Quiz #3 Info Sec
TRUE
Falling to prevent an attack all but invites an attack
TRUE
A birthday attack is a type of cryptography attack that is used to make brute-force attack of one-way hashes easier
TRUE
A phishing email is a fake or bogus email intended to trick the recipient into clicking on an embedded URL link or opening an email attachment
FALSE
A rootkit uses a directed broadcast to create a flood of network traffic for the victim computer
TRUE
An alteration threat that violates information integrity
Evil twin
Barry discovers that an attacker is running an access point in building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?
80
Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?
Typosquatting
Florian recently purchased a set of domain names that are similar to those legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using?
Opportunity Cost
Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales?
TRUE
Rootkits are malicious software programs designed to be hidden from normal methods of detection
FALSE
Spam is some act intended to deceive or trick the receiver, normally in email messages
TRUE
Spyware gathers information about a user through an Internet connection, without his or her knowledge
FALSE
The anti-malware utility is one of the most popular backdoor tools in use today
TRUE
Using a secure logon and authentication process is one of the six steps used to prevent malware
FALSE
Wardialers are becoming more frequently used given the rise of Voice over IP (VoIP)
TRUE
When servers need operating system upgrades or patches, administrators take them off line intentionally so they can perform the necessary work without risking malicious attacks
Firewalls
Which control is not designed to combat malware?
Receptionists and administrative assitants
Which group is the most likely target of a social engineering attack?
Logic Attack
Which type of denial of service attack exploits the existence of software flows to disrupt a service?
White-hat hacker
Yuri is a skilled computer expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contact. What type of person is Yuri?
Espionage
Which one of the following is an example of a disclosure threat?
Birthday attacks
Which password attack is typically used specifically against password files that contain cryptographic hashes?
Threat
Which term describes an action that can damage or compromise an asset?
Protocol Analyzer
Which tool can capture the packets transmitted between systems over a network?
Zero-day attack
Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?