Information Security Chapter 3

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which one of the following is an example of a disclosure threat? a. espionage b. alteration d. denial c. destruction

a. espionage

Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place? a. evil twin b. wardriving c. bluesnarfing d. replay attack

a. evil twin

Which group is the most likely target of a social engineering attack? a. receptionist and administrative assistants b. info security response team c. internal auditors d. independent contractors

a. receptionist and administrative assistants

An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using? a. vishing b. urgency c. whaling d. authority

b. urgency

Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri? a. cracker b. white hat hacker c. black hat hacker d. grey hat hacker

b. white hat hacker

Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service? a. 21 b. 23 c. 80 d. 443

c. 80

What type of malicious software masquerades as legitimate software to entice the user to run it? a. virus b. worm c. trojan horse d. rootkit

c. Trojan horse

Which password attack is typically used specifically against password files that contain cryptographic hashes? a. Bruit force attacks b. dictionary attacks c. birthday attacks d. social engineering attacks

c. birthday attacks

Which type of attack involves the creation of some deception in order to trick unsuspecting users? a. interception b. interruption c. fabrication d. modification

c. fabrication

Which type of denial of service attack exploits the existence of software flaws to disrupt a service? a. SYN flood attack b. smurf attack c. logic attack d. flooding attack

c. logic attack

In which type of attack does the attacker attempt to take over an existing connection between two systems? a. man in the middle attack b. URL hijacking c. session hijacking d. typosquatting

c. session hijacking

Which tool can capture the packets transmitted between systems over a network? a. wardialer b. OS fringerprinter c. prot scanner d. protocol analyzer

d. protocol analyzer

Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place? a. spam b. phishing c. social engineering d. spim

d. spim

Which term describes an action that can damage or compromise an asset? a. risk b. vulnerability c. countermeasure d. threat

d. threat

Which type of attack against a web application uses a newly discovered vulnerability that is not patchable? a. SQL injection b. cross site scripting c. cross site request forgery d. zero day attack

d. zero day attack


Ensembles d'études connexes

English IV - The Secret History (Vocabulary pg. 1 - 75)

View Set

A&P Chapter 25 Nutrition and Metabolism

View Set

Chapter 35: Skin Integrity & Wound Healing

View Set

Environmental Science Module 5-6

View Set