CH 7 BCOR 330
Bot
A hacker uses software to infect computers, including laptops, desktops, tablets, and Internet of Things (IoT) devices, turning each computer into a zombie
When employers deactivate former employees' username and passwords, they are using which tool that ensures confidentiality? More than one answer may be correct.
Access control Authentication
Which of these threats to cybersecurity can only come from an external source?
Ransomware
A hacker launches an attack on a network that is designed to interrupt or stop network traffic by flooding it with too many requests. This would be considered a _____ attack.
DoS
Which of the following are examples of cyberattacks?
DoS attacks Information theft DDoS attacks
In what stage of the plan-protect-respond cycle is the cause of an incident investigated?
Responding stage
Distributed Denial of Service (DDoS) Attack
When a hacker gains unauthorized access and control of a network of computers that are connected to the Internet.
Select what's true about how a Trojan infects a computer system.
Trojans are commonly used by hackers to gain access to systems and devices. Trojans are designed using some sort of social engineering tactic. Hackers use Trojans to create a backdoor into a user's system which allows them to spy on the computer's activities.
Malware is short for malicious software and is designed to steal information, destroy data, impact the operations of a computer or network, or frustrate the user. Common types of malware include:
Worms Trojans Viruses
The goal of the NIST Cybersecurity Framework Protect (PR) function is to ______.
help protect an organization's IT infrastructure from security breaches by offering guidelines on IT infrastructure protection
The need to keep sensitive data, information, and systems confidential ______.
is both a major goal and a requirement for cybersecurity
What percentage of malicious attachments are masked as Microsoft Office files?
38%
Recently, TechJury compiled a list of cybersecurity statistics that show the impact of different malware and network attacks. What percentage of cyberattacks are aimed at small businesses?
43%
What percentage of cyberattacks are aimed at small business?
43%
What percentage of daily email attachments are harmful for their intended recipient?
85%
What percentage of cyberattacks are launched with a phishing email?
91%
Which of the following statements about computer viruses are true?
A computer virus is software that infects computers and is created using computer code. Viruses can destroy programs or alter the operations of a computer or network.
Botnet
A group of computers under the control of a hacker.
There are multiple ways ransomware attacks can be launched. Which of the following are methods a ransomware attack can be launched?
Phishing Trojan Horse
Which of the following statements correctly describes phishing?
Phishing scams use legitimate looking email messages to con a user into giving up private information. Phishing is the illegitimate use of an email message that appears to be from an established organization such as a bank.
In cybersecurity, the probable maximum loss (PML) is used to______.
help determine spending needed to adequately secure an organization's IT infrastructure
A form of spyware that records all actions typed on a keyboard is called a _____ logger
keystroke
As reported by Andrei Ene, Tiny Banker ______ (TBT) is one of the worst malware attacks in the last 10 years.
trojan
Sharing infected files and opening an infected email attachment are ways that a computer _____ can infect a digital device.
virus
From the following list, select all the examples of internal threats to cybersecurity.
An accidental erasure of data An attack by an authorized user The leakage of sensitive information
What do the three categories of the Detect (DE) function of the NIST Cybersecurity Framework include?
Analysis, observation, detection
White hat hackers use the same techniques and tools that are used by illegitimate hackers. These tools include which of the following?
Back door programs Rootkits Social engineering
What type of hacker breaks into computer systems with the intent of causing damage or stealing data?
Black hat hackers
Which of the following is an example of a tool that could be used to ensure data integrity? More than one answer may be correct.
Data correction codes are used to ensure the data retrieved are the same as when it was stored. Data are regularly backed up.
What is the "DE" function in the National Institute of Standards Technology (NIST) Cybersecurity Framework?
Detect function
Computer viruses are not frequently disguised as attachments of funny images, greeting cards, or audio and video files.
False
Why is preserving the integrity of data, information, and systems an important cybersecurity goal?
If the consistency, accuracy, or dependability of these assets has been compromised, they lose their usefulness and value.
The five categories of the Respond (RS) function of the NIST Cybersecurity Framework include planning, analysis, and mitigation. From the list below, select the remaining two categories.
Improvements to cybersecurity response plans Communication
Why is MitMo a growing security risk? More than one answer may be correct.
People use mobile devices in many of the same ways they use computers. Smartphones and other mobile devices are everywhere.
In which function of the NIST Cybersecurity Framework are an organization's cybersecurity plans corrected due to a cybersecurity event?
