Exam 3 (ISF)
A DoS attack is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks.
True
A birthday attack is a type of cryptographic attack that is used to make brute-force attack of one-way hashes easier.
True
A man-in-the-middle attack takes advantage of the multihop process used by many types of networks.
True
A phishing email is a fake or bogus email intended to trick the recipient into clicking on an embedded URL link or opening an email attachment.
True
An alteration threat violates information integrity
True
Failing to prevent an attack all but invites an attack.
True
Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?
80
Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?
Address Resolution Protocol (ARP) poisoning
Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?
Evil twin
A dictionary password attack is a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource.
False
A phishing attack "poisons" a domain name on a domain name server.
False
A rootkit uses a directed broadcast to create a flood of network traffic for the victim computer.
False
An attacker uses exploit software when wardialing.
False
Denial of service (DoS) attacks are larger in scope than distributed denial of service (DDoS) attacks.
False
In which type of attack does the attacker attempt to take over an existing connection between two systems?
Session hijacking
Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using?
Typosquatting
An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using?
Urgency
Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales?
Opportunity cost
Tony is working with a law enforcement agency to place a wiretap pursuant to a legitimate court order. The wiretap will monitor communications without making any modifications. What type of wiretap is Tony placing?
Passive wiretap
Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place?
Spim