of services are all ways malicious code can threaten businesses.

True

True or False? Because people inside an organization generally have more detailed knowledge of the IT infrastructure than outsiders do, they can place logic bombs more easily.

True

True or False? Defense in depth is the practice of layering defenses to increase overall security and provide more reaction time to respond to incidents.

True

True or False? Security breaches perpetrated by current and former employees often go undetected due to weak personnel and security policies or ineffective countermeasures.

True

True or False? Spyware does not use cookies.

True

True or False? The function of homepage hijacking is to change a browser's homepage to point to the attacker's site.

True

True or False? The goal of a command injection is to execute commands on a host operating system.

True

True or False? The success of Trojans is due to their reliance on social engineering to spread and operate; they have to trick users into running them.

True

True or False? The term "web defacement" refers to someone gaining unauthorized access to a web server and altering the index page of a site on the server.

True

True or False? Unlike viruses, worms do not require a host program to survive and replicate.

True

What is not a typical sign of virus activity on a system?

Unexpected power failures

What file type is least likely to be impacted by a file infector virus?

.docx

What type of system is intentionally exposed to attackers in an attempt to lure them out? A. Honeypot B. Bastion host C. Web server D. Database server

A. Honeypot

Adam discovers a virus on his system that is using encryption to modify itself. The virus escapes detection by signature-based antivirus software. What type of virus has he discovered? A. Polymorphic virus B. Stealth virus C. Cross-platform virus D. Multipartite virus

A. Polymorphic virus

Gwen is investigating an attack. An intruder managed to take over the identity of a user who was legitimately logged in to Gwen's company's website by manipulating Hypertext Transfer Protocol (HTTP) headers. Which type of attack likely took place? A. Session hijacking B. XML injection C. Cross-site scripting D. SQL injection

A. Session hijacking

The CEO of Kelly's company recently fell victim to an attack. The attackers sent the CEO an email informing him that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place? A. Spear phishing B. Pharming C. Adware D. Command injection

A. Spear phishing

What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations? A. Whois B. Simple Network Management Protocol (SNMP) C. Ping D. Domain Name System (DNS)

A. Whois

What file type is least likely to be impacted by a file infector virus? A. .exe B. .docx C. .com D. .dll

B. .docx

What program, released in 2013, is an example of ransomware? A. BitLocker B. Crypt0L0cker C. FileVault D. CryptoVault

B. Crypt0L0cker

What is NOT one of the four main purposes of an attack? A. Denial of availability B. Data import C. Data modification D. Launch point

B. Data import

Which type of virus targets computer hardware and software startup functions? A. Hardware infector B. System infector C. File infector D. Data infector

B. System infector

Tonya would like to protect her users and the network when users browse to known dangerous sites. She plans to maintain a list of those sites and drop messages from those websites. What type of approach is Tonya advocating?

Blacklisting

What ISO security standard can help guide the creation of an organization's security policy? A. 12333 B. 17259 C. 27002 D. 42053

C. 27002

Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she block? A. Hypertext Transfer Protocol (HTTP) B. Transmission Control Protocol (TCP) C. Internet Control Message Protocol (ICMP) D. User Datagram Protocol (UDP)

C. Internet Control Message Protocol (ICMP)

Brian would like to conduct a port scan against his systems to determine how they look from an attacker's viewpoint. What tool can he use for this purpose? A. Ping B. Simple Network Management Protocol (SNMP) agent C. Nmap D. Remote Access Tool (RAT)

C. Nmap

What type of malicious software allows an attacker to remotely control a compromised computer? A. Worm B. Polymorphic virus C. Remote Access Tool (RAT) D. Armored virus

C. Remote Access Tool (RAT)

Bob is developing a web application that depends upon a database backend. What type of attack could a malicious individual use to send commands through his web application to the database? A. Cross-site scripting (XSS) B. XML injection C. SQL injection D. LDAP injection

C. SQL injection

Breanne's system was infected by malicious code after she installed an innocent-looking solitaire game that she downloaded from the Internet. What type of malware did she likely encounter? A. Virus B. Worm C. Trojan horse D. Logic bomb

C. Trojan horse

What is NOT a typical sign of virus activity on a system? A. Unexplained decrease in available disk space B. Unexpected error messages C. Unexpected power failures D. Sudden sluggishness of applications

C. Unexpected power failures: Evidence of Virus Code Activities

Larry recently viewed an auction listing on a website. As a result, his computer executed code that popped up a window that asked for his password. What type of attack has Larry likely encountered?

