CIS 110
What are the three types of malware that have the primary traits of circulation and/or infection
1.Viruses 2.Trojans 3.Worms
Using which Social engineering principle might an attacker impersonate a CEO of a company?
Authority
Which of the following ensures that data is accessible when needed to authorized users?
Availability
What type of backup is performed continually without any intervention by the user?
Continuous backup
Which of the following is NOT a factor that contributes to difficulties faced in defending against attacks?
Enhanced encryption algorithms
Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information?
GLBA
Under which law must healthcare enterprise guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format?
HIPPA
Which of the following ensures that information is correct and no unauthorized person or malware software has altered it?
Integrity
Which term is best described as individuals who want to attack computers yet who lack the knowledge of computers and networks needed to do so?
Script Kiddies
Which of the following is a program advertised as performing one activity but actually does something else?
Trojan
What is the best approach to establishing strong security with passwords?
Use technology for managing passwords
Which Windows feature provides information to users and obtains their approval before a program can make a change to the computer's settings?
User Account Control
How do attackers today make it difficult to distinguish an attack from legitimate traffic?
by using common internet protocols
What can an attacker use to divert all mail to their post office box so that the victim is never aware that personal information has been stolen?
change-of-address form
Botnets can flood a Web server with thousands of requests and overwhelm it to the point that it cannot respond to legitimate requests. This is known as ____.
denying services
In the past, which term was commonly used to refer to a person who uses advanced computer skills to attack computers?
hacker
What type of attack is a false warning, often contained in an email message claiming to come from the information technology (IT) department?
hoaxes
Which of the following involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?
identity theft
What type of attacker is most likely to use information you have posted about yourself on a social networking site?
identity thief
What term is frequently used to describe the tasks of securing information that is in a digital format?
information security
What type of device is inserted between the computer keyboard connection and USB port for the purposed of stealing information?
keylogger
What type of spyware silently and stores each keystroke that a user types on the computer keyboard?
keylogger
What type of malware is typically added to a legitimate program but lies dormant until it is triggered by a specific event?
logic bomb
With which type of social engineering attack are users asked to respond to an email or are directed to a website where they are requested to update personal information, such as passwords or credit card numbers?
phishing
What type of malware can, for example, locks up a user's computer and then display a message that purports to comes from a law enforcement agency that states the user must pay a fine for illegal activity?
ransomware
Which type of malware is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms?
rootkit
AV software on a computer must have its ____ files regularly updated by downloads from the Internet.
signature
What popular online activity involves grouping individuals and organizations into clusters or groups based on their likes and interests?
social networking
Whereas phishing involves sending millions of generic e-mail messages to users, ____ targets only specific users.
spear phishing
Which phrase best describes security?
the goal to be free from danger as well as the process that achieves that freedom
Which term is best described as a person or element that has the power to carry out a threat?
threat agent
Which type of social engineering attack depends on the user incorrectly entering a URL?
typo squatting
Which of the following is a characteristic of a weak password?
used on multiple accounts
What is a flaw or weakness that allows a threat agent to bypass security?
vulnerability
Which type of malware exploits a vulnerability on one system and then immediately for another computer on the network that has the same vulnerability?
worm
Which type of malware self-replicates between computers (from one computer to another)?
worm
An infected robot computer is known as a ______
zombie
Security is ______ convince
inversely proportional to
