QUIZ 7 - CHAPTER 8

¡Supera tus tareas y exámenes ahora con Quizwiz!

TRUE

True or False? System infectors are viruses that attack document files containing embedded macro programming capabilities.

TRUE

True or False? A backdoor is a hidden way to bypass access controls and allow access to a system or resource.

FALSE

True or False? A port-scanning tool enables an attacker to escalate privileges on a network server.

TRUE

True or False? Attacks against confidentiality and privacy, data integrity, and availability of services are all ways malicious code can threaten businesses.

TRUE

True or False? Because people inside an organization generally have more detailed knowledge of the IT infrastructure than outsiders do, they can place logic bombs more easily.

FAlSE

True or False? Hijacking refers to the use of social engineering to obtain access credentials, such as usernames and passwords.

TRUE

True or False? Security breaches perpetrated by current and former employees often go undetected due to weak personnel and security policies or ineffective countermeasures.

TRUE

True or False? The function of homepage hijacking is to change a browser's homepage to point to the attacker's site.

TRUE

True or False? A rootkit is a type of malware that modifies or replaces one or more existing programs to hide the fact that a computer has been compromised.

FALSE

True or False? A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information.

TRUE

True or False? Defense in depth is the practice of layering defenses to increase overall security and provide more reaction time to respond to incidents.

SLOW VIRUS

Arturo discovers a virus on his system that resides only in the computer's memory and not in a file. What type of virus has he discovered? Retro virus Slow virus Cross-platform virus Multipartite virus

STRUCTURED QUERY LANGUAGE (SQL) INJECTION

Bob is developing a web application that depends on a backend database. What type of attack could a malicious individual use to send commands through his web application to the database? Extensible Markup Language (XML) injection Structured Query Language (SQL) injection Cross-site scripting (XSS) Lightweight Directory Access Protocol (LDAP) injection

SESSION HIJACKING

Devaki is investigating an attack. An intruder managed to take over the identity of a user who was legitimately logged in to Devaki's company's website by manipulating Hypertext Transfer Protocol (HTTP) headers. Which type of attack likely took place? Extensible Markup Language (XML) injection Structured Query Language (SQL) injection Session hijacking Cross-site scripting (XSS)

BOTNETS

Hacking groups create _______ to launch attacks whereby they infect vulnerable machines with agents that perform various functions at the command of the controller. ransomware honeypots logic bombs Botnets

REMOTE ACCESS TOOL (RAT)

Karen is a hacker. She wants to access a server and control it remotely. The tool she plans to use is a type of Trojan. What tool will Karen use for this purpose? Remote Access Tool (RAT) Network mapper (Nmap) Ping Simple Network Management Protocol (SNMP) agent

CROSS-SITE SCRIPTING (XSS)

Larry recently viewed an auction listing on a website. As a result, his computer executed code that popped up a window that asked for his password. What type of attack has Larry likely encountered? Cross-site scripting (XSS) Extensible Markup Language (XML) injection Command injection Structured Query Language (SQL) injection

TROJAN HORSE

Lin installed a time-management utility that she downloaded from the Internet. Now several applications are not responding to normal commands. What type of malware did she likely encounter? Ransomware Worm Trojan horse Virus

SPEAR PHISHING

The chief executive officer (CEO) of a company recently fell victim to an attack. The attackers sent the CEO an email that appeared to come from the company's attorney. The email informed the CEO that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place? Ransomware Pharming Spear phishing Command injection

BLACKLISTING

Tonya would like to protect her users and the network when users browse to known dangerous sites. She plans to maintain a list of those sites and drop messages from those websites. What type of approach is Tonya advocating? Whitelisting Correct! Blacklisting Change detection Integrity checking


Conjuntos de estudio relacionados

CA HA 7 LOWER appendicular system & WQ CHAPTER 8

View Set

Equations of Parallel and Perpendicular Lines

View Set

Lifespan Development- Chapter 12

View Set

Chapter 34: Assessment and Management of Patients with Inflammatory Rheumatic Disorders

View Set

ATI diabetes mellitus management post test

View Set

Chapter 14: Global Financial Management

View Set

2B - Market Influences on Business

View Set

Cellular Basis of Animal Behavior - Exam 2

View Set