Chapter 11 study notes
According to the National Institute of Standards Technology (NIST), cybersecurity personnel can take steps to ensure data and systems are protected. The first thing an organization should conduct is a cybersecurity risk assessment. The cybersecurity risk assessment is concerned with answering which of the following questions?
What are the relevant threats and the threat sources to our organization? What are our organization's most important information technology assets? What are the internal and external vulnerabilities?
Security risk can be calculated using the following calculation: Risk = Threat x Vulnerability x __________.
asset
A group of computers under the control of a hacker is referred to as a __________.
botnet, botnets, or bot net
A deliberate misuse of computers and networks via the Internet that uses malicious code to modify the normal operations of a computer or network is called a __________.
cyberattack, cyber attack, or cybercrime
A crime in which a computer is the object of the crime or is used to commit a criminal offense is called _____.
cybercrime
A __________ denial-of-service (DDoS) attack takes place when a hacker gains unauthorized access and control of a network of computers that are connected to the Internet.
distributed
Hardware or software used to keep a computer secure from outside threats such as hackers and viruses by allowing or blocking Internet traffic is called a ____.
firewall
Personal software __________ are typically included with the operating system and can be configured based on user preference.
firewalls or firewall
In cybersecurity, the probable maximum loss (PML) is used to______.
help determine spending needed to adequately secure an organization's IT infrastructure
The goal of the NIST Cybersecurity Framework Protect (PR) function is to ______.
help protect an organization's IT infrastructure from security breaches by offering guidelines on IT infrastructure protection
A form of spyware that records all actions typed on a keyboard is called a ___________ logger.
keystroke or key
Malware is short for __________ software.
malicious or malicious software
The illegitimate use of an email message that appears to be from an established organization such as a bank, financial institution, or insurance company is referred to as __________. In order to appear legitimate, the message often contains the company's logo and identifying information.
phishing
As reported by Andrei Ene, Tiny Banker __________ (TBT) is one of the worst malware attacks in the last 10 years.
trojan or Trojan
The Identify (ID) function of the NIST Cybersecurity Framework focuses on organizational______.
understanding of how to manage cybersecurity risks
Put the steps for how a virus infects a digital device in the correct order.
1. The virus arrives via email attachment, file download, or by visiting a website that has been infected. 2. An action such as running or opening a file activates the virus. 3. The infection spreads to other computers via infected email, files, or contact with infected web sites. 4. The payload or the component of a virus that executes the malicious activity hits the computer and other infected devices.
What percentage of malicious attachments are masked as Microsoft Office files?
38%
Recently, TechJury compiled a list of cybersecurity statistics that show the impact of different malware and network attacks. What percentage of cyberattacks are aimed at small businesses?
43%
What percentage of cyberattacks are aimed at small business?
43%
What percentage of daily email attachments are harmful for their intended recipient?
85%
What percentage of cyberattacks are launched with a phishing email?
91%
Who performs probable maximum loss calculations?
A company's cybersecurity analysts
Which of the following is an example of data in transit? More than one answer may be correct.
A person uses an app on their smartphone to check their bank balance. At home, a person sends a photo taken on their smartphone to display on their smart TV.
Developed by Cisco and used by firewalls, routers, and computers that are part of a network and are connected to the Internet, Network ___________ Translation provides a type of firewall protection by hiding internal IP addresses.
Access
Before data security strategies are created, which questions must be answered?
Am I reducing the risk in the most cost-effective way? Is this the highest priority security risk? What is the risk I am reducing?
What do the three categories of the Detect (DE) function of the NIST Cybersecurity Framework include?
Analysis, observation, detection
White hat hackers use the same techniques and tools that are used by illegitimate hackers. These tools include which of the following?
Back door programs Rootkits Social engineering
Which of the following are considered cybercrimes?
Computer hacking Trojan horse viruses Digital identity theft
Which of the following are examples of cyberattacks?
DDoS attacks Information theft DoS attacks
Which of the following are reasons why states are making cybersecurity measures a high priority? More than one answer may be correct.
Data and technology continue to be at risk from cyber threats. New technologies continue to advance at a rapid rate.
Malware is designed to do which of the following?
Destroy data Incapacitate networks and computers Steal information
What is the "DE" function in the National Institute of Standards Technology (NIST) Cybersecurity Framework?
Detect function
A DDoS attack is when computers that have been infected by a virus act as "zombies" and work together to send out illegitimate messages creating huge volumes of network traffic. The acronym DDoS stands for ___ .
Distributed Denial of Service
An attack on a network that is designed to interrupt or stop network traffic by flooding it with too many requests is called a ___________ attack.
