INFO360 - Exam 4 - Cybersecurity
Which of the following statements describes a keylogger most accurately? A) It is surveillance malware that captures confidential information through keyboard input. B) A keylogger is a type of virus that encrypts a user's data as it collects keystroked input. C) It is a keystroke-recording chip that pushes adware onto a computer. D) A keylogger is malicious software that can be implanted on any device with a keyboard.
A) It is surveillance malware that captures confidential information through keyboard input.
Which of the following statements best illustrates why a rootkit is described as creating a back door? A) Like an intruder coming through a back door, a rootkit allows an unknown user into an operating system. B) A rootkit collects confidential information, paving the way for future risks. C) A rootkit invites a cyberattack on an individual computer through a network opening. D) Booting up a computer without proper security effectively opens the door to cybersecurity risks.
A) Like an intruder coming through a back door, a rootkit allows an unknown user into an operating system.
Social engineering is used to target people whom A) are not cautious about giving out confidential or sensitive information. B) do not use strong passwords or do not change their passwords frequently. C) are less likely to notice that their identity has been stolen and misused. D) are likely to be aware of cybersecurity threats.
A) are not cautious about giving out confidential or sensitive information.
Man-in-the-mobile (MitMo) occurs when A) malware infects smartphones and other mobile devices. B) laptop performance is disrupted when sharing a mobile network. C) mobile network service and Wi-Fi service conflict. D) smartphones receive adware.
A) malware infects smartphones and other mobile devices.
Why is a denial-of-service attack (DoS attack) a threat to data availability? A) A DoS attack changes the data that is stored on the server, rendering it inaccurate. B) By flooding a system with incoming messages, a DoS attack forces the system to shut down, rendering it inaccessible to the users who legitimately have access to it. C) DoS attacks remove any encryptions that are placed around data, making them available without proper authentication. D) A DoS attack floods a system with incoming messages designed to trick an unsuspecting employee into granting unauthorized access to data.
B) By flooding a system with incoming messages, a DoS attack forces the system to shut down, rendering it inaccessible to the users who legitimately have access to it.
Ransomware basically holds a target hostage because it A) takes control of a target's network. B) makes the target's own data inaccessible. C) dramatically slows functionality. D) destroys a target's data.
B) makes the target's own data inaccessible.
What is the meaning of the term "social engineering" in the area of cybersecurity? A) the impersonation of trusted organizations to trick people into making online donations B) the act of manipulating or tricking people into sharing confidential, personal information C) the waging of misinformation campaigns through social media posts with false information D) the use of online surveys or polls to gauge public sentiment and influence public opinion
B) the act of manipulating or tricking people into sharing confidential, personal information
One surveillance technology that relies on how the user enters data is a A) virus. B) bot. C) keylogger. D) rootkit.
C) keylogger.
Which of the following is a goal of confidentiality as defined by the CIA triad? A) classifying information as essential or unessential B) determining who has access to essential data C) preventing information from being readily available D) making sure the right people have access to secure information
D) making sure the right people have access to secure information
What does the General Data Protection Regulation (GDPR) strive to achieve? A) to ensure EU workers protect the security of their company's data B) to ensure U.S. companies protect the privacy and personal data of U.S. citizens C) to ensure U.S. workers protect the security of their company's data D) to ensure EU companies protect the privacy and personal data of EU citizens
D) to ensure EU companies protect the privacy and personal data of EU citizens
Which of the following is the clearest definition of a computer virus? a. Code-created malware that, when executed, damages programs and performance. b. Surveillance software introduced through a seemingly innocuous link. c. Malware that lives in the operating system and attacks system functionality. d. One of a class of cybersecurity threats that compromise a user's confidential information.
a. Code-created malware that, when executed, damages programs and performance.