Cross-site scripting (XSS)

What program, released in 2013, is an example of ransomware?

CryptoLocker

Alison discovers that a system under her control has been infected with malware, which is using a keylogger to report user keystrokes to a third party. What information security property is this malware attacking? A. Integrity B. Availability C. Accounting D. Confidentiality

D. Confidentiality

Larry recently viewed an auction listing on a website. As a result, his computer executed code that popped up a window that asked for his password. What type of attack has Larry likely encountered? A. SQL injection B. Command injection C. XML injection D. Cross-site scripting (XSS)

D. Cross-site scripting (XSS)

What is NOT a common motivation for attackers? A. Money B. Fame C. Revenge D. Fear

D. Fear

Val would like to limit the websites that her users visit to those on an approved list of pre-cleared sites. What type of approach is Val advocating? A. Blacklisting B. Context-based screening C. Packet filtering D. Whitelisting

D. Whitelisting

What type of attack occurs in real time and is often conducted against a specific target?

Direct

What type of system is intentionally exposed to attackers in an attempt to lure them out?

Honeypot

Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she filter?

Internet Control Message Protocol (ICMP)

Alison is a security professional. A user reports that, after opening an email attachment, every document he saves is in a template format and other Microsoft Word documents will not open. After investigating the issue, Alison determines that the user's Microsoft Office normal.dot template has been damaged, as well as many Word files. What type of virus is the most likely cause?

Macro virus

Karen is a hacker. She wants to access a server and control it remotely. The tool she plans to use is a type of Trojan. What tool will Karen use for this purpose?

Remote Access Tool (RAT)

Devaki is investigating an attack. An intruder managed to take over the identity of a user who was legitimately logged in to Devaki's company's website by manipulating Hypertext Transfer Protocol (HTTP) headers. Which type of attack likely took place?

Session hijacking

Arturo discovers a virus on his system that resides only in the computer's memory and not in a file. What type of virus has he discovered?

Slow virus

The chief executive officer (CEO) of a company recently fell victim to an attack. The attackers sent the CEO an email that appeared to come from the company's attorney. The email informed the CEO that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place?

Spear phishing

Bob is developing a web application that depends on a backend database. What type of attack could a malicious individual use to send commands through his web application to the database?

Structured Query Language (SQL) injection

Which of the following is a type of denial of service (DoS) attack?

Synchronize (SYN) flood

Which type of virus targets computer hardware and software startup functions?

System infector

Lin installed a time-management utility that she downloaded from the Internet. Now several applications are not responding to normal commands. What type of malware did she likely encounter?

Trojan horse

True or False? A backdoor is a hidden way to bypass access controls and allow access to a system or resource.

True

True or False? A computer virus is an executable program that attaches to, or infects, other executable programs.

True

True or False? A rootkit is a type of malware that modifies or replaces one or more existing programs to hide the fact that a computer has been compromised.

True

Wen is a network security professional. He wants to strengthen the security of his agency's network infrastructure defenses. Which control can he use to protect the network?

Use proxy services and bastion hosts to protect critical services

What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?

Whois

Hacking groups create _______ to launch attacks whereby they infect vulnerable machines with agents that perform various functions at the command of the controller.

botnets


Conjuntos de estudio relacionados

Chapter 13 Sociology Terms and Topics

View Set

Professional Liability Insurance

View Set

CompTIA Security+ Cert Prep: 7 Endpoint Security Design and Implementation

View Set

Chapter 18: International Capital Budgeting

View Set

COM4803-- Module 4 Overview: Formal Third Parties; The Arbitrator

View Set