DoS, DOS, dos, or denial of service
Computer viruses are not frequently disguised as attachments of funny images, greeting cards, or audio and video files.
False
Select all options that describe the goals of the National Institute of Standards Technology (NIST) Cybersecurity Framework.
Give guidance to organizations who wish to understand potential security breaches Help organizations develop appropriate policies and procedures to mitigate data breaches Create an atmosphere where organizations can effectively discuss cybersecurity risks internally and with those outside of the organization
Select what's true about how a Trojan infects a computer system.
Hackers use Trojans to create a backdoor into a user's system which allows them to spy on the computer's activities. Trojans are designed using some sort of social engineering tactic. Trojans are commonly used by hackers to gain access to systems and devices.
Which of the following is an example of a task that might be completed during the planning stage of the plan-protect-respond cycle? More than one answer may be correct.
Having an authorized user attempt to hack into the system to determine vulnerabilities. Determine the degree of vulnerability that exists. Determine what security flaws exist.
Which function of the NIST Cybersecurity Framework involves an organization gaining deeper understanding of cybersecurity management in the context of their business needs and resources?
Identify (ID) function
Which of the following is prohibited by the Computer Fraud and Abuse Act? More than one answer may be correct
Intentionally destroying a computer Cyber blackmail
The technology that provides a type of firewall protection by hiding internal IP addresses is called _____.
NAT
Select what's true about Trojan malware.
Often found attached to free downloads and apps Often used to find passwords, destroy data, or to bypass firewalls Similar to viruses, but do not replicate themselves
Where are data in transit found?
On a cellular network
There are multiple ways ransomware attacks can be launched. Which of the following are methods a ransomware attack can be launched?
Phishing Trojan Horse
Which of the following statements correctly describes phishing?
Phishing scams use legitimate looking email messages to con a user into giving up private information. Phishing is the illegitimate use of an email message that appears to be from an established organization such as a bank.
Which function of the National Institute of Standards Technology (NIST) Cybersecurity Framework involves an organization analyzing cybersecurity risk and reducing potential damage to IT infrastructures?
Protect (PR) function
Which of the following are areas covered by state-specific cybersecurity laws? More than one answer may be correct
Protecting elections from cyber threats. Ensuring state and local governments are protected from cybersecurity threats. Addressing security needs of smart devices.
Malware that encrypts a computer's data, forcing the victim to purchase a decryption code, is called ___ .
Ransomware
One version of this type of malware encrypts a victims data until a payment is made. Another version threatens to make public a victim's personal data unless a payment is made. This type of malware is called ___>
Ransomware
Select the true statements about ransomware attacks.
Ransomware attacks invade computers via Trojan Horse viruses, worms, or by a user opening a legitimate looking email. Ransomware is malware that makes a computer's data inaccessible until a ransom is paid. One of the most popular methods used in ransomware attacks is through phishing.
Rootkits are typically used to allow hackers to do which of the following?
Remotely control the operations of a computer. Create a backdoor into a computer
Select the true statements about keystroke loggers.
Software based keystroke loggers are often a Trojan that is installed without the user's knowledge Can be hardware devices and software applications Keystroke loggers can record passwords and confidential information
According to National Institute for Standards __________, once a cybersecurity risk assessment has been conducted and the various questions in the risk assessment have been answered, an organization will be able to decide what to protect.
Technology or technology
What is the National Institute of Standards Technology (NIST) Cybersecurity Framework?
The NIST Cybersecurity Framework is a voluntary guide that helps organizations understand and protect themselves against cybersecurity risks.
Accessing the communications of an organization without authorization was made a criminal violation by which federal cybersecurity law?
The Stored Communications Act
Select the true statements about white hat hackers.
The goal of white hat hackers is to find gaps in network security and to test security defenses. Use the same techniques and tools that are used by illegitimate hackers.
Often accompanying downloaded music or apps, programs that appear to be legitimate, but executes an unwanted activity when activated is called a _____.
Trojan
A program that appears legitimate, but executes an unwanted activity when activated is called a __________ horse virus.
Trojan, trojan, or trojans
What is the goal of the planning phase of the plan-protect-respond cycle?
Understand the steps needed to design effective information security architecture.
Mohammed is experiencing issues with his work computer. He speaks to the IT department and they identify various symptoms of a computer virus. Symptoms of a computer virus include:
Unexpected error messages Critical files may be automatically deleted The operating system may not launch properly
Which of the following statements about computer viruses are true?
Viruses can destroy programs or alter the operations of a computer or network. A computer virus is software that infects computers and is created using computer code.
According to Norton, which of the following steps should be taken to defend against rootkits?
Watch out for drive-by-downloads Don't ignore software updates Be aware of phishing emails