Who is responsible for calculating probable maximum loss? a. a company's cybersecurity analysts b. a company's management team c. a company's accounting department d. a company's Internet provider
a. a company's cybersecurity analysts
Which of the following would be prohibited under the Electronic Communications Protection Act? a. an employee leaking confidential emails they were not authorized to receive b. negligence with consumer's data c. cyberstalking d. an employee leaking a confidential conversation they overheard
a. an employee leaking confidential emails they were not authorized to receive
What are the three categories of the detect (DE) function of the NIST Cybersecurity Framework? a. analysis, observation, detection b. planning, mitigation, corrections to systems c. manage, protect, maintain d. restoration, corrections to procedures, communication
a. analysis, observation, detection
Malicious bots are cybersecurity risks because they a. can reproduce and link to an outside server. b. capture and record a user's keystrokes and confidential information. c. aid in data gathering and speed up search requests. d. ultimately destroy an individual computer's hard drive.
a. can reproduce and link to an outside server.
What are the core actions of the protect (PR) function? a. controlling access to systems and preventing unauthorized access b. training employees to work with security systems such as firewalls c. working with Internet security software firms d. avoiding online file exchanges as much as possible
a. controlling access to systems and preventing unauthorized access
Which of the following is a goal of an information technology disaster recovery plan (IT DRP)? a. outline specific recovery times for information technology to resume after an issue occurs b. prevent technology disruptions from occurring c. allow normal business operations to continue as soon as possible after an issue occurs d. conduct regular backups of data
a. outline specific recovery times for information technology to resume after an issue occurs
What is the key action called for in the detect (DE) function of the NIST Cybersecurity Framework? a. quick identification of a cybersecurity threat b. analysis of existing protocols c. early detection of expiring security software d. mitigation of loss due to a cyber event
a. quick identification of a cybersecurity threat
Which of the NIST Cybersecurity Framework functions calls for quick action on the part of an organization's cybersecurity team to mitigate damage to systems? a. respond (RS) function b. recover (RC) function c. detect (DE) function d. protect (PR) function
a. respond (RS) function
What is the "RS" function in the National Institute of Standards Technology (NIST) Cybersecurity Framework? a. respond function b. reset function c. restrict function d. restore function
a. respond function
In what stage of the plan-protect-respond cycle forensic analysis conducted? a. responding stage b. Forensic analysis is conducted after the plan-protect-respond cycle has been completed. c. planning stage d. protecting stage
a. responding stage
As of 2020, all legislation that has been passed to protect elections from cybersecurity threats are part of a. state-specific cybersecurity laws. b. the Computer Fraud and Abuse Act. c. the General Data Protection Regulation. d. the Electronic Communication Protection Act.
a. state-specific cybersecurity laws.
Which type of cybersecurity breach can cause the most damage to an organization's systems, data, and information? a. viruses b. DDOS attacks c. spyware d. packet sniffers
a. viruses
In which situation should the origin of information be authenticated to protect data integrity? a. when electronic votes are submitted during an election b. when a news website subscriber logs in to access articles c. when a store cashier enters a coupon code for a purchase d. when a bank customer checks her account balance at an ATM
a. when electronic votes are submitted during an election
How does the cybersecurity goal of preserving data integrity relate to the goal of authenticating users? a. The level of data integrity is determined by the skill levels of the users authorized to access and use it. b. Data integrity is more easily preserved if users must be authorized to access data and make changes. c. Changes in data integrity can only be detected by users whose identities have been authenticated. d. Data integrity cannot be harmed if different users have access to different versions of the data files.
b. Data integrity is more easily preserved if users must be authorized to access data and make changes.
Determine which of the following is an example of data that has integrity. a. Data that are track sales are pulled from weekly sales reports that account executives update. Each account executive manually enters their weekly sales numbers into the main dataset. b. Data that are used to set sales goals for account executives are stored on a secure server; managers are allowed read-only access to the sales data for the reps they directly manage. c. Data that is used to set quarterly earnings projections are stored on a shared drive; different assistants update the data weekly based on the reports they receive. d. Data are stored on a secure drive, with limited access. In order to maintain version control, backups are not created of the data.
b. Data that are used to set sales goals for account executives are stored on a secure server; managers are allowed read-only access to the sales data for the reps they directly manage.
Explain the purpose of the National Institute of Standards Technology (NIST) Cybersecurity Framework. a. The NIST Cybersecurity Framework is a system of computers that monitors national cybersecurity threats and relays the information to businesses and other organizations. b. The NIST Cybersecurity Framework is a voluntary guide that helps organizations understand and protect themselves against cybersecurity risks. c. The NIST Cybersecurity Framework is a cybersecurity software package available to organizations from NIST intended to bolster firewall capabilities. d. The NIST Cybersecurity Framework is a set of mandatory rules for organizations to follow in order to protect themselves against cybersecurity risks.
b. The NIST Cybersecurity Framework is a voluntary guide that helps organizations understand and protect themselves against cybersecurity risks.
