Concepts Module 6: Security and Safety
Logic bombs
programs or code snippets that execute when a certain predefined event occurs.
Trojan Horses
programs that enter a system or network under the guise of another program.
The primary method of eliminating smurf attacks involves:
prohibiting ICMP traffic through a router. If the router blocks ICMP traffic, smurf attacks from an external attacker aren't possible.
There are various risks from attacks on Wi-Fi networks. These include all of the following EXCEPT _____.
reading wireless transmissions
The goals of email spoofing include luring the user into _______. Select all that apply.
ACD
Which of these is an ergonomic guideline to technology use? A. Proper physical alignment by using the right chair and aids. B. Sitting close to the screen so as to improve clarity. C. Facing the screen directly to allow maximum glare. D. Working on a laptop or desktop at a long stretch to ensure efficiency.
A
In Windows 10, clicking the Minimize button _____.
A. minimizes the window to the taskbar
Identifying Common Misconfigurations
All too often, problems are introduced when perfectly good applications and services are importantly configured.
The purpose of biometric input is to _____. A. obtain information from virtual assistants such as Cortana B. verify identification and authentication C. save time during repetitive data entry D. capture video for presentations and training
B
What would a password manager allow you to do?
Create and store multiple strong passwords.
In macOS, the Sleep setting is located on the _____.
Desktop
Which term refers to the science that specifies the design and arrangement of items you use so you interact with the items efficiently and safely?
Ergonomics
To prevent a laptop from being stolen, you can use a surge protector.
False
Your Facebook profile is private so there is no need to worry about your boss ever seeing your posts such as your Spring Break pictures.
False
How will you decide which browser security settings to allow and which ones to block?
I will need to review each browser security setting and use my best judgement.
Which of the following are signs of excessive Internet use? Select all that apply.
Irritability when offline Sleep deprivation
sabel received a message on her computer that appeared to be from the FBI. It informed her that her computer has been locked and she would need to pay a fee to retrieve her data. How would you describe what is happening?
It is most likely ransomware because it is telling her she has to verify payment information to unlock her computer.
A padlock icon in the address bar indicates the current website is unsafe.
No
Client-Side Attacks
One that targets vulnerabilities in client applications that interact with a malicious server. A user accesses the trusted site-whether web, FTP, or almost anything else -- and unwittingly downloads the rogue code.
Watering Hole Attack
The strategy the attacker takes is simply to identify a site that is visited by those they are targeting, poisoning that site, and then waiting for the results.
Passively testing security controls
The vulnerability scanner can test the security controls without doing any actual harm.
XMAS Attack
This is an advanced scan that tries to get around firewall detection and look for open ports.
Threat
What are the likely dangers associated with the risk? What are the means and source of the potential attack?
Risk
What is the actual danger under the consideration? This is the likelihood of an attack being successful.
You can change the default app that opens compatible file types
Yes
Phishing
a form of social engineering in which you ask someone for a piece of information that you are missing by making it look as if it is a legitimate request.
Replay Attacks
a kind of access or modification attack. In a distributed environment, logon and password information is sent between the client and the authentication system. The attacker can capture the information and replay it later.
Brute-Force Attack
an attempt to guess passwords until a successful guess occurs.
Stealth Virus
attempts to avoid detection by masking itself from applications. It may attach itself to the boot sector of the hard drive. Stealth viruses may also move themselves from fileA to fileB during a virus scan for the same reason.
Birthday Attack
built on a simple premise. If 25 people are in a room, there is some probability that two of those people will have the same birthday. The probability increases as additional people will enter the room.
After Penny broke up with her boyfriend, he texted some teammates from the track team about some private and intimate moments he and Penny had shared while they were dating. He even lied about their breakup, creating rumors about her behavior. Penny started getting inappropriate looks and advances from the team whenever she was at practice and felt completely humiliated. Penny is a victim of ________.
cyberbullying
Creating a(n) _____ means copying files from a computer's hard drive and storing them in a remote location.
data backup
design review assessment
examines the ports and protocols used, the rules, segmentation, and access control.
