IS360 Chapter 8 Quiz

True or False? Spyware does not use cookies.

False

What file type is least likely to be impacted by a file infector virus?

.docx

Larry recently viewed an auction listing on a website. As a result, his computer executed code that popped up a window that asked for his password. What type of attack has Larry likely encountered?

Cross-site scripting (XSS)

What type of attack occurs in real time and is often conducted against a specific target?

Direct

True or False? A port-scanning tool enables an attacker to escalate privileges on a network server.

False

True or False? A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information.

False

True or False? Hijacking refers to the use of social engineering to obtain access credentials, such as usernames and passwords.

False

True or False? Stealth viruses attack countermeasures, such as antivirus signature files or integrity databases, by searching for these data files and deleting or altering them

False

True or False? Stealth viruses attack countermeasures, such as antivirus signature files or integrity databases, by searching for these data files and deleting or altering them.

False

True or False? System infectors are viruses that attack document files containing embedded macro programming capabilities.

False

Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she filter?

Internet Control Message Protocol (ICMP)

Hacking groups create _______ to launch attacks whereby they infect vulnerable machines with agents that perform various functions at the command of the controller.

botnets

What program, released in 2013, is an example of ransomware?

CryptoLocker

Which type of virus targets computer hardware and software startup functions?

System infector

Alison is a security professional. A user reports that, after opening an email attachment, every document he saves is in a template format and other Microsoft Word documents will not open. After investigating the issue, Alison determines that the user's Microsoft Office normal.dot template has been damaged, as well as many Word files. What type of virus is the most likely cause?

Macro virus

Arturo discovers a virus on his system that resides only in the computer's memory and not in a file. What type of virus has he discovered?

Slow virus

The chief executive officer (CEO) of a company recently fell victim to an attack. The attackers sent the CEO an email that appeared to come from the company's attorney. The email was informing him that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place?

Spear phishing

Bob is developing a web application that depends upon a database backend. What type of attack could a malicious individual use to send commands through his web application to the database?

Structured Query Language (SQL) injection

Lin installed a time-management utility that she downloaded from the Internet. Now several applications are not responding to normal commands. What type of malware did she likely encounter?

Trojan horse

True or False? A backdoor is a hidden way to bypass access controls and allow access to a system or resource.

True

True or False? A computer virus is an executable program that attaches to , or infects, other executable programs.

True

True or False? A computer virus is an executable program that attaches to, or infects, other executable programs.

True

True or False? A rootkit is a type of malware that modifies or replaces one or more existing programs to hide the fact that a computer has been compromised.

True

True or False? Attacks against confidentiality and privacy, data integrity, and availability of services are all ways malicious code can threaten businesses.

True

True or False? Because people inside an organization generally have more detailed knowledge of the IT infrastructure than outsiders do, they can place logic bombs more easily.

True

True or False? Security breaches perpetrated by current and former employees often go undetected due to weak personnel and security policies or ineffective countermeasures.

True

True or False? The function of homepage hijacking is to change a browser's homepage to point to the attacker's site.

True

True or False? The success of Trojans is due to their reliance on social engineering to spread and operate; they have to trick users into running them

True

True or False? The term "web defacement" refers to someone gaining unauthorized access to a web server and altering the index page of a site on the server

True

Wen is a network security professional. He wants to strengthen the security of his agency's network infrastructure defenses. Which control can he use to protect the network?

Use proxy services and bastion hosts to protect critical services

What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?

Whois