Why is it important to preserve the integrity of data, information, and systems? a. These assets can only lose integrity during transmissions, which also must be protected for other reasons. b. These assets lose their usefulness and value if their consistency, accuracy, or dependability is compromised. c. These assets are more appealing to hackers if they are not adequately protected from unauthorized use or harm. d. These assets are more vulnerable to hackers if they have been obtained in an unethical or illegal manner
b. These assets lose their usefulness and value if their consistency, accuracy, or dependability is compromised.
Which is the most common characteristic of social engineering cybersecurity attacks? a. They compensate the victim with a promotional offer, such as a discount code or free voucher. b. They are conducted via emails that offer a reward in exchange for clicking a given link. c. They originate with a personal contact, trustworthy organization, or reputable company. d. They use online surveys or polls to openly request participants' opinions and information.
b. They are conducted via emails that offer a reward in exchange for clicking a given link.
"Cybersecurity threat mitigation" includes all of the policies, procedures, and tools that help organizations a. use security system cameras and facial recognition to catch hackers who threaten systems and data. b. anticipate and counter threats from security vulnerabilities or incidents and reduce their impact. c. reduce the chances that employees can threaten security by giving unauthorized access to others. d. restore the cybersecurity system during or immediately after a breach, to protect systems and data.
b. anticipate and counter threats from security vulnerabilities or incidents and reduce their impact.
Where are data in transit found? a. on a smart appliance b. on a cellular network c. in the cloud d. on a hard drive
b. on a cellular network
What does the identify (ID) function of the NIST Cybersecurity Framework focus on? a. organizational detection of cybersecurity events in a timely fashion b. organizational understanding of how to manage cybersecurity risks c. organizational development of a plan of restoration in the event of a cybersecurity breach d. organizational implementation of an action plan in the event of a cybersecurity breach
b. organizational understanding of how to manage cybersecurity risks
Bad actors seeking to create computer viruses primarily must know how to a. understand network components. b. program code. c. bypass operating system guardrails. d. set up messages to carry Trojan horses.
b. program code.
A corporation that was recently the victim of hacking that was caused by a high-level employee falling for a phishing scheme institutes a required, annual, self-paced training module that alerts employees to the most common recent phishing attacks. The institution of this new training requirement represents which phase of the plan-protect-respond cycle? a. protect b. respond c. plan d. This example represents the integrity phase of the CIA triad, not the plan-protect-respond cycle.
b. respond
For which type of cybersecurity vulnerability do organizations maintain and share databases of known problems? a. flaws in the design of a cybersecurity system's many features b. security weaknesses in operating systems or application software c. difficulties implementing common system security policies d. weaknesses in procedures for securing or protecting a syste
b. security weaknesses in operating systems or application software
How does a cybersecurity exploit threaten the safety of a system? a. It is a hacker or intruder who can break into a system and gain unauthorized access. b. It is a weakness or flaw in system security procedures, design, implementation, or control. c. It is a tool or technique for taking advantage of a system vulnerability to cause harm. d. It is a malicious action that harms a system's programs, such as planting a virus or spyware.
c. It is a tool or technique for taking advantage of a system vulnerability to cause harm.
Which is the best definition of a cybersecurity exploit? a. It is the damage done by a hacker who breaks into a system and steals information. b. It is the unauthorized network access that a hacker steals from an authorized user. c. It is the means by which a hacker capitalizes on a cybersecurity vulnerability to do harm. d. It is the vulnerability in security procedures or controls that opens a system to hackers.
c. It is the means by which a hacker capitalizes on a cybersecurity vulnerability to do harm.
Why are probable loss calculations important? a. Employee laptops are often lost or damaged. b. Statistics show that employee theft is significant. c. Organizations have limited funds to use toward system protections. d. Older equipment is part of a "planned failure" cost.
c. Organizations have limited funds to use toward system protections.
