ch3

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

t

Failing to prevent an attack all but invites an attack. True False

t

A DoS attack is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks. True False

t

A birthday attack is a type of cryptographic attack that is used to make brute-force attack of one-way hashes easier. True False

f

A dictionary password attack is a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource. True False

True

A man-in-the-middle attack takes advantage of the multihop process used by many types of networks. True False

t

An alteration threat violates information integrity. True False

Urgency

An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using? Vishing Urgency Whaling Authority

f

An attacker uses exploit software when wardialing. True False

Evil twin

Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place? Evil twin Wardriving Bluesnarfing Replay attack

Address Resolution Protocol (ARP) poisoning

Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place? Address Resolution Protocol (ARP) poisoning Internet Protocol (IP) spoofing URL hijacking Christmas attack

f

Denial of service (DoS) attacks are larger in scope than distributed denial of service (DDoS) attacks. True False

Typosquatting

Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using? Cross-site scripting Session hijacking SQL injection Typosquatting

Session hijacking

In which type of attack does the attacker attempt to take over an existing connection between two systems? Man-in-the-middle attack URL hijacking Session hijacking Typosquatting

Opportunity cost

Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales? Replacement cost Opportunity cost Manpower cost Cost of good sold

t

Rootkits are malicious software programs designed to be hidden from normal methods of detection. True False

f

Spam is some act intended to deceive or trick the receiver, normally in email messages. True False

t

Spyware gathers information about a user through an Internet connection, without his or her knowledge. True False

f

The anti-malware utility is one of the most popular backdoor tools in use today. True False

t

Using a secure logon and authentication process is one of the six steps used to prevent malware. True False

f

Wardialers are becoming more frequently used given the rise of Voice over IP (VoIP). True False

Trojan horse

What type of malicious software masquerades as legitimate software to entice the user to run it? Virus Worm Trojan horse Rootkit

Receptionists and administrative assistants

Which group is the most likely target of a social engineering attack? Receptionists and administrative assistants Information security response team Internal auditors Independent contractors

Espionage

Which one of the following is an example of a disclosure threat? Espionage Alteration Denial Destruction

Birthday attacks

Which password attack is typically used specifically against password files that contain cryptographic hashes? Brute-force attacks Dictionary attacks Birthday attacks Social engineering attacks

Threat

Which term describes an action that can damage or compromise an asset? Risk Vulnerability Countermeasure Threat

Protocol analyzer

Which tool can capture the packets transmitted between systems over a network? Wardialer OS fingerprinter Port scanner Protocol analyzer

Zero-day attack

Which type of attack against a web application uses a newly discovered vulnerability that is not patchable? SQL injection Cross-site scripting Cross-site request forgery Zero-day attack

Fabrication

Which type of attack involves the creation of some deception in order to trick unsuspecting users? Interception Interruption Fabrication Modification

Logic attack

Which type of denial of service attack exploits the existence of software flaws to disrupt a service? SYN flood attack Smurf attack Logic attack Flooding attack

White-hat hacker

Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri? Cracker White-hat hacker Black-hat hacker Grey-hat hacker

False

A phishing attack "poisons" a domain name on a domain name server. True False

f

Vishing is a type of wireless network attack. True False


Ensembles d'études connexes

Numbers 31 to 100 and Aggregative Number Hindi

View Set

States of Matter 1.11: Absolute Zero Wiva k12 Chemistry

View Set

Miss martin chapter 34 add for final

View Set

type of cardinality relationship

View Set

Ch 5: consolidation with less than 100% ownership

View Set

ACG2021 Chpt 3 and 4 Conceptual Questions

View Set