Chapter 4 Test Prep
A specific encryption method is called a ________. key method cipher code schema
cipher
In which type of attack does the attacker gather extensive sensitive personal information about its victim? credit card number theft identity theft both A and B neither A nor B
identity theft
Which is more harmful to the victim? identity theft credit card number theft both A and B are about equally harmful
identity theft
The general term for evil software is ________. worm virus malware all of the above
malware
DoS attacks attempt to ________. steal information from a computer reduce the availability of a computer delete files on a computer hack a computer
reduce the availability of a computer
In a ________ attack, the attacker encrypts some or all of the victim's hard drive. ransom DoS lock virus
ransom
Traditionally, we have told users that passwords ________. should be easy to remember should have a mix of characters (uppercase and lowercase letters, digits, other keyboard characters) both A and B neither A nor B
should have a mix of characters (uppercase and lowercase letters, digits, other keyboard characters)
Which of the following attach themselves to other programs? worms viruses both A and B neither A nor B
viruses
You accidentally discover that you can get into other e-mail accounts after you have logged in under your account and only spend a few minutes looking at another user's mail. Is that hacking? yes no We cannot say from the information given.
yes
________ is a program that can capture passwords as you enter them. Data mining software A keystroke logger both A and B neither A nor B
A keystroke logger
________ attacks typically extend over a period of months. Spear phishing Advance Persistant Threats DDoS Malware
Advance Persistant Threats
________ is the GENERAL name for malware on a user's PC that collects sensitive information and sends this information to an attacker. Data mining software Anti-privacy software Spyware Antivirus
Spyware
A spear phishing attack is usually aimed at ________. everyone a group an individual all of the above
an individual
Requiring someone prove his or her identity is ________. authentication confidentiality authorization both B and C
authentication
Employees often attack ________. for revenge for money both A and B neither A nor B
both A and B
In terms of security thinking, "insiders" include ________. employees many contractors working for the company both A and B neither A nor B
both A and B
Attack programs that can be remotely controlled by an attacker are ________. sock puppets bots both A and B neither A nor B
bots
The Target attackers probably first broke into Target using the credentials of a(n) ________. employee in a firm outside Target low-level Target employee Target IT employee Target security employee
employee in a firm outside Target