What do all cybersecurity threats have in common? a. Their specific causes are not as important as their potential for ongoing harm. b. Their impact is entirely preventable with proper assessment and actions. c. They are connected to the loss of information, software, or hardware. d. They are created by hackers and other people seeking to do harm.
c. They are connected to the loss of information, software, or hardware.
What is the goal of the planning phase of the plan-protect-respond cycle? a. Provide employee education on data security threats. b. Prove that their cloud infrastructure is not vulnerable to hackers. c. Understand common threats that an organization may face and determine how vulnerable they are to such threats. d. Understand how to identify important data and create systems for backing this data up
c. Understand common threats that an organization may face and determine how vulnerable they are to such threats.
Why is establishing authentication procedures a common cybersecurity goal? a. Testing users, processes, and devices before giving them access to resources helps prevent errors from being introduced. b. Allowing untrained users to access any systems, data, and resources can make these IT assets more susceptible to damage. c. Verifying that users are authorized to access systems, data, and resources is fundamental to preventing their unauthorized use. d. Authorizing prospective users, processes, or devices to access resources is complicated and requires a background check.
c. Verifying that users are authorized to access systems, data, and resources is fundamental to preventing their unauthorized use.
Conrad was disturbed to find evidence of applications he did not download, system configurations unexpectedly altered, and files mysteriously that disappeared and moved. Which cybersecurity threat best explains the problems he was having? a. spyware b. adware c. a rootkit d. a Trojan horse
c. a rootkit
Which of the elements of the CIA triad does properly maintaining all hardware serve? a. confidentiality b. integrity c. availability d. capacity
c. availability
Spyware's basic function is to a. warn the user when a website or transaction is insecure. b. attach itself to outgoing messages and texts. c. capture the user's account data, passwords, keystrokes, and more. d. direct the user to clickable ads and websites based on interaction.
c. capture the user's account data, passwords, keystrokes, and more.
What are the core actions of the protect (PR) function? a. training employees to work with security systems such as firewalls b. working with Internet security software firms c. controlling access to systems and preventing unauthorized access d. avoiding online file exchanges as much as possible
c. controlling access to systems and preventing unauthorized access
Which of the NIST Cybersecurity Framework functions investigates an organization's cybersecurity management in the context of their business needs and resources? a. recover (RC) function b. protect (PR) function c. identify (ID) function d. detect (DE) function
c. identify (ID) function
Adrian and Frank began the online process of applying for a short-term loan for their business. They created an account with a username and password, looked over the privacy statement, reviewed the security policy, and accepted the terms of use. After logging on, however, they became increasingly uncomfortable answering so many detailed questions about income, employment, and more. What specific risk might they have remembered from studying cybersecurity? a. ransomware b. bots and crawlers c. man-in-the-middle (MitM) d. adware
c. man-in-the-middle (MitM)
Which NIST Cybersecurity Framework function involves correcting an organization's cybersecurity plans due to a cybersecurity event? a. protect (PR) function b. respond (RS) function c. recover (RC) function d. identify (ID) function
c. recover (RC) function
If an organization's automated backup system is vulnerable to data loss or corruption, its cybersecurity vulnerability is a weakness or flaw in its a. remote operations. b. policy for human oversight. c. software. d. hardware capabilities.
c. software.
According to the identify (ID) function of the NIST Cybersecurity Framework, what allows an organization to prioritize its efforts where cybersecurity risk is involved? a. knowledge of current hacker events b. observation of data usage across the organization c. understanding of its business environment and resources d. installation of appropriate security software
c. understanding of its business environment and resources
A benign Internet robot that gathers data is called a(n) a. crab. b. searcher. c. web crawler. d. indexer.
c. web crawler.
Who is protected by California's SB-327 for IoT Security and who is accountable for ensuring the guidelines are met? a. California's SB-327 for IoT Security helps to protect consumers; the responsibility lies with Internet service providers. b. California's SB-327 for IoT Security helps to protect consumers; the responsibility lies with companies who provide Internet security software. c. California's SB-327 for IoT Security helps to protect companies; the responsibility lies with Internet service providers. d. California's SB-327 for IoT Security helps to protect consumers; the responsibility lies with makers of devices that connect with the Internet.
d. California's SB-327 for IoT Security helps to protect consumers; the responsibility lies with makers of devices that connect with the Internet.
