Module 10 Connect
What percentage of malicious attachments are masked as Microsoft Office files?
38%
Recently, TechJury compiled a list of cybersecurity statistics that show the impact of different malware and network attacks. What percentage of cyberattacks are aimed at small businesses?
43%
What percentage of cyberattacks are aimed at small business?
43%
What percentage of daily email attachments are harmful for their intended recipient?
85%
What percentage of cyberattacks are launched with a phishing email?
91%
Botnet
A group of computers under the control of a hacker.
Bot
A hacker uses software to infect computers, including laptops, desktops, tablets, and Internet of Things (IoT) devices, turning each computer into a zombie
Security risk can be calculated using the following calculation: Risk = Threat x Vulnerability x .
Asset
According to Norton, which of the following steps should be taken to defend against rootkits?
Be aware of phishing emails Watch out for drive-by-downloads Don't ignore software updates
Which of the following are considered cybercrimes?
Computer hacking Digital identity theft Trojan horse viruses
Select all options that describe the goals of the National Institute of Standards Technology (NIST) Cybersecurity Framework.
Create an atmosphere where organizations can effectively discuss cybersecurity risks internally and with those outside of the organization Help organizations develop appropriate policies and procedures to mitigate data breaches Give guidance to organizations who wish to understand potential security breaches
Which of the following is an example of a task that might be completed during the planning stage of the plan-protect-respond cycle?
Determine what security flaws exist. Determine the degree of vulnerability that exists. Having an authorized user attempt to hack into the system to determine vulnerabilities.
A hacker launches an attack on a network that is designed to interrupt or stop network traffic by flooding it with too many requests. This would be considered a _____ attack.
DoS
An attack on a network that is designed to interrupt or stop network traffic by flooding it with too many requests is called a _ attack.
DoS
Which function of the NIST Cybersecurity Framework involves an organization gaining deeper understanding of cybersecurity management in the context of their business needs and resources?
Identify (ID) function
Which of the following is prohibited by the Computer Fraud and Abuse Act?
Intentionally destroying a computer Cyber blackmail
Before data security strategies are created, which questions must be answered?
Is this the highest priority security risk? What is the risk I am reducing? Am I reducing the risk in the most cost-effective way?
Select what's true about Trojan malware.
Often found attached to free downloads and apps Often used to find passwords, destroy data, or to bypass firewalls Similar to viruses, but do not replicate themselves
Which function of the National Institute of Standards Technology (NIST) Cybersecurity Framework involves an organization analyzing cybersecurity risk and reducing potential damage to IT infrastructures?
Protect (PR) function
Malware that encrypts a computer's data, forcing the victim to purchase a decryption code, is called ___ .
Ransomware
One version of this type of malware encrypts a victims data until a payment is made. Another version threatens to make public a victim's personal data unless a payment is made. This type of malware is called ___.
Ransomware
Select the true statements about ransomware attacks.
Ransomware is malware that makes a computer's data inaccessible until a ransom is paid. Ransomware attacks invade computers via Trojan Horse viruses, worms, or by a user opening a legitimate looking email. One of the most popular methods used in ransomware attacks is through phishing.
Rootkits are typically used to allow hackers to do which of the following?
Remotely control the operations of a computer. Create a backdoor into a computer
White hat hackers use the same techniques and tools that are used by illegitimate hackers. These tools include which of the following?
Rootkits Social engineering Back door programs
Why is MitMo a growing security risk?
Smartphones and other mobile devices are everywhere. People use mobile devices in many of the same ways they use computers.
Malware is designed to do which of the following?
Steal information. Destroy data. Incapacitate a computer or network
According to National Institute for Standards ___, once a cybersecurity risk assessment has been conducted and the various questions in the risk assessment have been answered, an organization will be able to decide what to protect.
Technology
What is the National Institute of Standards Technology (NIST) Cybersecurity Framework?
The NIST Cybersecurity Framework is a voluntary guide that helps organizations understand and protect themselves against cybersecurity risks.
Accessing the communications of an organization without authorization was made a criminal violation by which federal cybersecurity law?
The Stored Communications Act
A program that appears legitimate, but executes an unwanted activity when activated is called a ___ horse virus.
Trojan
As reported by Andrei Ene, Tiny Banker ___ (TBT) is one of the worst malware attacks in the last 10 years.
Trojan
Often accompanying downloaded music or apps, programs that appear to be legitimate, but executes an unwanted activity when activated is called a _____.
Trojan
There are multiple ways ransomware attacks can be launched. Which of the following are methods a ransomware attack can be launched?
Trojan Horse Phishing
Malware is short for malicious software and is designed to steal information, destroy data, impact the operations of a computer or network, or frustrate the user. Common types of malware include:
Trojans Viruses Worms
Select what's true about how a Trojan infects a computer system.
Trojans are commonly used by hackers to gain access to systems and devices. Trojans are designed using some sort of social engineering tactic. Hackers use Trojans to create a backdoor into a user's system which allows them to spy on the computer's activities.
What is the goal of the planning phase of the plan-protect-respond cycle?
Understand the steps needed to design effective information security architecture.
Mohammed is experiencing issues with his work computer. He speaks to the IT department and they identify various symptoms of a computer virus. Symptoms of a computer virus include:
Unexpected error messages The operating system may not launch properly Critical files may be automatically deleted
Select the true statements about white hat hackers.
Use the same techniques and tools that are used by illegitimate hackers. The goal of white hat hackers is to find gaps in network security and to test security defenses.
Which of the following statements about computer viruses are true?
Viruses can destroy programs or alter the operations of a computer or network. A computer virus is software that infects computers and is created using computer code.
According to the National Institute of Standards Technology (NIST), cybersecurity personnel can take steps to ensure data and systems are protected. The first thing an organization should conduct is a cybersecurity risk assessment. The cybersecurity risk assessment is concerned with answering which of the following questions?
What are our organization's most important information technology assets? What are the relevant threats and the threat sources to our organization? What are the internal and external vulnerabilities?
Distributed Denial of Service (DDoS) Attack
When a hacker gains unauthorized access and control of a network of computers that are connected to the Internet.
Who performs probable maximum loss calculations?
a company's cybersecurity analysts
Where are data in transit found?
cellular network
A crime in which a computer is the object of the crime or is used to commit a criminal offense is called _.
cybercrime
A ___ denial-of-service (DDoS) attack takes place when a hacker gains unauthorized access and control of a network of computers that are connected to the Internet.
distributed
Computer viruses are not frequently disguised as attachments of funny images, greeting cards, or audio and video files.
false
Hardware or software used to keep a computer secure from outside threats such as hackers and viruses by allowing or blocking Internet traffic is called a ____.
firewall
Personal software ___ are typically included with the operating system and can be configured based on user preference.
firewall
In cybersecurity, the probable maximum loss (PML) is used to______.
help determine spending needed to adequately secure an organization's IT infrastructure
The goal of the NIST Cybersecurity Framework Protect (PR) function is to ______.
help protect an organization's IT infrastructure from security breaches by offering guidelines on IT infrastructure protection
Malware is short for ___ software.
malicious
Activities where white-hat hackers are paid to hack into private networks and applications is referred to as ___ testing.
penetration
The Identify (ID) function of the NIST Cybersecurity Framework focuses on organizational______.
understanding of how to manage cybersecurity risks
Sharing infected files and opening an infected email attachment are ways that a computer _ can infect a digital device.
virus
