Security Plus Chapter 2 Quiz
Which type of attack uses more than one computer? a. virus d. DoS c. worm d. DDoS
D. DDoS
which of the following types of malware appears to the user as legitimate but actually enables unauthorized access to the user's computer a. Trojan b. Virus c. worm d. spam
a. Trojan
ou are the network administrator for a small organization without much in the way of security policies. While analyzing your servers' performance you find various chain messages have been received by the company. Which type of security control should you implement to fix the problem? a. anti-spam b. host-based firewalls c. anti-spyware d. antivirus
a. anti-spam
Which of the following is not an example of malicious software? a. browser b. viruses c. spyware d. rootkit
a. browser
Whitelisting, blacklisting, and closing open relays are all mitigation techniques addressing what kind of threat? a. spam b. viruses c. botnets d. spyware
a. spam
a user complains that they were browsing the Internet when the computer started erratically and crashed. You reboot the computer and notice that performance is very slow. In addition, after running a netstat command you notice literally hundreds of outbound connections to various websites, many of which are well-known sites. Which of the following has happened? a. the computer is now part of a botnet b. the computer is infected with a virus c. the computer is infected with spyware d. the computer is now infected with a rootkit
a. the computer is now part of a botnet
Which of the following types of scanners can locate a rootkit on a computer? a. barcode scanner b. malware scanner c. adware scanner d. image scanner
b. malware scanner
Which of the following is a common symptom of spyware a. applications freeze b. pop-up windows c. infected files d. computer shuts down
b. pop-up windows
Which of the following would be considered detrimental effects of a hoax virus a. users are at risk for identify theft b. users are tricked into changing the system configuration c. the email server capacity is consumed by message traffic d. technical support resources are consumed by increased user calls
b. users are tricked into changing the system configuration b. users are tricked into changing the system configuration
which of the following types of viruses hides its code to mask itself a. polymorphic virus b. stealth cirus c. armored virus d. worm
c. armored virus
what is a malicious attack that executes at the same time every week a. worm b. ransomware c. logic bomb d. virus
c. logic bomb
which of these is a true statement concerning active interception a. when a person looks through files b. when a person hardens an operating system c. when a computer is put between a sender and receiver d. when a person overhears a conversation
c. when a computer is put between a sender and receiver
which type of malware doe snot require a user to execut a program to distribute the software a. Trojan horse b. Virus c. worm d. Stealth
c. worm
Dan is a network administrator. One day he notices that his DHCP server is flooded with information. He analyzes it and finds that the information is coming from more than 50 computers on the network. Which of the following is the most likely reason? a. PHP script b. Virus c. worm d. Zombie
c. worm A worm is most likely the reason that the server is being bombarded with information by the clients; perhaps it is perpetuated by a botnet. Because worms self-replicate, the damage can quickly become critical.
Which of the following computer security threats can be updated automatically and remotely? a. virus b. malware c. zombie d. worm
c. zombie
One of your co-workers complains of very slow system performance and says that a lot of antivirus messages are being displayed. The user admits to recently installing pirated software and download and installing an illegal keygen to activate the software. What type of malware has infected the user's computer. a. worm b. logic bomb c. spyware d. Trojan
d. Trojan
a group of compromised computers that have software installed by a worm or Trojan is known as which of the following a. zombie b. rootkit c. birus d. botnet
d. botnet
How do most network-based viruses spread? a. USB flash drive b. instant message c. optical disc d. email
d. email
you have been given the task of scanning for viruses on a PC. What is the best of the following methods? a. boot into Windows normally b. command prompt only c. dual boot into Linux d. recovery environment
d. recovery environment You should use a recovery environment. Most often, this would be the one built into Windows. Many manufacturers suggest using this, and more specifically Safe Mode. However, it could also be a Linux rescue disc or flash drive. That's not a true dual-boot though. An actual dual-boot is when Windows and Linux are both installed to the hard drive. Command Prompt only is not enough, nor is it necessary for some virus scanning scenarios. Booting into Windows normally is tantamount to doing nothing. Remember to use a recovery environment when scanning for viruses.
Which of the following defines the difference between a Trojan horse and a worm? a. the two are the same b. worms are sent via email; Trojans are not c. Trojan horses are malicious attacks; worms are not d. worms self replicate but Trojan horses do not
d. worms self replicate but Trojan horses do not
One of your users was not being careful when browsing the Internet. The user was redirected to a warez site where a number of pop-ups appeared. After clicking one pop-up by accident, a drive-by download of unwanted software occurred. What does the download most likely contain? a. logic bomb b. backdoor c. Smurf d. DDoS e. Spyware
e. Spyware
you are the security administrator for your organization and have just completed a routine server audit. You did not notice any abnormal activity. However, another network security analyst finds connections to unauthorized ports from outside the organization's network. Using security tools, the analyst finds hidden processes that are running on the server. Which of the following has most likely been installed on the server? a, backdoor b. logic bomb c. ransomware d. spam e. rootkit
e. rootkit
