Security+ Chapter 1
What is an elite hacker? - A hacker with a high level of technical ability - A hacker who has a wealthy background, and who is politically motivated - A hacker who has elitist ideas and hacks for political purposes - A hacker who searches for scripts and ready-made tools to use for attacks
A hacker with a high level of technical ability
What is an unstructured threat? - An elite hacker who mounts an attack against a specific target - A poorly engineered building - A type of malicious code that formats the hard drive on a computer. - An attack that is uncoordinated, nonspecific, and lasts a short amount of time
An attack that is uncoordinated, nonspecific, and lasts a short amount of time
What is a structured threat? - An attack that uses coordination, insiders, and lasts for a long period of time - A type of malicious code that formats the hard drive on a computer - An attempt to weaken infrastructure - An official threat from a terrorist organization
An attack that uses coordination, insiders, and lasts for a long period of time
In April 2009, Homeland Security Secretary Janet Napolitano told reporters - Organized crime made attempts to break into the US electric power grid - Hacktivists made attempts to break into the US electric power grid - Terrorists made attempts to break into the US electric power grid - China and Russia made attempts to break into the US electric power grid
China and Russia made attempts to break into the US electric power grid
The message "Hacked by Chinese," was left by the - Melissa virus - Love Letter virus - Slammer Worm - Code Red Worm
Code Red Worm
What is the most common threat to information security in an organization? - Computer viruses - Power surges - Forgotten passwords - SPAM
Computer viruses
Each of the infected systems became part of what is known as a bot network, which could be used to cause a DoS attack on a target or to forward spam e-mail to millions of users, as a result of the - Slammer Worm - Morris Worm - Conficker - Melissa Worm
Conficker
One of the hardest threats that the security professional will have to deal with is the elite hacker. True or False
False
One significant trend observed over the last several years has been the decrease in the number of computer attacks by nonaffiliated intruders as opposed to attacks by organized hacking groups, criminal organizations, or nations. True or False
False
The Code Red Worm spread to 350,000 computers in just over a week. True or False
False
The biggest change that has occurred in security over the last 30 years has been the change in the computing environment from small, tightly contained mainframes to a highly widespread network of much larger systems. True or False
False
The steps an attacker takes in attempting to penetrate a targeted network are extremely different from the ones that a security consultant performing a penetration test would take. True or False
False
There are three general reasons a particular computer system is attacked: It is specifically targeted by the attacker, it is a target of opportunity, or it is a target that was specified to be attacked by a larger criminal organization. True or False
False
Who is Kevin Mitnick? - He used social engineering, sniffers, and cloned cell phones to gain unauthorized access to networks belonging to Motorola, Novell, Fujitsu, and Sun Microsystems. - He made bank transfers from St. Petersburg using the Citibank cash management system. - He gained access to a loop carrier system operated by NYNEX and cut off FAA control tower and emergency services. - He developed the "Love Bug" love-letter virus that spread to 45 million people
He used social engineering, sniffers, and cloned cell phones to gain unauthorized access to networks belonging to Motorola, Novell, Fujitsu, and Sun Microsystems.
What is a port scan? - Identifies what ports can be used to smuggle information across borders - Identifies ports that are open and services that are running - Identifies the USB, parallel, and serial ports that can be used to connect to the system - Identifies the IP addresses of computers on the network
Identifies ports that are open and services that are running
If the system is infected with a time bomb, it means that - It has a virus that will do physical damage to the computer. - It has equipment that is coming close to the end of its life cycle. - It has a piece of malicious code that will be triggered at a certain time. - It has a piece of malicious code that will be triggered by a certain user activity
It has a piece of malicious code that will be triggered at a certain time.
