Cybersecurity 8
Which of the following best describes the difference between a virus and a worm? A) A virus is malicious software that requires a host file to spread itself, whereas a worm is malicious software that does not require a host file to spread itself. B) A worm is malicious software that requires a host file to spread itself, whereas a virus is malicious software that does not require a host file to spread itself. C) A virus is malicious software that attaches itself to executable files, whereas a worm is malicious software that attaches itself to an image file. D) There is no difference between a virus and a worm.
A
Which of the following is a word, phrase, or image that is programmatically configured to connect to another document, bookmark, or location? A) Hyperlink B) Log C) Relay D) Metadata
A
Which of the following is an SMB exploit affecting various Windows operating systems from XP to Windows 7 and various versions of Windows Server 2003 and 2008? A) EternalBlue B) SpyEye C) Slammer D) Zeus
A
Which of the following refers to an internal procedure by which authorized changes are made to software, hardware, network access privileges, or business processes? A) Change control B) NIST framework C) Standard operating procedure D) Patch management
A
Which of the following statements about antivirus software is not true? A) Antivirus software is 100 percent effective against malware intrusions. B) Antivirus software uses signature-based recognition and behavior-based recognition to detect malware. C) Antivirus software can detect various types of malware. D) Antivirus software can detect, contain, or eliminate malware.
A
Which federal regulation requires financial institutions to protect their customers' information against security threats? A) HIPAA B) GLBA C) PCI DSS D) FISMA
B
Which of the following is an example of ransomware that takes a computer or its data hostage in an effort to extort money from victims? A) SpyEye B) WannaCry C) Sapphire D) Slammer
B
Which of the following log analysis techniques compares the log entries against a set of known bad activity? A) Trend analysis B) Signature analysis C) Correlation analysis D) Sequencing analysis
B
Which of the following statements about Trojans is true? A) Trojans reproduce by infecting other files. B) Trojans need user interaction to spread. C) Trojans self-replicate. D) Trojans are legitimate programs that enhance user experience.
B
Which of the following statements best describes data replication? A) The process of copying data to another drive weekly B) The process of copying data to a second location that is available for immediate use C) The process of copying and storing data that could be restored to its original location D) The process of copying data to the cloud
B
Which of the following best describes the log analysis technique called trend analysis? A) Compares log data to known bad activity B) Compares log data to known good activity C) Identifies activity over time that in isolation might appear normal D) Ties individual entries together based on related information
C
Which of the following is the standard protocol for sending email messages? A) IPsec B) SSL C) SMTP D) FTP
C
Which of the following statements about data backup is not true? A) Backups can be stored in the cloud. B) Backups can be conducted once a week. C) Backups do not have to be restored as long as they are stored in the cloud. D) Backups can be stored to a tape.
C
Which of the following statements best describes a Trojan? A) Malicious software that hides into the lower levels of the operating system and opens a backdoor B) Malicious software that records every key stroke and mouse movement C) Malicious software that disguises itself as a legitimate program D) Malicious software that takes the computer data hostage to extort money
C
Which of the following was a worm that infected Microsoft SQL Server 2000 and Microsoft SQL Desktop Engine? A) Zeus B) SpyEye C) Slammer D) Nyetya
C
Which common standard operating procedure (SOP) format should be used for long procedures requiring many decisions? A) Hierarchical B) Simple step C) Graphical D) Flowchart
D
Which of the following describes the process or methodology used to assess the adequacy of a service provider? A) Sequencing B) Due care C) Trend analysis D) Due diligence
D
Which of the following is a snippet of code designed to automate tasks and often used by attackers to carry out denial-of-service attacks? A) Ransomware B) Screen scraper C) Zero-day exploit D) Bot
D
Which of the following is an example of a malware prevention control? A) Real-time firewall detection of suspicious file downloads B) Review and analysis of log files C) User awareness to recognize and report suspicious activity D) Not allowing users to have administrative rights to their workstations
D
Which of the following malware takes advantage of a security vulnerability on the same day that the vulnerability becomes known to the public? A) Ransomware B) Screen scraper C) Bot D) Zero-day exploit
D