Methods of Securing Information Quiz
How can packet sniffers, rootkits and denial-of-service (DoS) actions impact MIS systems?
- Used with ill intent, these can cause financial losses, lost productivity, and downtime. - System damage can occur if plans for monitoring, detection, and remediation are not in place.
Which computer experts help an organization ensure that its information system is protected against intrusions by testing the system's security measures?
white-hat hackers
List characteristics of computer viruses
- A computer virus is software that infects computers and is created using computer code. - Viruses can destroy programs or alter the operations of a computer or network.
Why do organizations need to determine their highest priority security risk?
- An organization may not have the resources to protect all of its data. - The level of protection provided may be determined by the priority level.
What is the purpose of social engineering in conjunction with ransomware?
tricks victims into allowing access to data
A program that appears to be legitimate but executes an unwanted activity when activated is called a
trojan
The security firewall serving Vantage's email program catches an impressive number of both irrelevant and illegitimate messages, to the point where employees usually do not even see them. Occasionally, however, an unsolicited message will catch managing partner Carl's eye. Because one new message looks to come from a potential new client, he's interested but careful, aware that the boutique consulting firm has a very targeted marketing system and clients usually do not appear out of thin air. What type of security concern is causing Carl's suspicion?
phishing
Sharing infected files and opening an infected email attachment are ways digital device users
spread computer viruses.
Describe computer viruses
- A computer virus is software. - A computer virus can take over an operating system. - A computer virus can destroy a computer's programs.
Select three accurate statements that use correct terminology to describe the process denial-of-service (DoS) attacks.
- A hacker uses software to infect computers, including laptops, desktops, tablets, and Internet of Things (IoT) devices, turning each computer into a zombie. - A denial-of-service (DoS) attack takes place when a hacker gains unauthorized access to and control of a network of Internet-connected computers. - When an IP address is targeted, each zombie computer simultaneously sends requests to that IP address; this can cause the targeted server to slow or even shut down.
From the following list, select all the actions that are considered cyberattacks.
- DoS attacks - DDoS attacks - information theft
How does conducting an inventory of where its critical data is stored most help a business to minimize the damage from natural disasters? More than one answer may be correct.
- It helps to ensure geographic data redundancy. - It helps with retrieving data immediately after a disaster.
Describe trojan malware
- It is often found attached to free downloads and apps. - It is often used to find passwords, destroy data, or to bypass firewalls. - It is like a virus but does not replicate itself.
Describe trojan malware. More than one answer may be correct.
- It is often found attached to free downloads and apps. - It is often used to find passwords, destroy data, or to bypass firewalls. - It is like a virus but does not replicate itself.
Why might a government choose to get involved in state-sponsored cyberwarfare? More than one answer may be correct.
- It is relatively inexpensive compared to traditional warfare. - It is often difficult to trace and identify. - It can cause widespread damage to IT infrastructure.
Which of these statements about packet sniffers are true?
- Legitimate sniffers are used for routine examination and problem detection. - Unauthorized sniffers are used to steal information.
TechJury compiled a list of cybersecurity statistics that show the impact of different malware and network attacks
- Ninety-one percent of cyberattacks are launched with a phishing email. - Eighty-five percent of daily email attachments are harmful for their intended recipient. - Thirty-eight percent of malicious attachments are masked as Microsoft Office files.
Which of the following statements describes phishing?
- Phishing scams use emails that appear to be from established organizations. - Phishing scams try to con a user into giving up private information.
Which of the following are true about spear phishing attacks?
- Spear phishing is a type of attack designed to target specific individuals. - Spear phishing attacks are designed to install malware on a device.
Mohammed is experiencing issues with his work computer. He speaks to the IT department and they identify various symptoms of a computer virus. What are symptoms of a computer virus?
- The operating system may not launch properly. - Critical files may be automatically deleted. - The user may receive unexpected error messages.
Which statement about white-hat hackers is true?
- They use the same techniques and tools as illegitimate hackers. - They use breach and attack simulation technologies to automate their work. - Their goal is to find gaps in network security and to test security defenses.
Rootkits are typically used to allow hackers to do which of the following?
- create a backdoor into a computer - remotely control the operations of a computer
Where would you expect to encounter a hardware keystroke logger?
- library computer - school computer - work computer
Which of these tasks is malware designed to do?
- steal information - destroy data - incapacitate networks and computers
Why do computer hackers use trojans to invade devices?
- to spy on the victim's computer activities - to steal the victim's confidential data - to interrupt network connections
What is the difference between a DDoS attack and a DoS attack?
A DoS is carried out with one source device and a DDoS attack is carried out with many source devices.
The infection of a digital device by a computer virus happens in stages. What is the second step in this process?
An action such as running or opening a file activates the virus.
Which of the following are examples of spear phishing?
An email is sent to employees at a specific company, instructing them to click on a link. That link deploys malware to their device.
How does a firewall work?
It determines what Internet traffic can leave or enter a network or computer.
How does a Network Address Translation (NAT) type of firewall work?
It hides internal IP addresses
How do breach and attack simulation technologies help white-hat hackers test security?
They execute thousands of attack techniques continuously to reveal weaknesses
As reported by Andrei Ene, one of the worst malware attacks in the last 10 years is the TBT, or
Tiny Banker Trojan
A ________ is committed when a computer is the object of the crime or a computer is used to commit a criminal offense.
cybercrime
Which of the following is generally not protected by an organization's network firewall?
files stored in a cloud-based system, such as Drobox or Google drive
A form of spyware that records all actions typed on a keyboard is called a keystroke
logger
