Module 3 Quiz | ITE-249-02 Threats and Attacks on Endpoints

19. Which of the following is technology that imitates human abilities? a. AI b. RC c. ML d. XLS

a. AI

15. Which type of memory vulnerability attack manipulates the "return address" of the memory location of a software program? a. Buffer overflow attack b. Integer overflow attack c. Shim overflow attack d. Factor overflow attack

a. Buffer overflow attack

13. Which of the following attacks is based on the principle that when a user is currently authenticated on a website and then loads another webpage, the new page inherits the identity and privileges of the first website? a. CSRF b. SSFR c. DLLS d. DRCR

a. CSRF

14. Which of the following manipulates the trusting relationship between web servers? a. SSRF b. EXMAL c. SCSI d. CSRF

a. SSRF

4. Marius's team leader has just texted him that an employee, who violated company policy by bringing in a file on her USB flash drive, has just reported that her computer is suddenly locked up with cryptomalware. Why would Marius consider this a dangerous situation? a. It sets a precedent by encouraging other employees to violate company policy. b. Cryptomalware can encrypt all files on any network that is connected to the employee's computer. c. The organization may be forced to pay up to $500 for the ransom. d. The employee would have to wait at least an hour before her computer could be restored.

b. Cryptomalware can encrypt all files on any network that is connected to the employee's computer.

17. Which of the following attacks targets the external software component that is a repository of both code and data? a. Device driver manipulation attack b. Dynamic-link library (DLL) injection attack c. OS REG attack d. Application program interface (API) attack

b. Dynamic-link library (DLL) injection attack

7. Josh is researching the different types of attacks that can be generated through a botnet. Which of the following would NOT be something distributed by a botnet? a. Malware b. Spam c. LOLBins d. Ad fraud

c. LOLBins

18. What term refers to changing the design of existing code? a. Design driver manipulation b. Shimming c. Refactoring d. Library manipulation

c. Refactoring

16. What race condition can result in a NULL pointer/object dereference? a. Conflict race condition b. Thread race condition c. Time of check/time of use race condition d. Value-based race condition

c. Time of check/time of use race condition

6. Which of the following is known as a network virus? a. TAR b. Remote exploitation virus (REV) c. Worm d. C&C

c. Worm

10. What is the difference between a Trojan and a RAT? a. A Trojan can carry malware while a RAT cannot. b. There is no difference. c. A RAT can infect only a smartphone and not a computer. d. A RAT gives the attacker unauthorized remote access to the victim's computer.

d. A RAT gives the attacker unauthorized remote access to the victim's computer.

3. Gabriel's sister called him about a message that suddenly appeared on her screen that says her software license has expired and she must immediately pay $500 to have it renewed before control of the computer will be returned to her. What type of malware has infected her computer? a. Persistent lockware b. Cryptomalware c. Impede-ware d. Blocking ransomware

d. Blocking ransomware

2. Which of the following is NOT a characteristic of malware? a. Launch b. Imprison c. Deceive d. Diffusion

d. Diffusion

8. Which of the following is NOT a means by which a bot communicates with a C&C device? a. Signing in to a third-party website b. Signing in to a website the bot herder operates c. Command sent through Twitter posts d. Email

d. Email

20. Which statement regarding a keylogger is NOT true? a. Software keyloggers are generally easy to detect. b. Software keyloggers can be designed to send captured information automatically back to the attacker through the Internet. c. Keyloggers can be used to capture passwords, credit card numbers, or personal information. d. Hardware keyloggers are installed between the keyboard connector and computer keyboard USB port.

a. Software keyloggers are generally easy to detect.

1. What word is used today to refer to network-connected hardware devices? a. Host b. Endpoint c. Device d. Client

b. Endpoint

5. Which type of malware relies on LOLBins? a. File-based virus b. Fileless virus c. PUP d. Bot

b. Fileless virus

9. Randall's roommate is complaining to him about all of the software that came pre-installed on his new computer. He doesn't want the software because it slows down the computer. What type of software is this? a. Spyware b. PUP c. Keylogger d. Bot

b. PUP

11. Which of these would NOT be considered the result of a logic bomb? a. Erase the hard drives of all the servers 90 days after Alfredo's name is removed from the list of current employees. b. Send an email to Rowan's inbox each Monday morning with the agenda of that week's department meeting. c. Delete all human resource records regarding Augustine one month after he leaves the company. d. If the company's stock price drops below $50, then credit Oscar's retirement account with one additional year of retirement credit.

b. Send an email to Rowan's inbox each Monday morning with the agenda of that week's department meeting.

12. Which of the following attacks is based on a website accepting user input without sanitizing it? a. SQLS b. XSS c. SSXRS d. RSS

b. XSS