Info and Network Security Chapter 5
What was the name of the very first virus ever detected? Mimail Creeper Wabbit Unnamed
Creeper
The Sasser virus/buffer overflow attack spreads by copying itself to shared drives and emailing itself out to everyone in your address book. True False
False
The most common method to deliver spyware to a target system is by using a Trojan horse. True False
True
John is a network security administrator for a mid-sized college. He is trying to explain to a new hire what a virus is. Which of the following is the best definition of virus? A program that self-replicates A program used in a DoS attack A program that causes harm on your computer A program that slows down networks
A program that self-replicates
The virus/worm that combined email attachments along with a fake virus warning was the __________ virus. SQL Slammer Mimail Nonvirus Bagle
Bagle
If a program writes more information into the computer's memory thanthe memory was designed to hold, it is a(n) ___________ attack. RAM Adware Spyware Buffer-overflow
Buffer-overflow
What is the primary way a virus scanner works? By comparing files against a list of known virus profiles. By looking at files for virus-like behaviors. By blocking all unknown files. By blocking files that copy themselves.
By comparing files against a list of known virus profiles.
You are trying to form policies for your organization that will mitigate the threat of viruses. You want to ensure that you address the most common way for a virus to spread. What is the most common way for a virus to spread? By FTP By copying to shared folders By download from a website By email attachment
By email attachment
What other way can a virus scanner work? By skipping files against a list of known virus signatures. By looking at files for virus-like behavior. By blocking files that copy themselves. By blocking all unknown files.
By looking at files for virus-like behavior.
In a virus attack, the victim machine is the source. True False
False
Which of the following is a step that all computer users should take to protect against virus attacks? Use nonstandard email clients. Shut down all incoming ports. Purchase and configure a firewall. Install and use antivirus software.
Install and use antivirus software.
What factor about the WannaCry virus is especially interesting to security practitioners? It deleted critical system files. It was difficult to protect against. It could have been prevented with good patch management. It was very sophisticated and likely an example of nation-state weaponized malware.
It could have been prevented with good patch management.
What made the Bagle virus so dangerous? It corrupted the operating system. It disabled antivirus software. It deleted key system files. It changed Windows Registry settings.
It disabled antivirus software.
Which of the following describes the Bagle virus? It deleted key system files. It disabled antivirus software. It enabled virus scanners. It makes computer can't copy files to shared folders.
It disabled antivirus software.
The I Love You virus caused harm because ________. It erased data on computers. It had a negative payload. It generated large numbers of emails that bogged down many networks. It attack banks.
It generated large numbers of emails that bogged down many networks.
The Microsoft Office suite is a tempting target for viruses because___________. It contains virus programming tools. It is free. It is so ubiquitous. It is designed so that legitimate programmers can access its internal objects.
It is designed so that legitimate programmers can access its internal objects.
Which of the following is the primary reason that Microsoft Outlook is so often a target for virus attacks? It is easy to write programs that access Outlook's inner mechanisms Outlook is more commonly used than other email systems Outlook copies virus files faster Many hackers dislike Microsoft
It is easy to write programs that access Outlook's inner mechanisms
Jared is explaining various attacks to students in an introduction to cybersecurity class. He wants to make certain they fully understand the different attacks. What does a buffer-overflow attack do? It puts more data in a buffer than it can hold. It puts more email in an email system than it can hold. It overflows a port with too many packets. It overflows the system.
It puts more data in a buffer than it can hold.
The virus/worm that specifically targets Macintosh computers is________. Troj/Invo-Zip Win32/Netsky-P SQL Slammer MacDefender
MacDefender
The virus/worm that collected email addresses from your address book and from other documents on your machine was the ________virus. Nonvirus SQL Slammer Mimail Bagle
Mimail
The virus/worm that collected email addresses from your address book and from other documents on your machine was the ________virus. SQL Slammer Nonvirus Bagle Mimail
Mimail
Shelly is trying to teach new employees how to handle emailed security alerts. Which of the following is true regarding emailed security alerts? Most companies send alerts via email. You must follow them. Most companies do not send alerts via email. You can always trust attachments on security alerts.
