Network Defense Chapter 3

Spyware

If an attacker wishes to collect confidential financial data, passwords, PINs and any personal data stored on your computer which of the following programs would they choose to use? Spybot Adware Malware Spyware

backdoor

Trojan Programs can install a specific type of program to allow an attacker access to the attacked computer later. What means of access is the attacker utilizing? shell backdoor worm macro virus

buffer overflow

When a programmer exploits written code that doesn't check for a defined amount of memory space they are executing which of the following attacks? buffer overflow session hijacking DDoS DoS

rootkit

Which of the following is created after an attack and usually hides within the OS tools, so it is almost impossible to detect? toolbox rootkit macro virus shell

antivirus

Which type of program can mitigate some risks associated with malware? antivirus shells bots rootkits

Network security

Which type of security is specifically concerned with computers or devices that are part of a network infrastructure? Host security Network security Server security Computer security

macro

Which type of virus is written as a list of commands that can be set automatically to run as soon as a computer user opens the file? keylogger adware rootkit macro

True

Whitelisting allows only approved programs to run on a computer. True False

Intrusion Detection System

The acronym IDS stands for which of the following? Information Destruction System Intrusion Detection System Intruder Dispersal System Information Dissemination System

Adware

Which of the following sometimes displays a banner that notifies the user of its presence? Webware Adware Spyware Malware

Session hijacking

Which type of attack is being carried out when an attacker joins a TCP session and makes both parties think he or she is the other party? A buffer overflow attack Session hijacking A DoS attack Ping of Death

virus

What type of malicious program cannot stand on its own and can replicate itself through an executable program attached to an e-mail? rootkit shell keylogger virus

True

Malware is malicious software, such as a virus, worm, or Trojan program, introduced into a network. True False

Ping of Death

What type of attack causes the victim's computer to crash or freeze when the attacker delivers an ICMP packet that is larger than the maximum allowed 65,535 bytes? session hijacking MTU ping buffer overflow Ping of Death

Man-in-the-Middle

What type of attack is occurring when an attacker places themselves between two parties and manipulates messages being passed back and forth? Man-in-the-Middle Ping of Death DDOS Middle-Capture

Keyloggers

What type of hardware devices and computer programs can be used to obtain passwords by capturing key strokes on a targeted computer system? Keyloggers Shells Macro viruses Viruses

Trojan programs

What type of malicious computer programs present themselves as useful computer programs or applications? macro viruses Spyware programs Trojan programs worms

eavesdropping

What type of malicious procedure involves using sniffing tools to capture network communications to intercept confidential information or gather credentials that can be used to extend the attack? capturing overflowing eavesdropping injecting

ransomware

What type of virus is used to lock a user's system, or cloud accounts until the system's owner complies by paying the attacker a monetary fee? macro ransomware keylogger rootkit

zombies

When a computer hacker uses multiple compromised computers to carry out a DDOS attack, the compromised computers are usually referred to as which of the following? viruses macros zombies cyborgs

card access

Which of the following physical security methods provides the ability to secure a company's assets and document any individuals physical time of entry? rotary locks card access combination locks deadbolt locks

signatures

Which term best describes a hash or code pattern that antivirus software companies use to compare known viruses to every file on a computer? signatures heuristics macros bots

heuristics

Which term best describes malicious programmatic behaviors that antivirus software companies use to compare known viruses to every file on a computer? macros signatures heuristics bots

denial-of-service

Which type of attack cripples the network and prevents legitimate users from accessing network resources? denial-of-service buffer overflow social engineering session hijacking

False

Malware programs cannot be detected by antivirus programs. True False

False

A DDoS attack is launched against a host from a single server or workstation. True False

antivirus

The virus signature file is maintained by what type of software? antivirus keylogger remote control firewall

True

In a buffer overflow attack, an attacker finds a vulnerability in poorly written code that doesn't check for a defined amount of memory space use. True False

social engineering

A computer hacker may use a phishing e-mail to lure a user into following a malicious link. What type of technique is being used by the computer hacker? mail fraud social engineering heuristics ransoming

worm

A malicious computer program that replicates and propagates itself without having to attach to a host is called which of the following? shell worm Trojan virus