Computer Concept for End Users: Unit 7
Spam accounts for approximately ______ of all email.
70%
______ can be used to flood a Web site with so much traffic that it can no longer provide its intended service
DDoS, botnets, and commands from a botmaster
The current method of encrypting communication between a client and a server depends on a security protocol called _______
TLS
Which of the following would be considered spyware?
a keylogger
Blacklist and header filtering is usually performed by email clients and Webmail services.
false
Correctly installed antivirus software will prevent all intrusions.
false
IMSI catchers are operated by cellular service companies.
false
If you are traveling and expect to access files on a computer that you've left at home, make sure the remote access utilities is turned off.
false
It is not possible to encrypt a Windows hard drive volume.
false
Microsoft uses a service called Safe Browsing to alert users about sites to avoid.
false
Most ISPs and email services do not use filtering techniques to block spam.
false
Most massmailing databases are legitimately compiled from customer lists.
false
Once you have installed antivirus software, you don't typically need to keep it running full time in the background
false
Pharming attacks carried out by DNS spoofing can be detected by antivirus software or spyware removal software
false
The CANSPAM Act is considered an effective means of controlling the volume of spam on the Internet.
false
The objective of a MITM attack is for a third party to block communications between two entities.
false
Viruses spread themselves from one device to another
false
n addition to replicating itself, a virus selfdistributing.
false
Similar to a worm, a trojan is not designed to spread itself to other devices.
false
A spam __________ uses a set of rules to examine email messages and determine which are spam.
filter
A(n) __________ is a device or software that is designed to block unauthorized access while allowing authorized communications.
firewall
Antivirus software can use techniques called__________ to detect malware by analyzing the characteristics and behavior of suspicious files.
heuristic analysis
A virus __________ usually arrives as an email message that contains warnings about a supposedly new virus.
hoax
A cryptographic ________ is a word, number, or phrase that must be known to encrypt or decrypt data.
key
Passwords used as encryption ________ help to make hijacked data unusable.
keys
A password manager can store passwords in an encrypted file located at which of the following storage locations?
local storage, cloud storage, USB storage
________ refers to any computer program designed to surreptitiously enter a digital device.
malware
Common classifications of _________ include viruses, worms, and trojans.
malware
Which of the following sequence of events best describes an online intrusion?
malware enters the device, then opens a backdoor, leading to an open communication link on the device that a hacker can exploit
. A network utility called ______________ produces a detailed list of open ports on a device.
netstat
Which of the following can be used to block unauthorized access while allowing authorized communications on a device or network?
network router, personal firewall and hardware that uses a NAT
A(n) ________________ takes place when an unauthorized person gains access to a digital device by using an Internet connection and exploiting vulnerabilities in hardware or software.
online intrusion
If you feel more secure with a totally random and unique password for each of your logins, then a(n) _______________ is an excellent option.
password manager
Which of the following is not an example of an authentication protocol?
password, PINs, fingerprint scanner
The core function of a password manager is to store user IDs with their corresponding ________.
passwords
The action carried out by malware code is referred to as a(n) _______.
payload
_________ redirects Web site traffic to fraudulent Web sites
pharming
. ________ is an email scam that masquerades as a message from a legitimate source.
phishing
A(n) __________ pings a packet of data to a port in order to see if that port is open or not.
port scan
___________ is a term describing spam that uses a false pretext to trick victims into participating.
pretexting
___________ locks a device and then requests payment for an unlocking code
ransomware
. A ______________ exploit usually begins with a virus warning and an offer to disinfect the infected device.
rogue antivirus
any code that is designed to hide the existence of processes and privileges is referred to as a(n) _______.
rootkit
____________ is a service offered by Google that checks URLs against a list of suspicious Web site URLs.
safe browsing
One method of heuristic analysis allows the suspicious file to run in a guarded environment called a(n) ___________ .
sandbox
What is the process called when an app from a source other than an official app store is installed on a device?
side-loading
A virus __________ is a section of program code that contains a unique series of instructions known to be part of a malware exploit.
signature
Which type of device is the top target for ransomware?
smartphones
Trojans depend on ________ to spread.
social engineering
______________ is a deceptive practice that exploits human psychology by inducing victims to interact with a digital device in a way that is not in their best interest.
social engineering
__________ is defined as unsolicited messages that are usually sent in massive numbers using electronic mail systems.
spam
. Which of the following is not a characteristic of a computer worm?
