IS360 Chapter 8 Quiz
True or False? Spyware does not use cookies.
False
What file type is least likely to be impacted by a file infector virus?
.docx
Larry recently viewed an auction listing on a website. As a result, his computer executed code that popped up a window that asked for his password. What type of attack has Larry likely encountered?
Cross-site scripting (XSS)
What type of attack occurs in real time and is often conducted against a specific target?
Direct
True or False? A port-scanning tool enables an attacker to escalate privileges on a network server.
False
True or False? A smurf attack tricks users into providing logon information on what appears to be a legitimate website but is in fact a website set up by an attacker to obtain this information.
False
True or False? Hijacking refers to the use of social engineering to obtain access credentials, such as usernames and passwords.
False
True or False? Stealth viruses attack countermeasures, such as antivirus signature files or integrity databases, by searching for these data files and deleting or altering them
False
True or False? Stealth viruses attack countermeasures, such as antivirus signature files or integrity databases, by searching for these data files and deleting or altering them.
False
True or False? System infectors are viruses that attack document files containing embedded macro programming capabilities.
False
Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she filter?
Internet Control Message Protocol (ICMP)
Hacking groups create _______ to launch attacks whereby they infect vulnerable machines with agents that perform various functions at the command of the controller.
botnets
What program, released in 2013, is an example of ransomware?
CryptoLocker
Which type of virus targets computer hardware and software startup functions?
System infector
Alison is a security professional. A user reports that, after opening an email attachment, every document he saves is in a template format and other Microsoft Word documents will not open. After investigating the issue, Alison determines that the user's Microsoft Office normal.dot template has been damaged, as well as many Word files. What type of virus is the most likely cause?
Macro virus
Arturo discovers a virus on his system that resides only in the computer's memory and not in a file. What type of virus has he discovered?
Slow virus
The chief executive officer (CEO) of a company recently fell victim to an attack. The attackers sent the CEO an email that appeared to come from the company's attorney. The email was informing him that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack took place?
Spear phishing
Bob is developing a web application that depends upon a database backend. What type of attack could a malicious individual use to send commands through his web application to the database?
Structured Query Language (SQL) injection
Lin installed a time-management utility that she downloaded from the Internet. Now several applications are not responding to normal commands. What type of malware did she likely encounter?
Trojan horse
True or False? A backdoor is a hidden way to bypass access controls and allow access to a system or resource.
True
True or False? A computer virus is an executable program that attaches to , or infects, other executable programs.
True
True or False? A computer virus is an executable program that attaches to, or infects, other executable programs.
True
True or False? A rootkit is a type of malware that modifies or replaces one or more existing programs to hide the fact that a computer has been compromised.
True
True or False? Attacks against confidentiality and privacy, data integrity, and availability of services are all ways malicious code can threaten businesses.
True
True or False? Because people inside an organization generally have more detailed knowledge of the IT infrastructure than outsiders do, they can place logic bombs more easily.
True
True or False? Security breaches perpetrated by current and former employees often go undetected due to weak personnel and security policies or ineffective countermeasures.
True
True or False? The function of homepage hijacking is to change a browser's homepage to point to the attacker's site.
True
True or False? The success of Trojans is due to their reliance on social engineering to spread and operate; they have to trick users into running them
True
True or False? The term "web defacement" refers to someone gaining unauthorized access to a web server and altering the index page of a site on the server
True
Wen is a network security professional. He wants to strengthen the security of his agency's network infrastructure defenses. Which control can he use to protect the network?
Use proxy services and bastion hosts to protect critical services
What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?
Whois
