NSB Test 2 Mod 3,4
4. Which of the following is a subset of artificial intelligence?
Adversarial AI
1. Japan's cybercrime control center noticed that around 200,000 Tokyo computers are infected by bots, and all these bots are remotely controlled by a single attacker. What is this attacker referred to as?
Bot herder
2. Daniel accidentally installed a vulnerable application. Which of the following system exploitations would NOT be caused by the vulnerable application?
CAN be: executable files attack, system tampering, process spawning control
7. A learning management system application has been written in Python. While running the application code, the specific program or application that converts the program into machine language is called what?
Compiler
3. Which cookie is created by the website a user is currently browsing to store the customer's browsing preference information?
First-party cookie
4. What additional measure should be enacted to increase the security on a computer network after secure boot, protective measures from attacks like antimalware, and intrusion detection systems are implemented in all the computers on the network?
Implement hardening at endpoints with patch management and os safeguards
7. What is the name of the process where a website validates user input before the application uses the input?
Input handling
8. Which of the following is a feature of a fileless virus?
It is persistent
3. William downloaded some free software to help him with photo editing. A few days later, William noticed several personal photographs were modified and posted to various social media pages with obscene comments. He also noticed that there were videos of him that were morphed and circulated on adult websites. The videos were obviously taken using his webcam. What should William do to fix his problem and prevent it from happening again in the future?
Run an antimalware program and scan for all known RATs, then quarantine infected files. To prevent in the future he should only download from trusted websites.
2. A web application with an SQL server database is found to be compromised by an attacker. On examination, the email IDs of the database have been found modified. This was due to improper validation in the input fields exploited by the attacker. What is the probable attack in the above scenario?
SQL injection
5. Smitha, an employee working in the accounts department, reported to the information security officer that she could not access her computer. James, the security officer, noticed the following on Smitha's system: On booting the computer, the following message was flashing on the computer screen with the IRS logo: "This computer is locked by the Internal Revenue Service. It has come to our attention that you are transferring funds to other agencies using this computer without compliance with the local income tax laws. As per section 22 of the U.S. Income Tax Act, the transmission of funds without applicable taxes is prohibited. Your IP address is identified in this fraudulent transaction and is locked to prevent further unlawful activities. This offense attracts a penalty of $400.00 for the first offense. You are hereby given 16 hours to resolve this issue, failing which you shall be prosecuted to the full extent of the law. You may make a secure payment by clicking on the following link. If you face any issues, you may reach out to us at [email protected]." The message will not close, nor is there access to applications or files on the computer; however, James can open shared files and folders on Smitha's computer through the network. What is your inference about the problem faced by Smitha on her computer?
She has ransomware
6. Kate decides to download an extension to her favorite browser to quickly store links on her spreadsheet software. While downloading the software, she ignores the opt-out check box that allows the extension to download a search toolbar. What has occurred here?
She installed PUPs (potentially unwanted programs)
6. John is a project manager with an IT firm, and his current project of developing an ERP application is in the development stage. Currently, the application is not yet mature or stable enough to be placed in a test environment. Which of the following secure coding review techniques is applicable for his project?
Static code analysis
5. A machine where the operating system runs an application on top of an operating system is called _______.
Virtual machines
1. In an application development model, which of the following uses a sequential development process?
Waterfall development
8. What is the inbuild application available to prevent threat actors from modifying the registry in a Windows 10 operating system?
Win 10 tamper protection