CGGS
A computer virus is______.
malware that, when executed, adversely affects performance or damages programs
The purpose of spyware is to ______.
capture the user's account data, passwords, key strokes, and more
The essential function of malicious bots is to ______.
control an individual computer by self-replicating and connecting to a central server
A Trojan horse achieves its purposes through ______.
deceptive access
Ransomware basically holds a target hostage because it ___ .
encrypts the victim's data
When employers deactivate former employees' username and passwords, they are using which tool that ensures confidentiality? More than one answer may be correct.
Authentication Access control
Why is preserving the integrity of data, information, and systems an important cybersecurity goal?
If the consistency, accuracy, or dependability of these assets has been compromised, they lose their usefulness and value.
Which of the following statements accurately describes spyware? More than one answer may be correct.
Spyware captures private information by monitoring how users interact online. Downloading software or documents from unvetted sources is one way spyware can be installed.
What are the different types of cybersecurity threats? Select all the correct options.
The negative consequences or impact of losing IT assets. An event or act that could cause the loss of IT assets. A condition that could cause the loss of IT assets.
For a cybersecurity plan to succeed, which of the following must remain confidential? Select all correct answer options.
The organization's digital or computer systems Private or sensitive data and information The logins and passwords of authorized users
Adware specifically functions to ______.
present advertisements to users based on their browsing behaviors
A keylogger can be accurately described as ______.
technology that captures keyboard input on several types of devices to glean confidential information
The cybersecurity term "social engineering" is best defined as ______.
the act of manipulating or tricking people into sharing their confidential, personal information
Establishing authentication procedures is a common cybersecurity goal because ______.
verifying that prospective users are authorized to access resources is the first step in keeping unauthorized users out
Which of the following is an example of data in transit? More than one answer may be correct.
A person uses an app on their smartphone to check their bank balance. At home, a person sends a photo taken on their smartphone to display on their smart TV.
How does a rootkit pose a cybersecurity threat? More than one answer may be correct.
A range of malicious actions is possible because the invader has the same access as the computer's owner or user. Installed on a computer's operating system, a rootkit bypasses security functions.
To get to the bottom of the odd computer problems she was having, Priya listed these symptoms: files mysteriously disappearing, system configurations unexpectedly altered, and two icons showing up for applications she did not download. What malware could have been installed on Priya's computer?
A rootkit
What is the correct definition of a cybersecurity exploit?
A tool or technique for taking advantage of a cybersecurity vulnerability to break into a system and cause harm.
Which of the following is an example of data in process? More than one answer may be correct.
A username that has been submitted for authentication A password that has been submitted for authentication A food order placed through Uber Eats
Remote employees of a corporation are required to log into their company's virtual private network (VPN) before accessing files on the corporation's shared drive where corporate data are unreadable to unauthorized users. This is an example of which of the following tools that ensure confidentiality? More than one answer may be correct.
Access control Encryption Authentication
From the following list, select all the examples of internal threats to cybersecurity.
An attack by an authorized user The leakage of sensitive information An accidental erasure of data
Which of the following statements explain why a computer virus is so named? More than one answer may be correct.
An invaded computer inadvertently plays host to the malware. Computer viruses have the ability to reproduce themselves within a system.
Which of the elements of the CIA triad does serve in maintaining a properly functioning, error-free operating system?
Availability
How does cybersecurity help preserve the integrity of data, information, and systems? More than one answer may be correct.
Cybersecurity tools such as user-access controls, file permission, and version controls help prevent unauthorized changes. Cybersecurity systems are designed to detect unauthorized or unanticipated changes to data that suggest a loss of integrity. Cybersecurity threat mitigation includes measures to protect the consistency, accuracy, and dependability of these asse
______ are cybersecurity breaches that make a computer or online service unavailable to its users.
DDOS attacks
Which of the following is an example of a tool that could be used to ensure data integrity? More than one answer may be correct.
Data are regularly backed up. Data correction codes are used to ensure the data retrieved are the same as when it was stored.
Which of the following is considered a cybersecurity threat to data at rest? More than one answer may be correct.
Data will be viewed by unauthorized users. Data will be stolen.
Which of the following is an example of a task that might be completed during the planning stage of the plan-protect-respond cycle? More than one answer may be correct.
Determine the degree of vulnerability that exists. Determine what security flaws exist. Having an authorized user attempt to hack into the system to determine vulnerabilities.
According to the CIA triad, in which of the following examples is an organization ensuring data integrity? More than one answer may be correct.
During an acquisition, logistics data are securely transferred to the acquiring company's servers. Access to important data is limited so that only certain employees are able to modify that data.
Your grandfather learns that his identity has been stolen, and you suspect that social engineering attacks are responsible. To help him protect his personal information, you tell him how to recognize the most common attacks. From the following list, select all the possible warning signs.
E-mails or texts that ask him to click a given link for more information or a free download. E-mails or web pages that ask him to provide personal information to enter a contest or receive a free offer. Strange e-mails from his friends, family members, or seemingly trustworthy organizations.