When users are unable to access information or the systems processing information, you may have suffered a - Loss of confidentiality - Loss of integrity - Loss of authentication - Loss of availability
Loss of availability
When information is disclosed to individuals not authorized to see it, you have suffered a - Loss of confidentiality - Loss of integrity - Loss of functionality - Loss of availability
Loss of confidentiality
A successful attack on a network may adversely impact security in all the following ways EXCEPT: - Loss of confidentiality - Loss of integrity - Loss of functionality - Loss of availability
Loss of functionality
When information is modified by individuals not authorized to change it you have suffered a - Loss of confidentiality - Loss of integrity - Loss of functionality - Loss of availability
Loss of integrity
What was the Slammer Worm/Virus? - It was a macro virus that spread by emailing the first 50 people in the victim's address book with the subject: Important message. - The first Internet worm that "slammed" the Internet, created by a graduate student at Cornell University in 1988. - Malware that exploited Microsoft SQL Server and spread across the world in just 10 minutes. - Malware that would "slam" shut your computer by not allowing you to log in.
Malware that exploited Microsoft SQL Server and spread across the world in just 10 minutes.
A ping sweep - Is a method of clearing your network - Sends ICMP echo requests to the target machine - Determines what services are running on a system - Is an exploit that creates a denial of service (DoS) using ICMP echo requests
Sends ICMP echo requests to the target machine
What is the most common name for the first large-scale attack on the Internet that occurred in November of 1988? - The Code Red Worm - The Morris Worm - The Slammer Worm - The Jester Worm
The Morris Worm
As the level of sophistication of attacks has increased, - The level of knowledge necessary to exploit vulnerabilities has increased - The level of knowledge necessary to exploit vulnerabilities has decreased - The level of skill necessary to exploit vulnerabilities has increased - The amount of exploit software available on the Internet has decreased
The level of knowledge necessary to exploit vulnerabilities has decreased
Why is the Morris worm significant? - It placed embarrassing text on people's screens. - This was the first large-scale attack on the Internet. - It was the very first virus on the Internet. - It attacked the Windows operating system.
This was the first large-scale attack on the Internet.
Fifty years ago, few people had access to a computer system or network, so securing them was a relatively easy matter. True or False
True
The first step an administrator can take to minimize possible attacks is to ensure that all patches for the operating system and applications are installed. True or False
True
There are a number of different threats to security, including viruses and worms, intruders, insiders, criminal organizations, terrorists, and information warfare conducted by foreign countries. True or False
True
Viruses have no useful purpose. True or False
True
According to the Computer Crime and Security Survey, the four types of attacks that increased from 2007 to 2008 were - Viruses, insider abuse, laptop theft, and unauthorized access - Unauthorized access, theft/loss of proprietary information, misuse of web applications, and DNS attacks - Viruses, insider abuse, misuse of web applications, and DNS attacks - Laptop theft, unauthorized access, and theft/loss of proprietary information
Unauthorized access, theft/loss of proprietary information, misuse of web applications, and DNS attacks
Information warfare is - A video game - Warfare conducted against information and information processing equipment - A type of malicious code that "declares war" on a network by formatting the hard drives on computers and copying itself to other computers - A weapon that uses microwaves to destroy enemy vehicles
Warfare conducted against information and information processing equipment
The term "script kiddies" refers to - A hacker of low-end technical ability - A children's television show - A type of video game - An Internet site for peer-to-peer music sharing
A hacker of low-end technical ability
The term "hacktivist" refers to - A hacker who works for the government - A hacker with low technical ability - A hacker who is motivated by a political agenda - A hacker who can write scripts
A hacker who is motivated by a political agenda
What is Solar Sunrise? - An attack that was made to look like an attack from Iraq, but was actually made by two teenagers from California who got training in Israel - Electronic interference resulting from solar flares, occurring most commonly in the early morning hours. - A penetration test conducted by the FBI and other government agencies to test the defenses of government networks and critical infrastructure - The name of a virus that would "burn up" your hard drive at 6 A.M on the day of the summer solstice
An attack that was made to look like an attack from Iraq, but was actually made by two teenagers from California who got training in Israel
The first step an administrator can take to reduce possible attacks is to - Ensure all patches for the operating system and applications are installed - Install a firewall - Install anti-spyware software - Configure an intrusion detection system
Ensure all patches for the operating system and applications are installed
