BUS 340 - Methods of Securing Information

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Put the steps for how a virus infects a digital device in the correct order.

1. The virus arrives via email attachment, file download, or by visiting a website that has been infected. 2. An action such as running or opening a file activates the virus. 3. The infection spreads to other computers via infected email, files, or contact with infected web sites. 4. The payload or the component of a virus that executes the malicious activity hits the computer and the other infected devices.

What percentage of malicious attachments are masked as Microsoft Office files?

38%

Used by firewalls, routers, and computers that are part of a network and are connected to the Internet, Network ___ Translation provides a type of firewall protection by hiding internal IP addresses.

Access

What type of hacker breaks into computer systems with the intent of causing damage or stealing data?

Black hat hackers

Select the true statements about white hat hackers.

Breach and attack simulation technologies are used to automate hacking and threat/infiltration analysis. Use the same techniques and tools that are used by illegitimate hackers. The goal of white hat hackers is to find gaps in network security and to test security defenses.

Rootkits are typically used to allow hackers to do which of the following?

Create a backdoor into a computer Remotely control the operations of a computer.

Select the reasons a government may choose to get involved in state-sponsored cyberwarfare.

Cyberwarfare is often difficult to trace and identify. Cyberwarfare can cause widespread damage to IT infrastructure. Cyberwarfare is relatively inexpensive when compared to traditional warfare.

Malware is designed to do which of the following?

Destroy data Incapacitate networks and computers Steal information

A DDoS attack is when computers that have been infected by a virus act as "zombies" and work together to send out illegitimate messages creating huge volumes of network traffic. The acronym DDoS stands for

Distributed Denial of Service

A hacker launches an attack on a network that is designed to interrupt or stop network traffic by flooding it with too many requests. This would be considered a _____ attack.

DoS (Denial of Service)

According to Norton, which of the following steps should be taken to defend against rootkits?

Don't ignore software updates Watch out for drive-by-downloads Be aware of phishing emails

Computer viruses are not frequently disguised as attachments of funny images, greeting cards, or audio and video files.

False

Select the true statements about state-sponsored cyberwarfare.

Originate and are executed by foreign governments. Can be used to send warnings or to create conflict between countries. Attacks can be directly launched by a foreign government or by a group or individual who has been paid by to execute the attack

Activities where white-hat hackers are paid to hack into private networks and applications is referred to as __ testing.

Penetration

Which 3 of the following are examples of cyberattacks?

Pharming and phishing Identity theft DoS attacks

There are multiple ways ransomware attacks can be launched. Which of the following are methods a ransomware attack can be launched?

Phishing Trojan Horse

Select the true statements about ransomware attacks

Ransomware attacks invade computers via Trojan Horse viruses, worms, or by a user opening a legitimate looking email. One of the most popular methods used in ransomware attacks is through phishing.. Ransomware is malware that makes a computer's data inaccessible until a ransom is paid.

Select what's true about spear phishing attacks.

Spear phishing attacks are designed to steal data and some attacks may also be designed to install malicious software on a device. Spear phishing is a type of email scam that is directed toward a specific person or organization.

Mohammed is experiencing issues with his work computer. He speaks to the IT department and they identify various symptoms of a computer virus. Symptoms of a computer virus include:

The operating system may not launch properly Unexpected error messages Critical files may be automatically deleted

One method organizations are using to deal with the increase in cybersecurity threats and the decrease in the effectiveness of traditional security means is through the use of behavior science in their data and network security policies. One of these methods is called UEBA. Select the true statements about UEBA.

UEBA uses a variety of different tactics to create a map of pattern behavior including machine learning, statistical analysis, and artificial intelligence (AI) UEBA stands for user and entity behavior analytics It is a type of cybersecurity that observes and records the conduct of computer and network users

According to the Federal Emergency Management Agency (FEMA), which of the following are steps businesses can take to help protect systems, data, and information from natural disasters?

Utilize off-site cloud storage Store data in different areas across the United States (geographic data redundancy) Create a business continuity plan

Which of the following statements about computer viruses are true?

Viruses can destroy programs or alter the operations of a computer or network. A computer virus is software that infects computers and is created using computer code.

According to the National Institute of Standards Technology (NIST), cybersecurity personnel can take steps to ensure data and systems are protected. The first thing an organization should conduct is a cybersecurity risk assessment. The cybersecurity risk assessment is concerned with answering which of the following questions?

