Module 10 Quiz: Methods of Securing Information
Describe trojan malware. More than one answer may be correct.
1. It is often found attached to free downloads and apps. 2. It is often used to find passwords, destroy data, or to bypass firewalls. 3. It is like a virus but does not replicate itself.
Which of the following would be included in a risk assessment executive summary that was prepared to help executives make informed decisions about security? More than one answer may be correct.
1. If a cyberattack were able to breach our security, the medical information and social security numbers of all of patients would be available. 2. Because our organization has multiple government contracts, we need to worry about threats from other countries' governments who seek to gain sensitive information regarding the U.S. government. 3. All employees are required to go through biannual cybersecurity training. Additional training is required when new threats that could affect our organization become known.
Why might a government choose to get involved in state-sponsored cyberwarfare? More than one answer may be correct.
1. It is relatively inexpensive compared to traditional warfare. 2. It is often difficult to trace and identify. 3. It can cause widespread damage to IT infrastructure.
Malware that encrypts a computer's data, forcing the victim to purchase a decryption code, is called
1. ransomware 2. pay ware 3. software piracy 4. cryptoware
From the following list, select the techniques and tools that are used by both white-hat hackers and illegitimate hackers.
1. rootkits 2. social engineering 3. back door programs
Why do organizations need to determine their highest priority security risk? More than one answer may be correct.
1. An organization may not have the resources to protect all of its data. 2. The level of protection provided may be determined by the priority level.
According to Norton, which of the following steps should be taken to defend against rootkits? More than one answer may be correct.
1. Don't ignore software updates 2. Be aware of phishing emails 3. Watch out for drive-by downloads
How does conducting an inventory of where its critical data is stored most help a business to minimize the damage from natural disasters? More than one answer may be correct.
1. It helps to ensure geographic data redundancy. 2. It helps with retrieving data immediately after a disaster.
What questions are answered by the cybersecurity risk assessment recommended by the National Institute of Standards Technology (NIST)? More than one answer may be correct.
1. What data breach would have a major impact on our business? 2. What is the impact if our vulnerabilities are exploited?
How does ransomware invade digital devices? More than one answer may be correct.
1. in a Trojan horse 2. by email 3. with a worm
Which of the following are examples of spear phishing?
An email is sent to employees at a specific company, instructing them to click on a link. That link deploys malware to their device.
Alyssa says that no one would risk selling operable or effective malware programs, even on the Dark Web. Why is she wrong?
Criminal hackers do make money by selling actual malware.
A hacker launches an attack on a network that is designed to interrupt or stop network traffic by flooding it with too many requests. This would be considered a _________ attack.
DoS
How does a firewall work?
It determines what Internet traffic can leave or enter a network or computer.
What is a characteristic shared by all devices that can be infected by a computer virus?
They are connected to the Internet.
A ________ is committed when a computer is the object of the crime or a computer is used to commit a criminal offense.
cybercrime
Every time you view a webpage, your data is captured in small pieces called packets. How are data packets transmitted across the Internet?
through Transmission Control Protocol/Internet Protocol (TCP/IP)
What is the purpose of social engineering in conjunction with ransomware?
tricks victims into allowing access to data
Recently, TechJury compiled a list of cybersecurity statistics that show the impact of different malware and network attacks. What percentage of cyberattacks are aimed at small businesses?
43%
What is the difference between a DDoS attack and a DoS attack?
A DoS is carried out with one source device and a DDoS attack is carried out with many source devices.