Security Awareness Chapters 3 and 4, Cybersecurity, CIS133 - Chapter 4 Quiz

Image Spam

4. Which of the following uses graphical images of text in order to circumvent text-based filters?

Sandboxing

5. What can be used to run JavaScript in a restricted environment and limit what resources it can access?

URL expander

6. Which of the following allows the user to hover over a reduced URL in order to view its expanded format?

Whitelist

7. To block spam, a list of senders can be entered for which the user will accept email, also known as which of the following?

Protected View

8. Microsoft Office attachments are automatically opened in which mode, which is a read-only mode that disabled editing functions?

Spam filters

9. ______________ look for specific words and block email messages containing those words

____ represent a specific way of implementing ActiveX and are sometimes called ActiveX applications.

ActiveX controls

Which type of web browser enhancement can change browser menus or create additional toolbars?

Add-ons

How does an attacker use a malvertising attack?

Attackers may infect the third-party advertising networks so that their malware is distributed through ads sent to user's web browsers.

____ allows Web authors to combine text, graphic images, audio, video, and hyperlinks into a single document.

HTML

What standardizes sounds and video format so plug-ins like Flash are no longer needed?

HTML5

Bob's computer was infected from a drive-by download attack, What did Bob do to get infected?

He viewed a website

What is the format used to write webpages?

Hypertext Markup Language (HTML)

Web servers distribute HTML documents based on a set of standards, or protocols, known as the _____.

Hypertext Transfer Protocol (HTTP)

The current version of IMAP is ____.

IMAP4

____ uses graphical images of text in order to circumvent text-based filters.

Image spam

Using which internet security best practice is information not saves by the browser, such as pages that are visited will not be recorded to history or the address bar?

Private browsing

What type of malware can lock up a user's computer and then display a message that purports to come from a law enforcement agency that states the user must pay a fine for illegal activity?

Ransomeware

A _____ is a downloadable image that can be used to scan a computer for malware.

Rescue disc

Which type of malware will hide or remove all traces of evidence that may reveal the malware, such as log entries?

Rootkits

Which of the following is not a secure internet practice?

Run JavaScript code to prevent attacks

What can be used to run JavaScript in a restricted environment and limit what resources it can access?

Sandboxing

Which of these could NOT be defined as a logic bomb?

Send spam email to all users in the company

Antivirus (AV) software on a computer must have its _____ files regularly updated by downloads from the Internet.

Signature

Which statement regarding a keylogger is NOT true?

Software keyloggers are easy to detect.

____ look for specific words and block e-mail messages containing those words.

Spam filters

Why should you not click on an embedded hyperlink?

They can take you to a different website other than what is being advertised

Why would you want to block external content from downloading into your email client?

To prevent spammers from knowing that you email address is valid

HTTP is based on which larger set of standards for internet communication?

Transmission Control Protocol/Internet Protocol (TCP/IP)

A user who installs a program that prints out coupons but in the background silently collects her passwords has installed a _____

Trojan

What is the name for a program that is advertised as performing one activity but actually does something else?

Trojan Horse. They are an executable program that masquerades as performing a benign activity but also does something malicious.

Most users actually receive only a small amount of spam in their local e-mail inbox. The majority is blocked before it even reaches the user.

True

Restricting how cookies are created and used can also be done through configuring the Web browser.

True

Web servers distribute HTML documents based on a set of standards, or protocols, known as the Hypertext Transport Protocol (HTTP).

True

How many carriers must a virus have to replicate and attack?

Two

Which windows feature provides information to users and obtains their approval before a program can make a change to the computer's settings?

User Account Control (UAC)

A(n) _____ requires a user to transport it from one computer to another

Virus

What are the three types of malware that have the primary traits of circulation and/or infection?

Viruses, worms, trojans

Each of the following is a question that the user should ask regarding data backups except _____

Who should do the backup?

The ____ is composed of Internet server computers on networks that provide online information in a specific format.

World Wide Web

The _____ is a worldwide set of interconnected computers, servers, and networks.

World wide web

The type of malware that exploits a vulnerability on one system and then immediately searches for another computer on the network that has the same vulnerability?

Worm

Is it recommended that a copy of data backup be stored at an off-site location?

Yes

An infected robot computer is known as a _____?

Zombie

What technique do attackers use in order to circumvent text-based spam filters?

image spam

Which of the following web browser additions provides links to external programs?

plug-in

Most Internet transmissions are based on ____.

port numbers

Which malware locks up a user's computer and then displays a message that purports to come from a law enforcement agency?

ransomeware

Most e-mail clients contain a ____ that allows the user to read an e-mail message without actually opening it.

reading pane

Known as ____, the deleted cookie's unique ID can still be assigned to a new cookie using the data stored in a Flash cookie as a backup.

respawning

Unsigned Java applets run in a security ____, which is like a fence that surrounds the program and keeps it away from private data and other resources on a local computer.

sandbox

ActiveX controls can be invoked from Web pages through the use of a ____ or directly by an HTML command.

scripting language

The database that contains the sequence of characters of a virus is called the _____

signature file

Which of these is a general term used for describing software that gathers information without the user's consent?

spyware

A cookie that was not created b the website that attempts to access it is called

third-party cookie

Which of these is NOT an action that a virus can take?

transport itself through the network to another device

A(n) ____ is a program that does not come from a trusted source.

unsigned Java applet

A reading pane allows the user to read an email message _____

without actually opening it

False

1. (True/False)Web servers distribute HTML documents based on a set of standards, or protocols, known as the Hypertext Transit Protocol (HTTP).