Which type of cybersecurity breach makes a computer, network, or online service malfunction or become unavailable to users? a. spyware b. viruses c. impersonation d. DDOS attacks
d. DDOS attacks
Why is data that is located in the RAM of a device considered data in transit? a. Data that is located in the RAM of a device is not considered to be in transit. b. RAM is where the data state changes from being at rest to in motion. c. Because RAM is where the http or https request is sent to the server, it the point where data is least secure. d. RAM only holds data and instructions temporarily; nothing is permanently stored in RAM.
d. RAM only holds data and instructions temporarily; nothing is permanently stored in RAM.
Software-based keyloggers often infect a system through a. browsing activity that frequently takes the user to illegitimate sites. b. the use of packet sniffers. c. password-change processes that automatically generate options. d. a malicious email or link opened by an unsuspecting user
d. a malicious email or link opened by an unsuspecting user
What is a cybersecurity threat? a. disruptions that may cause the loss of IT assets and that always result in the loss of assets b. threats to the security of data and information and to the operation of software or hardware c. damage caused by intentional actions or events and by unintentional or accidental events d. an event or condition that can lead to IT asset loss and the negative consequences of such loss
d. an event or condition that can lead to IT asset loss and the negative consequences of such loss
Which of the following is an example of an activity that would be useful during the planning stage of the plan-protect-respond cycle? a. conducting remote maintenance activities b. creating identity management protections c. providing awareness training to staff so that they know what phishing attempts to be wary of d. attempting to exploit flaws from the outside, simulating attacks that a hacker would try
d. attempting to exploit flaws from the outside, simulating attacks that a hacker would try
What is the "DE" function in the National Institute of Standards Technology (NIST) Cybersecurity Framework? a. determine function b. develop function c. deter function d. detect function
d. detect function
In cybersecurity risk analysis, PML (probable maximum loss) is used to a. following a data breach, PML is used to determine the extent of the damage. b. determine the cost of replacing hardware such as computers due to employee negligence. c. determine the depreciation of a company's assets, such as computer hardware. d. help determine spending needed to adequately secure an organization's IT infrastructure.
d. help determine spending needed to adequately secure an organization's IT infrastructure.
What does the General Data Protection Regulation (GDPR) regulate? a. how individuals share personal data on social media b. how the government protects health data c. how voting organizations maintain voter ballots d. how companies protect personal data
d. how companies protect personal data
An email that appears to be from a legitimate company is most likely to be a social engineering cybersecurity attack if a. it comes from a close friend or someone you know well. b. it is a duplicate of another email that the company has previously sent. c. it makes a false claim about the company's products or services. d. it contains a link to a free offer that seems too good to be true.
d. it contains a link to a free offer that seems too good to be true.
To properly authenticate, or verify, the identity of authorized users and protect assets from unauthorized users, it is essential to a. conduct confidential background checks on all users. b. make the names of authorized users confidential. c. allow remote access only from confidential locations. d. keep user logins and passwords confidential.
d. keep user logins and passwords confidential.
What part of the plan-protect-respond cycle is occurring when an organization limits access to sensitive documents on a server to only those with the required security clearance? a. plan b. This scenario does not represent a part of the plan-protect-respond cycle. c. respond d. protect
d. protect
Which threat to cybersecurity can only come from outside an organization? a. responses to impersonation b. unnoticed erasure or corruption of data c. intentional attacks on systems and data d. ransomware
d. ransomware
Which function of the NIST Cybersecurity Framework calls for an organization to implement plans for resilience? a. protect (PR) function b. respond (RC) function c. identify (ID) function d. recover (RC) function
d. recover (RC) function
What is the goal of the NIST Cybersecurity Framework Protect (PR) function? a. to help protect consumers who buy and use devices that connect to the Internet by offering organizations best practice guidelines b. to help protect organizations from lawsuits spawned by data breaches by offering legal advice c. to help protect organizations from insider trading by offering guidelines on employee ethics d. to help protect an organization's IT infrastructure from security breaches by offering guidelines on IT infrastructure protection
d. to help protect an organization's IT infrastructure from security breaches by offering guidelines on IT infrastructure protection