module 19: Methods of securing Information

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Put the steps for how a virus infects a digital device in the correct order.

1. The virus arrives via email attachment, file download, or by visiting a website that has been infected. 2. An action such as running or opening a file activates the virus. 3. the infection spreads to other computers via infected email, files, or contact with infected web sites. 4. The payload or the component of a virus that executes the malicious activity hits the computer and other infected devices.

Which of the following statements about computer viruses are true?

A computer virus is software that infects computers and is created using computer code. Viruses can destroy programs or alter the operations of a computer or network.

A deliberate misuse of computers and networks via the Internet that uses malicious code to modify the normal operations of a computer or network is called __.

A cyberattack

Used by firewalls, routers, and computers that are part of a network and are connected to the Internet, Network ___ Translation provides a type of firewall protection by hiding internal IP addresses.

Access

You are speaking with a friend about how to protect yourself from phishing scams. Your friend (who works in cybersecurity) gives you some advice about what to do if you receive a phishing message. Which of the following statements would be considered good advice?

Banks and credit card companies will never ask you to provide personal information via email messages. If you receive a suspicious message, contact the institution that the message was allegedly sent from. Contact US-CERT.

According to Norton, which of the following steps should be taken to defend against rootkits?

Be aware of phishing emails Watch out for drive-by-downloads Don't ignore software updates

Match each statement to the correct term related to DoS attacks. Distributed Denial of Service (DDoS) Attack Bot Botnet

Bot = A hacker uses software to infect computers, including laptops, desktops, tablets, and Internet of Things (IoT) devices, turning each computer into a zombie Distributed Denial of Service (DDoS) Attack = When a hacker gains unauthorized access and control of a network of computers that are connected to the Internet. Botnet = A group of computers under the control of a hacker.

Rootkits are typically used to allow hackers to do which of the following?

Create a backdoor into a computer Remotely control the operations of a computer.

A DDoS attack is when computers that have been infected by a virus act as "zombies" and work together to send out illegitimate messages creating huge volumes of network traffic. The acronym DDoS stands for_______

Distributed Denial of Service = DDoS

An attack on a network that is designed to interrupt or stop network traffic by flooding it with too many requests is called a _____ attack

DoS, DOS, denial of service

Computer viruses are not frequently disguised as attachments of funny images, greeting cards, or audio and video files.

False

Before data security strategies are created, which questions must be answered?

Is this the highest priority security risk? What is the risk I am reducing? Am I reducing the risk in the most cost-effective way?

The technology that provides a type of firewall protection by hiding internal IP addresses is called _____.

NAT Network Address Translation (NAT) is used to protect data. It was developed by Cisco and is used by firewalls, routers, and computers that are part of a network and are connected to the Internet.

Select what's true about Trojan malware.

Often found attached to free downloads and apps Similar to viruses, but do not replicate themselves Often used to find passwords, destroy data, or to bypass firewalls

Activities where white-hat hackers are paid to hack into private networks and applications is referred to as __ testing.

Penetration

Which of the following statements correctly describes phishing?

Phishing is the illegitimate use of an email message that appears to be from an established organization such as a bank. Phishing scams use legitimate looking email messages to con a user into giving up private information.

Select the true statements about ransomware attacks.

Ransomware is malware that makes a computer's data inaccessible until a ransom is paid. Ransomware attacks invade computers via Trojan Horse viruses, worms, or by a user opening a legitimate looking email. One of the most popular methods used in ransomware attacks is through phishing.

Select the true statements about keystroke loggers.

Software based keystroke loggers are often a Trojan that is installed without the user's knowledge Can be hardware devices and software applications Keystroke loggers can record passwords and confidential information

The NIST states that cybersecurity risk assessments are essential for determining which data should be protected. NIST stands for National Institute of ___ and Technology.

Standards

There are multiple ways ransomware attacks can be launched. Which of the following are methods a ransomware attack can be launched?

Trojan Horse Phishing

Which of the following are considered cybercrimes?

Trojan horse viruses Computer hacking Digital identity theft

Select what's true about how a Trojan infects a computer system.

Trojans are commonly used by hackers to gain access to systems and devices. Trojans are designed using some sort of social engineering tactic. Hackers use Trojans to create a backdoor into a user's system which allows them to spy on the computer's activities.

Mohammed is experiencing issues with his work computer. He speaks to the IT department and they identify various symptoms of a computer virus. Symptoms of a computer virus include:

Unexpected error messages Critical files may be automatically deleted The operating system may not launch properly

Select the true statements about white hat hackers.

Use the same techniques and tools that are used by illegitimate hackers. Breach and attack simulation technologies are used to automate hacking and threat/infiltration analysis. The goal of white hat hackers is to find gaps in network security and to test security defenses.

According to the National Institute of Standards Technology (NIST), cybersecurity personnel can take steps to ensure data and systems are protected. The first thing an organization should conduct is a cybersecurity risk assessment. The cybersecurity risk assessment is concerned with answering which of the following questions?

What are our organization's most important information technology assets? What are the relevant threats and the threat sources to our organization? What are the internal and external vulnerabilities?

TechJury compiled a list of cybersecurity statistics that show the impact of different malware and network attacks. Match the correct percentage to the correct statement.

What percentage of cyberattacks are aimed at small business? = 43% What percentage of cyberattacks are launched with a phishing email? = 91% What percentage of daily email attachments are harmful for their intended recipient? = 85% What percentage of malicious attachments are masked as Microsoft Office files? = 38%

Malware is short for malicious software and is designed to steal information, destroy data, impact the operations of a computer or network, or frustrate the user. Common types of malware include:

Worms Viruses Trojans

Security risk can be calculated using the following calculation: Risk = Threat x Vulnerability x ___

asset

A deliberate misuse of computers and networks, _____ use malicious code to modify the normal operations of a computer or network.

cyberattacks

A crime in which a computer is the object of the crime or is used to commit a criminal offense is called _____.

cybercrime

A _____ denial-of-service (DDoS) attack takes place when a hacker gains unauthorized access and control of a network of computers that are connected to the Internet.

distributed

Hardware or software used to keep a computer secure from outside threats such as hackers and viruses by allowing or blocking Internet traffic is called a ____.

firewall

Personal software ____ are typically included with the operating system and can be configured based on user preference.

firewalls or firewall

Sharing infected files and opening an infected email attachment are ways that a computer ____ can infect a digital device.

virus


Set pelajaran terkait

3011PSY Lifespan Dev - Week 2 (Prenatal and Early Development)

View Set

Managerial Accounting Exam CH 5-8

View Set

Human Phys. Chapter 16 Study Questions

View Set

Hannah Chong Pui Ching Middle School 2020-21 F1 Term1 English Uniform Test

View Set

Chapter 11 Inquizitive: The South and Slavery

View Set

CompTIA Security+ 2.5 - Incident Response Procedures

View Set

Science Bowl Practice Questions - Math

View Set