Network Quiz 03

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Spam is some act intended to deceive or trick the receiver, normally in email messages. True False

False

The anti-malware utility is one of the most popular backdoor tools in use today. False True

False

The main difference between a virus and a worm is that a virus does not need a host program to infect. False True

False

An alteration threat violates information integrity. False True

True

Spyware gathers information about a user through an Internet connection, without his or her knowledge. True False

True

A dictionary password attack is a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource. True False

False

An attacker uses exploit software when wardialing. False True

False

Which tool can capture the packets transmitted between systems over a network? Port scanner OS fingerprinter Wardialer Protocol analyzer

Protocol analyzer

Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri? Grey-hat hacker Cracker White-hat hacker Black-hat hacker

White-hat hacker

Which type of attack against a web application uses a newly discovered vulnerability that is not patchable? Cross-site scripting SQL injection Zero-day attack Cross-site request forgery

Zero-day attack

Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service? 23 443 21 80

80

A phishing attack "poisons" a domain name on a domain name server. True False

False

Which one of the following is an example of a disclosure threat? Denial Alteration Espionage Destruction

Espionage

Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place? Bluesnarfing Replay attack Wardriving Evil twin

Evil twin

Which type of attack involves the creation of some deception in order to trick unsuspecting users? Fabrication Modification Interruption Interception

Fabrication

A rootkit uses a directed broadcast to create a flood of network traffic for the victim computer. False True

False

Vishing is a type of wireless network attack. False True

False

Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place? Address Resolution Protocol (ARP) poisoning Christmas attack URL hijacking Internet Protocol (IP) spoofing

Address Resolution Protocol (ARP) poisoning

Which password attack is typically used specifically against password files that contain cryptographic hashes? Social engineering attacks Birthday attacks Brute-force attacks Dictionary attacks

Birthday attacks

Denial of service (DoS) attacks are larger in scope than distributed denial of service (DDoS) attacks. False True

False

Wardialers are becoming more frequently used given the rise of Voice over IP (VoIP). True False

False

Which control is not designed to combat malware? Awareness and education efforts Firewalls Antivirus software Quarantine computers

Firewalls

Which type of denial of service attack exploits the existence of software flaws to disrupt a service? SYN flood attack Smurf attack Flooding attack Logic attack

Logic attack

Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales? Opportunity cost Replacement cost Manpower cost Cost of good sold

Opportunity cost

Tony is working with a law enforcement agency to place a wiretap pursuant to a legitimate court order. The wiretap will monitor communications without making any modifications. What type of wiretap is Tony placing? Active wiretap Passive wiretap Between-the-lines wiretap Piggyback-entry wiretap

Passive wiretap

Which group is the most likely target of a social engineering attack? Independent contractors Receptionists and administrative assistants Internal auditors Information security response team

Receptionists and administrative assistants

In which type of attack does the attacker attempt to take over an existing connection between two systems? Typosquatting Session hijacking URL hijacking Man-in-the-middle attack

Session hijacking

Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place? Phishing Social engineering Spim Spam

Spim

Which term describes an action that can damage or compromise an asset? Vulnerability Risk Countermeasure Threat

Threat

What type of malicious software masquerades as legitimate software to entice the user to run it? Worm Trojan horse Virus Rootkit

Trojan horse

A DoS attack is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks. False True

True

A birthday attack is a type of cryptographic attack that is used to make brute-force attack of one-way hashes easier. False True

True

A man-in-the-middle attack takes advantage of the multihop process used by many types of networks. False True

True

A phishing email is a fake or bogus email intended to trick the recipient into clicking on an embedded URL link or opening an email attachment. False True

True

Failing to prevent an attack all but invites an attack. True False

True

Rootkits are malicious software programs designed to be hidden from normal methods of detection. False True

True

Using a secure logon and authentication process is one of the six steps used to prevent malware. False True

True

When servers need operating system upgrades or patches, administrators take them offline intentionally so they can perform the necessary work without risking malicious attacks. True False

True

Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using? Cross-site scripting Session hijacking SQL injection Typosquatting

Typosquatting

An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using? Authority Vishing Urgency Whaling

Urgency


Kaugnay na mga set ng pag-aaral

Voices and Visions: Chapter 5 War and Peace

View Set

Hello Universe Chapter 30, 31, 32

View Set

Chapter 2- HW *Unfinished*, ch 2. some tools of the economists: aplia homework, ECON 102- Problem Solving: Thinking Like an Economist, ECON 330 CH 1, ch 1 hw econ, Economics Final 2100, Macroeconomics Chapter 2

View Set