Recover (RC) function
How are data in process different from data at rest or data in transit?
Unlike data in transit or storage, it can be found in a device's RAM or CPU.
A keylogger can be accurately described as ______.
technology that captures keyboard input on several types of devices to glean confidential information
A program that appears legitimate, but executes an unwanted activity when activated is called a _____ horse virus
trojan
The Identify (ID) function of the NIST Cybersecurity Framework focuses on organizational______.
understanding of how to manage cybersecurity risks
Many organizations hire computer experts who test the security measures of an organization's information systems to ensure they are protected against intrusions. These experts use a variety of techniques including hacking, penetration testing, and vulnerability testing. These types of experts are known as _____ hackers.
white-hat
Which of the following are areas covered by state-specific cybersecurity laws? More than one answer may be correct
Addressing security needs of smart devices. Ensuring state and local governments are protected from cybersecurity threats. Protecting elections from cyber threats.
Remote employees of a corporation are required to log into their company's virtual private network (VPN) before accessing files on the corporation's shared drive where corporate data are unreadable to unauthorized users. This is an example of which of the following tools that ensure confidentiality? More than one answer may be correct.
Encryption Authentication Access control
Which of the following is considered a cybersecurity threat to data at rest? More than one answer may be correct.
Data will be stolen. Data will be viewed by unauthorized users.
From the following list, select all options that describe the purposes of a cybersecurity risk analysis.
Determine how to respond to a potential loss Calculate potential loss due to security threats Identify a company's assets
The technology that provides a type of firewall protection by hiding internal IP addresses is called _____.
NAT
Which of the following are considered cybercrimes?
Trojan horse viruses Digital identity theft Computer hacking
Which of the following is an example of data in transit? More than one answer may be correct.
At home, a person sends a photo taken on their smartphone to display on their smart TV. A person uses an app on their smartphone to check their bank balance.
Select the true statements about state-sponsored cyberwarefare.
Attacks can be directly launched by a foreign government or by a group or individual who has been paid by to execute the attack Can be used to send warnings or to create conflict between countries. Originate and are executed by foreign governments.
Who does California's SB-327 for IoT Security aim to protect and who bears the responsibility?
California's SB-327 for IoT Security helps to protect consumers; the responsibility lies with makers of devices that connect with the Internet.
Which of the following is an example of event that may occur during the respond stage of the plan-protect-respond cycle? More than one answer may be correct.
Communicating with all appropriate parties Determining the impact of a security breach Executing the appropriate response plans
Select all options that describe the device features mandated by California's SB-327 for IoT Security.
Constructed to protect the device and any data it stores Appropriate to the intended use of the device Suitable for the type of data the device will contain and relay
You are speaking with a friend about how to protect yourself from phishing scams. Your friend (who works in cybersecurity) gives you some advice about what to do if you receive a phishing message. Which of the following statements would be considered good advice?
Contact US-CERT. If you receive a suspicious message, contact the institution that the message was allegedly sent from. Banks and credit card companies will never ask you to provide personal information via email messages.
Security risk can be calculated using the following calculation: Risk = Threat x Vulnerability x _____
asset
Which of the following are reasons why states are making cybersecurity measures a high priority? More than one answer may be correct.
Data and technology continue to be at risk from cyber threats. New technologies continue to advance at a rapid rate.
An attack on a network that is designed to interrupt or stop network traffic by flooding it with too many requests is called a ______ attack
DoS
According to Norton, which of the following steps should be taken to defend against rootkits?
Don't ignore software updates Watch out for drive-by-downloads Be aware of phishing emails
What is the goal of the protect stage in the plan-protect-respond cycle? More than one answer may be correct.
Ensure uninterrupted delivery of vital services. Limit the impact of a security breach.
Select all options that describe steps in cybersecurity risk analysis.
Estimate the likelihood of occurrence of threats Estimate potential losses Assign value to assets
Which of the following is an example of a task that might be completed during the planning stage of the plan-protect-respond cycle? More than one answer may be correct.
Having an authorized user attempt to hack into the system to determine vulnerabilities. Determine the degree of vulnerability that exists. Determine what security flaws exist.
Which of the following statements refer to programs known as spiders, web crawlers, and bots? More than one answer may be correct.
Internet robots are used for both legitimate and malicious purposes. Malicious bots create security risks by compromising a user's control of the computer. "Good bots" have diverse functions and do not pose security risks.
Data at rest or storage can be found in which of the following places? More than one answer may be correct.