Malware _______ are delivery methods that take advantage of security flaws.
exploits
Macro Virus
exploits the enhancements made too many application programs that are used by programmers to expand the capability of applications such as Microsoft Word and Excel.
LDAP Injection
exploits weaknesses in LDAP implementations
Speech recognition refers to a computer's ability to record and edit human speech. True False
false
Full disclosure testing
find a weakness armed with information about the source code, the routing, and so on.
The best protection against cross-site scripting :
is to disable the running of scripts (and browser profiles)
Password Attacks
occur when an account is attacked repeatedly. This is accomplished by using applications known as password crackers, which send possible passwords to the account in a systematic manner.
Which of the following forms of identity theft involves posing as a legitimate researcher to ask for personal information?
pretexting
Botnets
software running on infected computers called zombies.
Stealth
these viruses attempt to avoid detection by masking themselves from applications.
Polymorphic
these viruses change form in order to avoid detection.
Companion
this type of virus attaches itself to legitimate programs and then creates a program with a different filename extension.
Phage
this type of virus is one that modifies and alters other programs and databases.
Some tracking devices include an alarm that sounds if the device moves out of range. Yes No
yes
For greater network security, leave encryption on your router turned off.
No
Buffer Overflow
Occurs when an application receives more data than it's programmed to accept
A hypervisor manages the creation and running of a virtual machine.
Yes
Two of the most common types of DoS attacks are the :
ping of death and the buffer overflow
Dictionary Attack
uses a dictionary of common words to attempt to find the user's password.
header manipulation attack
uses other methods (hijacking, cross-site forgery, and so forth) to change values in HTTP headers and falsify access.
One of the simplest ways to perform directory traversal :
using a command injection attack that carries out the action.
The purpose of biometric input is to _____.
verify identification
If just one point along a network path is unsecure, the data can be intercepted.
yes
InPrivate Filtering
you can configure the browser not to share information that can be captured and manipulated.
When purchasing a new electronic device, you should consider _____. Select all that apply.
Abd
To protect your information and help you to remember passwords, use your social media account login information to log into another site.
False
Directory traversal attack
If an attacker is able to gain access to restricted directories (such as the root directory) through HTTP
How does encryption work?
It scrambles data as it travels over the internet so hackers cannot access it
Identifying Vulnerability
Just knowing that the port is open means little unless you can associate it with the vulnerability tied to it.
A buffer stores input or output data in/on an area of the computer's ____.
Memory
Interpreting Results
Most of the vulnerability scanning programs, and the commercial ones in particular, interpret the results of their findings and deliver a report that can be shared with management.
Online fraud does not affect your credit score.
No
Zero-Day Exploits
When a hole is found in a web browser or other software and attackers begin exploiting it the very day it is discovered by the developer
Vulnerability
Where is the system weak? Identify the flaws, holes, areas of exposure, and perils.
Honeypot
a computer that has been designated as a target for computer attacks
The way to defend against a SQL Injection Attack or a SQL insertion attack
always to filter input.
To limit the potential damage from power spikes, use a(n) _______.
c. surge suppressor
Compressed files have the ____ file extension.
.zip
There are several types of password attacks:
1. Brute Force Attack 2. Dictionary Attack 3. Hybrid 4. Birthday Attack
An option button lets you select _______ in a group.
A
Emma downloaded a new game from an unfamiliar website. A few days later, Emma realized her system had been hacked and her credit card numbers were stolen. Without Emma knowing, what type of malware might she have downloaded to her computer?
A Trojan
How can an attacker execute malware through a script?
An attacker can impersonate a pop-up and when you click on it create a script to spread a Trojan.
_____ ensures that the person requesting access to a computer is not an imposter.
Authentication
Expanding a folder _____.
B
Biometric input devices include _____. Select all that apply.
BD
Siobhan has recently opened a Facebook account and as a new user, is posting frequently and accepting many friend requests. You see a post about an upcoming trip and notice that her profile is open to the public. What can you tell Siobhan to help her use social networking safely?
Be cautious about what information she posts.
The news reports a security breach of credit card information at a large department store that has recently laid off many employees. Why should the store investigate the possibility of the breach being from an insider?
Because insiders sometimes create threats after incidents at their places of employment
Why is it not safe to connect to public Wi-Fi networks?