Most companies do not send alerts via email.
Which of the following is a way that any person can use to protect against virus attacks? Set up a firewall Never open unknown email attachments. Use encrypted transmissions Use secure email software
Never open unknown email attachments.
The virus/worm that specifically targets Linux computers is ________. MacDefender W32/Netsky-P None of the above. Troj/Inve-Zip
None of the above.
The virus/worm that sends emails to victims telling them to delete a needed system file is the __________ virus Mimail Bagle Nonvirus Matrix.exe
Nonvirus
Which of the following is something a Trojan horse might do? Alter your IP address. Change your memory configuration. Change ports on your computer. Open a backdoor for malicious software.
Open a backdoor for malicious software.
hat virus exploited buffer overflows? Mimail virus Bagle virus Sobig virus Sasser virus
Sasser virus
What can you do with a firewall to help protect against virus attacks? Close all incoming ports. Shut down all Internet protocols. There is nothing you can do on a firewall to stop virus attacks. Shut down all unneeded ports.
Shut down all unneeded ports.
Isabelle is responsible for cybersecurity at her company. She is concerned that a virus would cause damage to the IT systems. What is the most common damage caused by virus attacks? Deleting files Corrupting the operating system Slowing down networks by the virus traffic Changing the Windows Registry
Slowing down networks by the virus traffic
Which of the following virus attacks used a multimodal approach? Sobig virus Mimail virus Bagle virus Slammer virus
Sobig virus
Malek is explaining various malware types to new technical support personnel. He is explaining to them the various types of malware so that they can recognized them. What type of malware is a key logger? Buffer overflow Spyware Virus Trojan horse
Spyware
Which of the following reasons most likely made the Bagle virus spread so rapidly? It copied itself across the network. It was a sophisticated virus. The email containing it claimed to be from the system administrator. It was particularly virulent.
The email containing it claimed to be from the system administrator.
The virus/worm transmitted in a zip file attached to an email with an enticing message is __________. Troj/Invo-Zip MacDefender Matrix Reloaded Win32/Netsky-P
Troj/Invo-Zip
A program that looks benign but actually has a malicious purpose is a_______. Cookie Worm Trojan horse Virus
Trojan horse
A rootkit provides the hacker root or privileged access. True False
True
A virus is any file that can self-replicate. True False
True
After a virus is on your system, it can do anything a legitimate program can do. True False
True
Malware that executes when a specific criteria is met is a logic bomb. True False
True
Malware that is portable to all operating systems or platforms is considered web-based code. True False
True
The Bagle virus contained email attachments and a fake virus warning. True False
True
The most common way for a virus to spread is by reading your email address book and emailing itself to your contacts. True False
True
The most common way for a virus to spread is by __________. Use of your email contacts Scanning your computer for network connections and copying itself to other machines on the network Locating Linux machines None of the above
Use of your email contacts
You are trying to develop methods to mitigate the threat of viruses in your company. Which of the following is a safe way to send and receive attachments? Do not use a code word indicatig that an attachment is legitimate. Use virus scanners before opening attachments. Send only spreadsheet attachments. Use encryption.
Use virus scanners before opening attachments.
Any file that can self-replicate is a ________. Virus Trojan horse Worm Virus scanner
Virus
McAfee and Norton are examples of ________. Virus scanners Viruses Trojan horses Worms
Virus scanners
The virus/worm that attempts to copy itself toC:\WINDOWS\FVProtect.exe is _______. MacDefender Troj/Invo-Zip Sobig Win32/Netsky-P
Win32/Netsky-P
A program that can propagate without human interference is a_______. Worm Virus scanner Virus Trojan horse
Worm