On an external hard drive In the cloud
Which function of the National Institute of Standards Technology (NIST) Cybersecurity Framework involves an organization analyzing cybersecurity risk and reducing potential damage to IT infrastructures?
Protect (PR) function
Malware that encrypts a computer's data, forcing the victim to purchase a decryption code, is called ___ .
Ransomware
Rootkits are typically used to allow hackers to do which of the following?
Remotely control the operations of a computer. Create a backdoor into a computer
Tips to avoid falling victim to a social engineering attack includes which of the following?
Slow down and think about the scenario. Make sure to research the facts contained in an email message. Be mindful of web searches to make sure you are landing on legitimate sites.
Who are the prime targets of MitM attacks? More than one answer may be correct.
Software as a source (SaaS) businesses Anyone who logs in to shop online Anyone who uses online financial applications
Select the true statements about keystroke loggers.
Software based keystroke loggers are often a Trojan that is installed without the user's knowledge Can be hardware devices and software applications Keystroke loggers can record passwords and confidential information
Select what's true about spear phishing attacks.
Spear phishing is a type of email scam that is directed toward a specific person or organization. Spear phishing attacks are designed to steal data and some attacks may also be designed to install malicious software on a device.
Which of the following statements accurately describes spyware? More than one answer may be correct.
Spyware captures private information by monitoring how users interact online. Downloading software or documents from unvetted sources is one way spyware can be installed.
What is the National Institute of Standards Technology (NIST) Cybersecurity Framework?
The NIST Cybersecurity Framework is a voluntary guide that helps organizations understand and protect themselves against cybersecurity risks.
Accessing the communications of an organization without authorization was made a criminal violation by which federal cybersecurity law?
The Stored Communications Act
Often accompanying downloaded music or apps, programs that appear to be legitimate, but executes an unwanted activity when activated is called a _____.
Trojan
Mohammed is experiencing issues with his work computer. He speaks to the IT department and they identify various symptoms of a computer virus. Symptoms of a computer virus include:
The operating system may not launch properly Critical files may be automatically deleted Unexpected error messages
One method organizations are using to deal with the increase in cybersecurity threats and the decrease in the effectiveness of traditional security means is through the use of behavior science in their data and network security policies. One of these methods is called UEBA. Select the true statements about UEBA.
UEBA stands for user and entity behavior analytics It is a type of cybersecurity that observes and records the conduct of computer and network users UEBA uses a variety of different tactics to create a map of pattern behavior including machine learning, statistical analysis, and artificial intelligence (AI)
Select the true statements about packet sniffers.
Unauthorized sniffers are used to steal information Legitimate sniffers are used for routine examination and problem detection
What is the goal of the planning phase of the plan-protect-respond cycle?
Understand the steps needed to design effective information security architecture.
Put the steps for how a virus infects a digital device in the correct order.
Virus arives via email An action such as running or opening a file activates the virus The infection spreads to other computers via infected email The payload or the component of a virus that executes the malicious activity hits the computer/
According to the National Institute of Standards Technology (NIST), cybersecurity personnel can take steps to ensure data and systems are protected. The first thing an organization should conduct is a cybersecurity risk assessment. The cybersecurity risk assessment is concerned with answering which of the following questions?
What are the internal and external vulnerabilities? What are the relevant threats and the threat sources to our organization? What are our organization's most important information technology assets?
Before data security strategies are created, which questions must be answered?
What is the risk I am reducing? Am I reducing the risk in the most cost-effective way? Is this the highest priority security risk?
Developed by Cisco and used by firewalls, routers, and computers that are part of a network and are connected to the Internet, Network _____ _ Translation provides a type of firewall protection by hiding internal IP addresses.
address
One method organizations are using to deal with the increase in cybersecurity threats and the decrease in the effectiveness of traditional security means is through the use of _____ science in their data and network security policies.
behavioral
A _____ hat hacker breaks into computer systems with the intent of causing damage or stealing data.
black
A group of computers under the control of a hacker is referred to as a
botnet
The purpose of spyware is to ______.
capture the user's account data, passwords, key strokes, and more
A _____ denial-of-service (DDoS) attack takes place when a hacker gains unauthorized access and control of a network of computers that are connected to the Internet.
distributed
Hardware or software used to keep a computer secure from outside threats such as hackers and viruses by allowing or blocking Internet traffic is called a ____.
firewall
Personal software _____ are typically included with the operating system and can be configured based on user preference.