Because these networks are rarely protected
ou can monitor and protect your financial data in all of the following ways EXCEPT _____.
Being cautious about what information you post on social networking sites.
Malware _______ are delivery methods that take advantage of security flaws. A. pranks B. stunts C. exploits D. insertions
C
Sideloading is the act of installing _______. A. Apple software on an iPhone or iPad B. additional memory on your device C. apps from somewhere other than your device's app store D. anti-theft devices on your device
C
To create a new folder, you should first _____.
C
Which of these is not a malware and not harmful to your computer? A. Trojan horse B. Worm C. Utility software D. Ransomware
C. Utility software
Full disk encryption protects _____.
C. a drive or device
Before donating a computer, you should _____. Select all that apply.
CB
By recycling electronics, you can help _____. Select all that apply.
CBD
Which OS is optimized for web apps?
Chrome OS
Technology can lead to all of the following behavioral risks EXCEPT _____.
higher satisfaction with life
Cookies that remain on your device indefinitely are called ______. A. resistant B. insistent C. constant D. persistent
D
To copy by dragging in Windows, hold the ____ key while you drag.
D. Ctrl
CRT monitors are considered dangerous due to the amount of _____ they contain. A. gold B. silicon C. iron D. lead
D. lead
Which task removes a folder and its contents completely?
Deleting
Social-networking sites have a history of providing tight security and giving users a clear understanding of how security features work.
False
Speech recognition refers to a computer's ability to record and edit human speech.
False
Which of the following is the strongest password?
H@veAGr3atDaY!
Marcus recently had his cell phone stolen. All of the following are security features that should help him locate his stolen phone EXCEPT which one?
His phone can generate an alarm even if it is on mute.
Privilege Escalation
Involves a user gaining more privileges than they should have.
Integer Overflow
Involves putting too much information into too small of a space. In this case, the space is that set aside of numbers.
In terms of privacy, which of the following is a best practice?
Keeping your Social Security number hidden in a locked box in your home
CRT monitors are considered dangerous due to the amount of _____ they contain.
Lead
How does discarding computers in a landfill affect the environment?
Lead and mercury in computer parts are seeping into the ground and water supply.
A padlock icon in the address bar indicates the current website is unsafe. Yes No
No
Which is a first step to deter thieves from accessing your financial information?
Review financial and billing statements each month carefully.
SPIM
Spam Over Instant Messaging
SPIT
Spam Over Internet Telephony
What is a digital certificate?
Technology used to verify a user's identity
A Trojan is a malicious program that uses a computer network to replicate.
True
There are fewer mobile operating systems than there are mobile phone brands and models.
True
Cross Site Scripting and Forgery
Using a client-side scripting language, it is possible for an attacker to trick a user who visits the site into having code execute locally. When this is done, it is known as cross site scripting (XSS).
Authenticode
a type of certificate technology that allows ActiveX components to be validated by a server.
Armored Virus
designed to make itself difficult to detect or analyze.
Adware
if the primary purpose of the malware application is to deliver ads, then it is classified as adware.
Phage Virus
modifies and alters other programs and databases. The virus infects all of these files. The only way to remove this virus is to reinstall the programs that are infected.
Encryption is an effective replacement for a firewall.
no
Encryption is an effective replacement for a firewall. Yes No
no
Online fraud does not affect your credit score. Yes No
no
Which of the following types of websites typically provides the least security?
social media sites
Backdoors
the term backdoor attack (known also as backdoor) can have two different meanings. The orginal term backdoor referred to troubleshooting and developer hooks into systems that often circumvented normal authentication.
Retroviruses
these viruses attack or bypass the antivirus software installed on a computer.
Multipartite
these viruses attack your system in multiple ways.
The best way to prevent LDAP injection attacks :
to filter the user input and to use a validation scheme to make certain that queries do not contain exploits.
The purpose of code review
to look at all custom written code for holes that may exist.
What type of security requires something you know and something you have that no one else has?
two factor authentication
Which of the following are signs of excessive Internet use? Select all that apply. A. irritability when offline B. sleep deprivation C. improved family relationships D. more active lifestyle
A;B
Features common to mobile apps include ____. Select all that apply.