spread through a process called side-loading
Any software that secretly gathers personal information without the victim's knowledge is classified as __________.
spyware
A(n) _______ password is difficult to hack.
strong
If you use a password manager, what do you as the user need to remember?
the master password
A(n) __________ is a computer program that seems to perform one function while actually doing something else.
trojan
_________ are standalone programs that masquerade as useful utilities or applications
trojan
A botnet has a server that is controlled by hackers.
true
A key characteristic of viruses is their ability to lurk in a device for days or months, quietly replicating themselves.
true
Antivirus software cannot be expected to block threats that do not arrive in the form of malware.
true
Any data entering a digital device could be malware.
true
Brute force attacks methodically try every possible password until the correct one is found
true
Heuristics may produce false positives that mistakenly identify a legitimate file as malware
true
If a hacker intercepts encrypted data by way of a MITM attack, the contents of that data is not always secure.
true
Most trojans are not designed to replicate themselves
true
OS X devices include a utility that automatically encrypts data stored locally.
true
Password managers can generate unique passwords that have very good entropy
true
RATs can be used to create a backdoor to a victim's device that takes control of the device's camera.
true
Social engineering attacks prey on human vulnerabilities
true
The most common types of PUPs and PUAs are toolbars and alternative browsers.
true
The single most effective security measure for digital devices is to password protect access to them.
true
Hackers can use ports to communicate with devices in botnets
true
Spam sent by scammers often uses spoofed email addresses.
true
A computer _________ is a set of selfreplicating program instructions that surreptitiously attaches itself to a legitimate executable file on a host device.
virus
Stuxnet is a notorious computer _______.
worm
A computer _______ is a selfreplicating, selfdistributing program designed to carry out unauthorized activity on a victim's device.
worm
A(n) ______________ attack exploits previously unknown vulnerabilities in software applications, hardware, and operating system program code
zero-day
There are various encryption methods, but __________ is the encryption standard currently used worldwide.
AES
_______ is a 64bit number that uniquely identifies a cellular device.
IMSI
____________ is a term for a person who devises and carries out a scam in order to accomplish a goal.
NOT main-in-the-middle, internet worm or RAT
What is the term used to describe unwanted software that installs along with the application software that you originally downloaded and installed?
PUP
A ___________ is malware that arrives in a trojan disguised as legitimate software and sets up a secret communication link to a hacker
RAT
__________ changes an originating address or a destination address to redirect the flow of data between two parties.
address spoofing
MITM attacks include which of the following
address spoofing, IMSI catchers, evil twins
A social engineering scam called ___________ is when a victim is promised a large sum of money in exchange for a bank account number from which a small advance fee is withdrawn.
advance fee fraud
A cryptographic __________ is a procedure for encryption or decryption.
algorithm
_____________ software shields certain applications against behaviors commonly exhibited by intrusions
anti-exploit
The best defense against malware is _____________
antivirus software
Android devices automatically encrypt data stored on the device when a user activates the login password.
false
A(n) __________ is an undocumented method of accessing a digital device.
backdoor
Password entropy is a measure in _____ of a password's unpredictability
bits
Hackers who gain control over several computers can organize them into a clientserver network known as a(n) _______.
botnet
Which of the following type of attack uses passwordcracking software to generate every possible combination of letters, numerals, and symbols.
brute force
__________ is the process of modifying an executable file or data stream by adding additional commands
code injection
When antivirus software detects malware, which of the following would not be a course of action you could take?
conduct a heuristic analysis
A(n) _________ is designed to deliver malicious code into a device.
dropper
Conventional wisdom tells us that strong passwords are at least _____ characters in length and include one or more uppercase letters, numbers, and symbols.
eight
Which of the following is not a characteristic of a weak password?
eight characters in length and include one or more uppercase letters, numbers and symbols
If you want to store passwords on your digital device, make sure to _________ the file in which they are stored.
encrypt
Which of the following terms would best match this definition: Transforms a message or data file in such a way that its contents are hidden from unauthorized readers.
encryption
Password managers store passwords in a(n) _________ file
enrypted
Password _________ is a measure in bits of a password's unpredictability.
entropy
Which of the following is not a type of spam filter?
entropy
A(n) _____________ is a LAN server that is designed to look like a legitimate WiFi hotspot
evil twin
To establish a(n) ________, hackers set up an unsecured WiFi hotspot complete with an Internet connection.
evil twin
An original message or file that has not yet been encrypted is referred to as ciphertext.
false
