CTI120 Final Study Guide
botnet
A ________ is a group of compromised or hacked computers (bots) controlled by an individual with malicious intent.
online
The individual user profile on a social network site is an example of a/an ________ identity
Data Encryption, username id and password, two factor authentication
What are three methods that can be used to ensure confidentiality of information?
Internal users have direct access to the infrastructure devices.
What is a reason that internal security threats might cause greater damage to an organization than external security threats?
DDoS
What type of attack disrupts services by overwhelming network devices with bogus traffic?
Hacktivists
make political statements in order to create an awareness of issues that are important to them
The cloud storage service is an approved application for the online printing service.
A consumer would like to print photographs stored on a cloud storage account using a third party online printing service. After successfully logging into the cloud account, the customer is automatically given access to the third party online printing service. What allowed this automatic authentication to occur?
Save the passwords in a centralized password manager program.
A user is having difficulty remembering passwords for multiple online accounts. What is the best solution for the user to try?
if the laptop requires user authentication for file and media sharing
A user is surfing the Internet using a laptop at a public WiFi cafe. What should be checked first when the user connects to the public network?
firewall
Any device that controls or filters traffic going in or out of the network is known as a
Data Encryption
As data is being stored on a local hard disk, which method would secure the data from unauthorized access?
Connect with a VPN service.
How can a user prevent others from eavesdropping on network traffic when operating a PC on a public Wi-Fi hot spot?
Operate the web browser in private browser mode.
How can users working on a shared computer keep their personal browsing history hidden from other workers that may use this computer?
they are infected machines that carry out a DDoS attack.
In what way are zombies used in security attacks?
A group of environmentalists launch a denial of service attack against an oil company that is responsible for a large oil spill.
What is an example of "hacktivism"?
privacy
What is another name for confidentiality of information?
Always disable Bluetooth when it is not actively used.
What is the best method to prevent Bluetooth from being exploited?
Malicious Action
What is the last stage of the Cyber Kill Chain framework?
to increase web traffic to malicious sites
What is the most common goal of search engine optimization (SEO) poisoning?
discovering weaknesses of networks and systems to improve the security level of these systems
What is the motivation of a white hat attacker?
to prevent the target server from being able to handle additional requests
What is the primary goal of a DoS attack?
to gain privileged access to a device while concealing itself
What is the purpose of a rootkit?
integrity, confidentiality, availability
What three items are components of the CIA triad?
prevent the broadcast of an SSID
Which configuration on a wireless router is not considered to be adequate security for a wireless network?
An email is sent to the employees of an organization with an attachment that looks like an antivirus update, but the attachment actually consists of spyware.
Which example illustrates how malware might be concealed?
checksum
Which method is used to check the integrity of data?
NetFlow
Which protocol is used by the Cisco Cyberthreat Defense Solution to collect information about the traffic that is traversing the network?
It is Internet-based conflict that involves the penetration of information systems of other nations.
Which statement describes cyberwarfare?
a cloud service
Which technology removes direct equipment and maintenance costs from the user for data backups?
IDS
Which tool can identify malicious traffic by comparing packet contents to known attack signatures?
snort
Which tool can perform real-time traffic and port analysis, and can also detect port scans, fingerprinting and buffer overflow attacks?
Nmap
Which tool is used to provide a list of open ports on network devices?
travels to new computers without any intervention or knowledge of the user; is self-replicating
Which two characteristics describe a worm?
Brute Force
Which type of attack allows an attacker to use a brute force approach?
Antispyware
Which type of technology can prevent malicious software from monitoring user activities, collecting personal information, and producing unwanted pop-up ads on a user computer?
Most IoT devices do not receive frequent firmware updates.
Why do IoT devices pose a greater risk than other computing devices on a network?
state-sponsored attacker
gather intelligence or commit sabotage on specific goals on behalf of their government
terrorists
make political statements, or create fear, by causing physical or psychological damage to victims