ABCD
The Operating System provides utility software designed to perform specific tasks. What task(s) does it perform? Select all that apply.
ABCD
Zelda has been a victim of cybersecurity attacks twice, losing considerable sums of money each time. How can she ensure that she does not become a victim to it again? Select all that apply.
ABCD
In macOS and Windows, the Documents folder is a(n) _____.
C. location on the hard drive that may open by default
To use a security cable with a smartphone, you may need to add a(n) _______.
C. locking plate
Sandra has been getting multiple blank calls every day from an unknown caller. She has also been getting rude emails from email addresses she does not recognize, and intimidating messages on Facebook Messenger from a fake profile. What can you conclude about Sandra?
C. she is a victim of cyberbullying
How can you protect personal information gathered by legitimate organizations?
Create a separate email account for receiving information from websites.
A program window displays the program files on your computer.
No
How can you protect a computer from electrical spikes and surges?
Use a surge protector.
When the user enters values that query XML with values that take advantage of exploits, it is known as an ___________________ attack.
XML injection
XML is known as
XPath
Some web browsers do not support plug-ins.
Yes
Which of the following statements about browser security settings is false?
You must keep your accumulated web history as long as you use the browser.
Identifying Lack of Security Controls
You want to know not just what is weak, but also what is missing altogether.
Locally Shared Object
commonly known as a Flash Cookie and is nothing more than data stored on a user's computer by Adobe Flash.
Man-in-the-Middle Attacks
intercepts data and then sends the information to the server as if nothing is wrong.
Vulnerability scanning
involves looking for weaknesses in networks, computers, or even applications.
TCP/IP Hijacking
involves the attacker gaining access to a host in the network and logically disconnecting it from the network. The attacker then inserts another machine with the same IP address.
Spyware
it works often actively on behalf of a third party. Rather than self-replicating, like viruses and worms, spyware is spread to machines by users who inadvertently ask for it.
CRT monitors are considered dangerous due to the amount of _____ they contain.
lead
attack
occurs when an unauthorized individual or group of individuals attempts to access, modify, or damage your systems or environment.
Rootkits
software programs that have the ability to hide certain things from the operating system. With a rootkit, there may be a number of processes running on a system that do not show up in Task Manager or connections established or available that do not appear in a net stat display - the rootkit masks the presence of these items.
With more and more people using technology, what physical health diagnosis is on the rise?
technology addiction
The goal of attack surface reduction (ASR)
to minimize the possibility of exploitation by reducing the amount of code and limiting potential damage.
The best defense against a typo squatting
to register those domains around yours for which a user might intentionally type in a value when trying to locate you.
problems with transitive access were solved by creating :
transitive trust
Hybrid
typically uses a combination of dictionary entries and brute force.
If just one point along a network path is unsecure, the data can be intercepted. Yes No
yes
How is a worm different from a Trojan?
A worm spreads through a network, whereas a Trojan hides inside another program.
The ______ in flat panel fluorescent backlights is difficult to recycle.
A. mercury
Session Hijacking
Describes when the item used to validate a user's session, such as a cookie, is stolen and used by another to establish a session with a host that thinks it is still communicating with the first party.
As a best practice, always navigate to sensitive accounts through links in email messages you receive.
No
If your Bluetooth pointing device isn't working, a USB transmitter may be the problem.
No
An option button lets you select _______ in a group.
One of several options
Transitive Access
One party (A) trusts another party (B). If the second party (B) trusts another party (C), then a relationship may exist whereby the third party (C) is trusted by the first party (A).
Polymorphic Virus
Polymorphic Virus and Polymorphic malware of any type - though viruses are the only ones truly prevalent - change form in order to avoid detection.
Cassidy is a medical assistant in a hospital and has access to many medical files. When she brings patients to the examining room, she can be observed swiping a card, typing in a password, and staring into what appears to be a camera, all attached to the computer. After completing her check-in, Cassidy leaves the patient in the examining room waiting on the doctor. It is important that she logs out of the system so the patient does not have access to the information stored in the hospital's database. Based on Cassidy's actions what systems do you think the hospital has in place to protect the patient medical records?