firewall
Unlike phishing which does not have a specific target and is designed to reach the maximum amount of people, _____ phishing is a precise type of attack.
spear
Businesses need to take steps to protect computer systems, data, and information from ______ disasters.
natural
Activities where white-hat hackers are paid to hack into private networks and applications is referred to as _______ testing
penetration
Adware specifically functions to ______.
present advertisements to users based on their browsing behaviors
Malware that encrypts the victims data files and then demands that a payment is made to the hacker is called
ransomware
Specialized hardware or software that capture packets transmitted over a network are called packet _____
sniffers
Specialized hardware or software that capture packets transmitted over a network are called packet _____.
sniffers
The use of computers and digital technology to manipulate people so they divulge confidential information such as usernames, passwords, account information is called _____ engineering
social
A computer virus is______.
malware that, when executed, adversely affects performance or damages programs
Where are data in transit found?
cellular network
The essential function of malicious bots is to ______.
control an individual computer by self-replicating and connecting to a central server
A deliberate misuse of computers and networks via the Internet that uses malicious code to modify the normal operations of a computer or network is called a
cyberattack
A crime in which a computer is the object of the crime or is used to commit a criminal offense is called
cybercrime
A Trojan horse achieves its purposes through ______.
deceptive access
Ransomware basically holds a target hostage because it ___ .
encrypts the victim's data
Who performs probable maximum loss calculations?
A company's cybersecurity analysts
How does a rootkit pose a cybersecurity threat? More than one answer may be correct.
A range of malicious actions is possible because the invader has the same access as the computer's owner or user. Installed on a computer's operating system, a rootkit bypasses security functions.
To get to the bottom of the odd computer problems she was having, Priya listed these symptoms: files mysteriously disappearing, system configurations unexpectedly altered, and two icons showing up for applications she did not download. What malware could have been installed on Priya's computer?
A rootkit
Which of the following is an example of data in process? More than one answer may be correct.
A username that has been submitted for authentication A password that has been submitted for authentication A food order placed through Uber Eats
Which of the elements of the CIA triad does serve in maintaining a properly functioning, error-free operating system?
Availability
Which of the following is prohibited by the Computer Fraud and Abuse Act? More than one answer may be correct
Cyber blackmail Intentionally destroying a computer
How does cybersecurity help preserve the integrity of data, information, and systems? More than one answer may be correct.
Cybersecurity threat mitigation includes measures to protect the consistency, accuracy, and dependability of these assets. Cybersecurity tools such as user-access controls, file permission, and version controls help prevent unauthorized changes. Cybersecurity systems are designed to detect unauthorized or unanticipated changes to data that suggest a loss of integrity.
Select all options that describe the goals of the National Institute of Standards Technology (NIST) Cybersecurity Framework.
Give guidance to organizations who wish to understand potential security breaches Create an atmosphere where organizations can effectively discuss cybersecurity risks internally and with those outside of the organization Help organizations develop appropriate policies and procedures to mitigate data breaches
Which of the following is a best practice for ensuring that data are available? More than one answer may be correct.
Having standby equipment available to take over in a situation where the main system fails. Ensuring that the data server has an appropriate amount of bandwidth. Storing data on multiple hard drives.
Select all options that describe standards set forth by the General Data Protection Regulation (GDPR) for compliance by companies who handle individuals' data.
Hire a data protection officer Make collected data anonymous Notify citizens of data breaches
Which function of the NIST Cybersecurity Framework involves an organization gaining deeper understanding of cybersecurity management in the context of their business needs and resources?
Identify (ID) function
Select all options that describe the categories of the Recover (RC) function of the NIST Cybersecurity Framework.
Improvements to cybersecurity plans Communication with all stakeholders Restoration of impaired systems
Applying for credit or even a mortgage online is a straightforward process. After creating an account with a unique user name and password, a customer reads a privacy statement, reviews the security policy, and accepts the terms of use. Then they proceed to log in and fill out an application, answering detailed questions about household income, employment, and more. What cybersecurity risk is particularly relevant to this process?
Man-in-the-middle (MitM) attack
Select the true statements about ransomware attacks.
One of the most popular methods used in ransomware attacks is through phishing. Ransomware attacks invade computers via Trojan Horse viruses, worms, or by a user opening a legitimate looking email. Ransomware is malware that makes a computer's data inaccessible until a ransom is paid.
