Intro to Cyber Security Final Exam
Which of the following is NOT an element that determines if the threat of cyber stalking is credible?
Susceptibility
What is the name of the group that consists of several thousand Chinese hackers whose stated goal is to infiltrate western computer systems?
The Chinese Eagle Union
Define industrial espionage
The use of spying to find out key information that is of economic value.
What is a term for a program that looks benign but actually has a malicious purpose?
Trojan horse
Which of the following is a type of Malware?
Trojan horse
Explain 2 ways a virus scanner works.
Uses a list of known viruses or look for unusual behavior
What is a disadvantage(s) of a DoS attack?
(1) They must be sustained (2) They can be tracked (D. B and C)
List the three types of firewalls .
(1)Packet inspection, (2) stateful packet inspection, and (3) application
Name the 4 categories of online auction fraud identified by the US FTC
1) Failure to send the merchandise 2) Sending something of lesser value than advertised 3) Failure to deliver in a timely manner 4) Failure to disclose all relevant information about a product or terms of the sale
Provide the two ways that viruses spread.
1) Scan your computer for connections to a network then copy itself to other machines on the network 2) Read your email
Why is having a password that is used in common language not safe?
A dicitonary attack will discover the password
Define a computer virus
A program that self-replicates
Name 3 binary operations in encryption.
AND, OR, XOR
Define Denial of Service (DoS)
An attack that prevents users from accessing the system
How long has information warfare existed?
As long as information has existed
Identify another name for the Shift Cipher.
Caesar Cipher
What is the first rule of computer security?
Check for patches
A protocol that translates web addresses into IP addresses is call what?
DNS
What policy determines what to do to recover data?
Disaster Recovery Plan
What is rule #1 of a cyber crime investigation?
Do not touch the suspect drive
Select which is not one of the four categories identified by the US FTC as auction.
Failure to send the merchandise to the appropriate address
What is the first step to understanding a computer and its security?
Formulating a realistic assessment of threat to the system
What is one of the most common dangers on the Internet?
Fraud
Which of the following distracts an attacker with information that will keep them connected long enough to give you the ability to track them?
Honey pot
Snort is an example of what kind if tool?
IDS, intrusion detection system
What makes the most prominent weakness of DOS attacks a problem for the attackers?
If you have to maintain a connection, you can be tracked
What property of information causes it to be stolen?
Information is an asset; it has value
What layer handles transmission across Ethernet, fiber, and wireless networks?
Layer 1, Physical layer
Routers are included in which layer?
Layer 3, Network Layer
In what layer does encryption take place?
Layer 6, Presentation Layer
White hat hackers are also known as what?
Penetration testers or Pen testers
What is the term for hacking a phone system?
Phreaking
This is Window's system configuration database in which system and application settings are stored. In particular, malware likes to modify this database to make the system run the malware at startup.
Registry
Name two of the seven types of threats identified in Chapter 1
Security breach, DoS, malware, phishing, web attacks, session hijacking, insider threats, DNS poisoning
Name three auction frauds listed by the FTC
Shill bidding, Bid shielding, Bid siphoning
Which of the following is not an attack that can be used by a black hat hacker?
Stack tweaking
What example of weaponized malware is given in the book?
Stuxnet
An exploit that is unknown to the product's developers but is know to a hacker is?
Zero day
What is the name for writing in or deciphering secret code?
cryptography
Where do you go to find the sex offender registry?
fbi.gov
What is the term used to describe making a computer system safer?
hardening
What label us given to a patch that should be applied unless you have a compelling reason otherwise?
important or critical
What is a document that defines a company's security?
security policy
What are two basic types of cryptography used today?
symmetric and asymmetric