Which of the following is a best practice for ensuring that data are available? More than one answer may be correct.
Having standby equipment available to take over in a situation where the main system fails. Storing data on multiple hard drives. Ensuring that the data server has an appropriate amount of bandwidth.
Data at rest or storage can be found in which of the following places? More than one answer may be correct.
In the cloud On an external hard drive
From the following list, select all types of events and conditions that are considered cybersecurity threats.
Intentional events Errors, weaknesses, or defects in IT assets Misuse or abuse of IT assets Failure of IT assets Unintentional, accidental, and incidental events
Which of the following statements refer to programs known as spiders, web crawlers, and bots? More than one answer may be correct.
Internet robots are used for both legitimate and malicious purposes. "Good bots" have diverse functions and do not pose security risks. Malicious bots create security risks by compromising a user's control of the computer.
A movie streaming company is offering an online deal on HD movies to new customers who live in a certain country. How can authentication help the company protect its assets and resources from fraudulent use of the deal? More than one answer may be correct.
It can grant the customer access to the appropriate movies. It can verify that the customer lives in the correct country. It can verify that the customer is new to the company or service.
Which of the following surveillance technologies relies on how data are entered into a system?
Keyloggers
Applying for credit or even a mortgage online is a straightforward process. After creating an account with a unique user name and password, a customer reads a privacy statement, reviews the security policy, and accepts the terms of use. Then they proceed to log in and fill out an application, answering detailed questions about household income, employment, and more. What cybersecurity risk is particularly relevant to this process?
Man-in-the-middle (MitM) attack
Where are data in transit found?
On a cellular network
Why is MitMo a growing security risk? More than one answer may be correct.
People use mobile devices in many of the same ways they use computers. Smartphones and other mobile devices are everywhere.
Malware that encrypts the victims data files and then demands that a payment is made to the hacker is called
Ransomware
Which of these threats to cybersecurity can only come from an external source?
Ransomware
Which of the following is an example of an event that may occur during the protect stage of the plan-protect-respond cycle? More than one answer may be correct.
Require all employees to attend training that outlines the different types of security threats their organization faces. Perform routine maintenance on organizational resources. Determine levels of access control.
Which of these defining components mitigate cybersecurity threats? Select all the correct options.
Security tools and oversight used to identify security threats. Policies and procedures used to protect systems and data. Policies, tools, and strategies used to reduce damage from threats.
Which of the following browsing situations may reveal that adware is at work? More than one answer may be correct.
Shortly after you buy and download a writing enhancement program, you begin seeing ads for special keyboards, styluses, and other assistive technology. You have been looking for a new winter coat, and three out of five ads popping up on your browser currently show the type of coat you have been considering. In searching the term database management, the first item you see in the results list is an ad for a particular online database.
Who are the prime targets of MitM attacks? More than one answer may be correct.
Software as a source (SaaS) businesses Anyone who logs in to shop online Anyone who uses online financial applications
Which of the following are considered cybersecurity breaches? More than one option may be correct.
Spyware Viruses Distributed Denial of Service (DDOS) Impersonation
Members of a project team at a mid-size company are trained in online safety, and their network is protected by a firewall. But the worst-case scenario has happened: a competitor has obtained protected information, possibly directly from a member's computer. George, the firm's system manager, sees some evidence of a Trojan horse that was engineered to steal passwords. What first steps should he and his security team take to uncover the source? More than one answer may be correct.
The security team should examine everyone's activity log, looking for any downloaded files or programs. They should comb through e-mails with an eye to a message with a clickable link.
What do many social engineering attacks have in common?
They are conducted via e-mails that offer a reward in exchange for clicking a given link.
What is the goal of the planning phase of the plan-protect-respond cycle?
Understand the steps needed to design effective information security architecture.
How are data in process different from data at rest or data in transit?
Unlike data in transit or storage, it can be found in a device's CPU.
From the following list, select all types of cybersecurity vulnerabilities.
Weaknesses or flaws in system security control Security weaknesses in an operating system or application software Weaknesses in system security procedures Weaknesses or flaws in a system's security design Weaknesses or flaws in system security implementation
Suppose an organization's system is vulnerable to losing information because its automated backup of data is insufficient or substandard. This type of cybersecurity vulnerability is ______.
a weakness in application software
The term "cybersecurity threat mitigation" refers to all of the policies, procedures, and tools used to ______.
guard against threats such as security incidents, data breaches, and unauthorized network access, and reduce any harm they cause
The need to keep sensitive data, information, and systems confidential ______.
is both a major goal and a requirement for cybersecurity
The cybersecurity risks known as Man-in-the-mobile (MitMo) are realized when ______.
malware infects smartphones and other mobile devices
A cybersecurity exploit is ______.
the means by which a hacker capitalizes on a cybersecurity vulnerability to gain access to and harm a system
In cybersecurity, the term "social engineering" refers to ______.
the unlawful manipulation of people in order to obtain and misuse their personal information