It is estimated that over 100 trillion e-mails are sent annually, increasing at a rate of ____ percent each year.

10

Malvertising

10. Which of the following can be described as a poisoned ad attack?

Cookies

11. What do web servers use to track whether a user has previously visited a web site?

Add-ons

12. Which type of web browser enhancement can change browser menus or create additional toolbars?

Drive by Downloads

13. What is it called when unsuspecting users visit an infected website and their browsers download code that targets a vulnerability in the user's browser?

Extensions

14. Which of the following expands the normal capabilities of a web broswer for a specific webpage?

Private Browsing

15. Using which Internet security best practice is information not saved by the browser, such as pages that are visited will not be recorded to history or the address bar?

Same Origin

16. Which JavaScript defense restricts a JavaScript downloaded from Site A from accessing data that came from Site B?

Hyperlinks

17. ____________________ allow users to jump from one area on the Web to another with a click of the mouse button

TCP/IP

18. Text-based messages that include words such as Viagra or investments can easily be trapped by _________ filters that look for these words and block the email.

Blacklist

19. _______________________ is a list of senders from whom the user does not want to receive any email.

False

2. (True/False) Third-party cookies can be stolen and used to impersonate the user, while first-party cookies can be used to track the browsing or buying habits of a user.

True

20. (True/False) With blocked top-level domain lists, email from entire countries or regions can be blocked and treated as spam.

The SMTP server listens on port number ____.

25

First Party Cookie

3. Which type of cookie is created from the Web site that a user is currently viewing?

____ is a technology that can associate a user's identity to a public key, in which the user's public key has been "digitally signed" by a trusted third party.

A digital certificate

What do web servers use to track whether a user has previously visited a web site?

Cookies

What are the risks of first-party cookies vs. third-party cookies?

Cookies pose security and privacy risks. First-party cookies can be stolen and used to impersonate the user, while third-party cookies can be used to track the browsing or buying habits of a user. When multiple websites are serviced by a single marketing organization , cookies can be used to track browsing habits on all the clients sites.

Botnets can flood a web server with thousands of requests and overwhelm it to the point that it cannot respond to legitimate requests. What is this called?

Denying services

What is it called when unsuspecting users visit an infected website and their browsers download code that targets a vulnerability in the user's browser?

Drive by downloads

What is the first step in defending against Internet-based attacks?

Ensure that the computer itself is properly secured

Which of the following expands the normal capabilities of a web browser for a specific webpage?

Extensions

Web sites use the standard HTTP protocol for sending data through the Internet because this protocol is secure and ensures that an attacker cannot view the contents of the transmission.

False

With blocked low-level domain lists, e-mail from entire countries or regions can be blocked and treated as spam.

False

Which of the following enhancements to software provides new or expanded function-ability but does not address security vulnerabilities?

Feature update

The ____ is a worldwide set of interconnected computers, servers, and networks.

Internet

Which of the following is the more recent and advanced electronic email system?

Internet Mail Access Protocol (IMAP)

A(n) ____ is a business from which users purchase Internet access.

Internet Service Provider

Using what email protocol can mail be organized into folders on the mail server and read from any device?

Internet mail Access Protocol (IMAP)

Which of the following is true about a cookie?

It can pose a security and privacy risk

Each of the following is true about the internet except:

It is a local network of computers and networks

Each of the following is an addition that could be added to a web browser to support dynamic browsing except _____

Java

____ is a complete programming language that can be used to create stand-alone applications.

Java

Which is the most popular scripting code used with webpages?

JavaScript

____ is a scripting language that does not create standalone applications.

JavaScript

What type of spyware silently captures and stores each keystroke that a user types on the computer's keyboard?

Keylogger

Which type of firewall is an external hardware device?

Network firewall

Which level of UAC provides the lowest level of security?

Never notify

Does malware usually enter a computer system with the user's knowledge?

No. Malware is software that enters a computer system without the user's knowledge or consent and then performs an unwanted and usually harmful action

Malware payload allows an attacker to execute virtually any command on the victim's computer; this is called _____

arbitrary code execution

E-mail ____ are documents that are connected to an e-mail message, such as word processing documents, spreadsheets, or pictures.

attachments

What is access a computer, program, or service that circumvents any normal security protections called?

backdoor

Each of the following is a typical feature of a fee-based Internet backup service except _____

backup to an external hard drive

A _____ is a list of email addresses from senders from whom you do not want to receive messages.

blacklist

Which of the following is not a type of malware that has as its primary trait circulation and/or infection?

botnet

Instructions written in HTML code specify how a local computer's Web ____ should display the words, pictures, and other elements on a user's screen.

browser

The most secure option when configuring a web browser for security is _____

deny first-party and third-party cookies

Each of the following is the reason why adware is scorned, except _____

it displays the attackers programming skills

Which of the following is not a web browser addition to enhance security?

local intranet flash signal

A(n) _____ is also called a Flash cookie, named after Adobe Flash.

locally shared object (LSO)

Which type of cookie is the most complex?

locally shared object (LSO)

Botnets are composed of _____

zombies