Quiz: Module 03 Threats and Attacks on Endpoints
Which of the following is NOT a means by which a bot communicates with a C&C device?
b. Email
Which of the following is NOT a characteristic of malware?
a. Diffusion
What word is used today to refer to network-connected hardware devices?
a. Endpoint
Josh is researching the different types of attacks that can be generated through a botnet. Which of the following would NOT be something distributed by a botnet?
a. LOLBins
Randall's roommate is complaining to him about all of the software that came pre-installed on his new computer. He doesn't want the software because it slows down the computer. What type of software is this?
a. PUP
Which of the following is known as a network virus?
a. Worm
What is the difference between a Trojan and a RAT?
b. A RAT gives the attacker unauthorized remote access to the victim's computer.
Which of the following attacks is based on the principle that when a user is currently authenticated on a website and then loads another webpage, the new page inherits the identity and privileges of the first website?
b. CSRF
Marius's team leader has just texted him that an employee, who violated company policy by bringing in a file on her USB flash drive, has just reported that her computer is suddenly locked up with cryptomalware. Why would Marius consider this a dangerous situation?
b. Cryptomalware can encrypt all files on any network that is connected to the employee's computer.
Which type of malware relies on LOLBins?
b. Fileless virus
What term refers to changing the design of existing code?
b. Refactoring
Gabriel's sister called him about a message that suddenly appeared on her screen that says her software license has expired and she must immediately pay $500 to have it renewed before control of the computer will be returned to her. What type of malware has infected her computer?
c. Blocking ransomware
Which of the following attacks targets the external software component that is a repository of both code and data?
c. Dynamic-link library (DLL) injection attack
Which of the following manipulates the trusting relationship between web servers?
c. SSRF
Which of these would NOT be considered the result of a logic bomb?
c. Send an email to Rowan's inbox each Monday morning with the agenda of that week's department meeting.
Which statement regarding a keylogger is NOT true?
c. Software keyloggers are generally easy to detect.
Which of the following attacks is based on a website accepting user input without sanitizing it?
c. XSS
Which of the following is technology that imitates human abilities?
d. AI
Which type of memory vulnerability attack manipulates the "return address" of the memory location of a software program?
d. Buffer overflow attack
What race condition can result in a NULL pointer/object dereference?
d. Time of check/time of use race condition