Two factor authentication
A user account includes permissions that control which files and folders the user can access.
Yes
Disk defragmentation is generally not necessary in macOS.
Yes
If just one point along a network path is unsecure, the data can be intercepted.
Yes
Parallel processing divides one task among many processors so parts of the task are completed simultaneously.
Yes
Prolonged typing without sufficient breaks can cause nerve damage.
Yes
Using a lock screen limits unauthorized access to a device.
Yes
You can set notifications so that only alerts for selected apps appear.
Yes
In which of the following situations is a digital certificate useful?
You are signing a rental lease.
Pharming Attacks
a form of redirection in which traffic intended for one host is sent to another. This can be accomplished on a small scale by changing entries in the hosts file and on a large scale by changing entries in a DNS server.
Rogue code
allows the attacker to then install or execute programs on the affected machine remotely. What is relevant to the discussion on access is that the newly installed programs run with the privilege level of the individual who accessed the server. If that user had elevated privileges - a junior administrator, for example - then the malware runs at that level.
Antivirus software
an application that is installed on a system to protect it and to scan for viruses as well as worms and Trojan horses.
SQL Injection Attack
an attacker manipulates the database code to take advantage of a weakness in it.
Spoofing Attacks
an attempt by someone or something to masquerade as someone else. This type of attack is usually considered an access attack.
Sideloading is the act of installing _______.
apps from somewhere other than your device's app store
Cookies
are text files that a browser maintains on the user's hard disk in order to provide a persistent, customized web experience for each visit.
Spam
as any unwanted, unsolicited email, and not only can the sheer volume of it be irritating, but it can also often open the door to larger problems.
Companion Virus
attaches itself to legitimate programs and then creates a program with a different filename extension. This file may reside in your system's temporary directory. When a user types the name of the legitimate program, the companion virus executes instead of the real program.
Retrovirus
attacks or bypasses the antivirus software installed on a computer. You can consider a retrovirus to be an anti-virus. Retroviruses can directly attack your antivirus software and potentially destroy your virus definition database file.
Multipartite Virus
attacks your system in multiple ways. It may attempt to infect your boot sector, infect all of the executable files, and destroy your application files.
Smurf Attacks
can create havoc in a network. This attack consists of spoofing the target machine's IP address and broadcasting to that machine's routers so that the routers think the target is sending out the broadcast. This causes every machine on the network to respond to the attack. The result is an overload of the target system.
Baseline Reporting
checks to make sure that things are operating status quo, and change detection is used to alert administrators when modifications are made. A changes-from-baseline report can be run to pinpoint security rule breaches quickly.
Rainbow Table Attack
focuses on identifying a stored value. By using values in an existing table of hashed phrases or words and comparing them to values found, a rainbow table attack can reduce the amount of time needed to crack a password significantly. Salt can greatly reduce the ease by which rainbow tables can be used.
Which of the following is a characteristic of a strong password?
letters, numbers, and symbols
Banner grabbing
looks at the banner, or header information messages sent with data to find out about the systems
Numerous types of attacks use session hijacking, including:
man—in the-middle and side-jacking.
Ransomware
often delivered through a Trojan, takes control of a system and demands that a third party be paid. The "control" can be accomplished by encrypting the hard drive, by changing user password information, or via any of a number of other creative ways.
Cookies that remain on your device indefinitely are called ______.
persistent
What is it called when an attacker convinces you to enter personal information at an imposter website after receiving an email from a person masquerading as an employee from your bank?
phishing
attack surface of an application
the area of that application that is available to users - those who authenticated and, more importantly, those who are not.
Macro
this type of virus exploits the enhancements made to many application programs, which are used by programmers to expand the capability of applications.
Armored
this type of virus is one that is designed to make itself difficult to detect or analyze.
The best way to prevent XML injection attacks is
to filter the user's input and sanitize it to make certain that it does not cause XPath to return more data than it should.
The best defense against a watering hole attack
to make certain that all your partners are safe.
transitive trust
which are a type of relationship that can exist between domains
Some tracking devices include an alarm that sounds if the device moves out of range.
yes