Which of the following is an example of an event that may occur during the protect stage of the plan-protect-respond cycle? More than one answer may be correct.
Perform routine maintenance on organizational resources. Require all employees to attend training that outlines the different types of security threats their organization faces. Determine levels of access control.
In which function of the NIST Cybersecurity Framework does an organization's cybersecurity team take quick action to mitigate damage to systems?
Respond (RS) function
Members of a project team at a mid-size company are trained in online safety, and their network is protected by a firewall. But the worst-case scenario has happened: a competitor has obtained protected information, possibly directly from a member's computer. George, the firm's system manager, sees some evidence of a Trojan horse that was engineered to steal passwords. What first steps should he and his security team take to uncover the source? More than one answer may be correct.
The security team should examine everyone's activity log, looking for any downloaded files or programs. They should comb through e-mails with an eye to a message with a clickable link.
What do many social engineering attacks have in common?
They are conducted via e-mails that offer a reward in exchange for clicking a given link.
According to the Federal Emergency Management Agency (FEMA), which of the following are steps businesses can take to help protect systems, data, and information from natural disasters?
Utilize off-site cloud storage Store data in different areas across the United States (geographic data redundancy) Create a business continuity plan
Which of the following browsing situations may reveal that adware is at work? More than one answer may be correct.
You have been looking for a new winter coat, and three out of five ads popping up on your browser currently show the type of coat you have been considering. In searching the term database management, the first item you see in the results list is an ad for a particular online database. Shortly after you buy and download a writing enhancement program, you begin seeing ads for special keyboards, styluses, and other assistive technology.
Cyberattacks that originate and are executed by foreign governments is called state-sponsored ____. These attacks can be directly launched by a foreign government or by a group or individual who has been paid by to execute the attack.
cyberwarfare
Select the reasons a government may choose to get involved in state-sponsored cyberwarfare.
Cyberwarfare is relatively inexpensive when compared to traditional warfare. Cyberwarfare is often difficult to trace and identify. Cyberwarfare can cause widespread damage to IT infrastructure.
One version of this type of malware encrypts a victims data until a payment is made. Another version threatens to make public a victim's personal data unless a payment is made. This type of malware is called ___>
Ransomware
Select the true statements about white hat hackers.
The goal of white hat hackers is to find gaps in network security and to test security defenses. Use the same techniques and tools that are used by illegitimate hackers.
Malware is short for ______ software.
malicious
Establishing authentication procedures is a common cybersecurity goal because ______.
verifying that prospective users are authorized to access resources is the first step in keeping unauthorized users out
Computer experts that attempt to hack into a network to ensure that it is protected against intrusions are called _____-hat hackers
white
According to the CIA triad, in which of the following examples is an organization ensuring data integrity? More than one answer may be correct.
Access to important data is limited so that only certain employees are able to modify that data. During an acquisition, logistics data are securely transferred to the acquiring company's servers.
Which of the following statements explain why a computer virus is so named? More than one answer may be correct.
Computer viruses have the ability to reproduce themselves within a system. An invaded computer inadvertently plays host to the malware.
Your grandfather learns that his identity has been stolen, and you suspect that social engineering attacks are responsible. To help him protect his personal information, you tell him how to recognize the most common attacks. From the following list, select all the possible warning signs.
E-mails or web pages that ask him to provide personal information to enter a contest or receive a free offer. Strange e-mails from his friends, family members, or seemingly trustworthy organizations. E-mails or texts that ask him to click a given link for more information or a free download.
A movie streaming company is offering an online deal on HD movies to new customers who live in a certain country. How can authentication help the company protect its assets and resources from fraudulent use of the deal? More than one answer may be correct.
It can verify that the customer is new to the company or service. It can verify that the customer lives in the correct country. It can grant the customer access to the appropriate movies.
Which of the following surveillance technologies relies on how data are entered into a system?
Keyloggers
What is the overall goal of the General Data Protection Regulation (GDPR)?
To ensure EU companies protect the privacy and personal data of EU citizens
Suppose an organization's system is vulnerable to losing information because its automated backup of data is insufficient or substandard. This type of cybersecurity vulnerability is ______.
a weakness in application software
The term "cybersecurity threat mitigation" refers to all of the policies, procedures, and tools used to ______.
guard against threats such as security incidents, data breaches, and unauthorized network access, and reduce any harm they cause
The cybersecurity risks known as Man-in-the-mobile (MitMo) are realized when ______.
malware infects smartphones and other mobile devices