What are our organization's most important information technology assets? What are the relevant threats and the threat sources to our organization? What are the internal and external vulnerabilities?

Security risk can be calculated using the following calculation: Risk = Threat x Vulnerability x

asset

One method organizations are using to deal with the increase in cybersecurity threats and the decrease in the effectiveness of traditional security means is through the use __________ of science in their data and network security policies.

behavior

A _____ hat hacker breaks into computer systems with the intent of causing damage or stealing data

black

A group of computers under the control of a hacker is referred to as

botnet, botnets, or bot net

A crime in which a computer is the object of the crime or is used to commit a criminal offense is called

cybercrime

cyberattack

deliberate misuse of computers and networks via the Internet. Cyberattacks use malicious code to modify the normal operations of a computer or network

A _______ denial-of-service (DDoS) attack takes place when a hacker gains unauthorized access and control of a network of computers that are connected to the Internet.

distributed

Personal software _________ are typically included with the operating system and can be configured based on user preference.

firewall

A form of spyware that records all actions typed on a keyboard is called a _ logger

keylogger/keystroke

Businesses need to take steps to protect computer systems, data, and information from _________ disasters

natural

A program that appears legitimate, but executes an unwanted activity when activated is called a ________ horse virus

trojan

As reported by Andrei Ene, Tiny Banker _____ (TBT) is one of the worst malware attacks in the last 10 years.

trojan

Computer experts that attempt to hack into a network to ensure that it is protected against intrusions are called _____ , -hat hackers.

white

What percentage of cyberattacks are aimed at small business?

43%

What percentage of daily email attachments are harmful for their intended recipient?

85%

What percentage of cyberattacks are launched with a phishing email?

91%

Select what's true about how a Trojan infects a computer system.

Hackers use Trojans to create a backdoor into a user's system which allows them to spy on the computer's activities. Trojans are commonly used by hackers to gain access to systems and devices. Trojans are designed using some sort of social engineering tactic.

Select the true statements about keystroke loggers.

Keystroke loggers can record passwords and confidential information Software based keystroke loggers are often a Trojan that is installed without the user's knowledge Can be hardware devices and software applications

The technology that provides a type of firewall protection by hiding internal IP addresses is called _____.

NAT (Network Access Translation)

Malware is short for malicious software and is designed to steal information, destroy data, impact the operations of a computer or network, or frustrate the user. Common types of malware include:

Worms Trojans Viruses

Hardware or software used to keep a computer secure from outside threats such as hackers and viruses by allowing or blocking Internet traffic is called a ____.

firewall

Specialized hardware or software that capture packets transmitted over a network are called packet ___.

packet

The illegitimate use of an email message that appears to be from an established organization such as a bank, financial institution, or insurance company is referred to as _________ . In order to appear legitimate, the message often contains the company's logo and identifying information.

phishing

Malware that encrypts a computer's data, forcing the victim to purchase a decryption code, is called

ransomware

You are speaking with a friend about how to protect yourself from phishing scams. Your friend (who works in cybersecurity) gives you some advice about what to do if you receive a phishing message. Which of the following statements would be considered good advice?

If you receive a suspicious message, contact the institution that the message was allegedly sent from. Banks and credit card companies will never ask you to provide personal information via email messages. Contact US-CERT.

Before data security strategies are created, which questions must be answered?

Is this the highest priority security risk? Am I reducing the risk in the most cost-effective way? What is the risk I am reducing?

Select what's true about Trojan malware

Often used to find passwords, destroy data, or to bypass firewalls Similar to viruses, but do not replicate themselves Often found attached to free downloads and apps

Unlike phishing which does not have a specific target and is designed to reach the maximum amount of people, _________ phishing is a precise type of attack.

spear

According to National Institute for Standards _________ , once a cybersecurity risk assessment has been conducted and the various questions in the risk assessment have been answered, an organization will be able to decide what to protect.

technology

Tingnan ang lahat ng mga set ng pag-aaral

Kaugnay na mga set ng pag-aaral

Saunders Chapter 22. Risk Conditions Related to Pregnancy

View Set

Ch 19: The Cardiovascular System: Blood Vessels

View Set

AST 101 Chapter 2: The Rise Of Astronomy

View Set

Chapter 14: The Physiology of Resistance Training

View Set

CHAPTER 17: Analyze the impact of the following on the American industrial worker between 1865 and 1900. Governmental Actions Immigration Labor Unions Technological changes

View Set