Network Defense Chapter 3
Spyware
If an attacker wishes to collect confidential financial data, passwords, PINs and any personal data stored on your computer which of the following programs would they choose to use? Spybot Adware Malware Spyware
backdoor
Trojan Programs can install a specific type of program to allow an attacker access to the attacked computer later. What means of access is the attacker utilizing? shell backdoor worm macro virus
buffer overflow
When a programmer exploits written code that doesn't check for a defined amount of memory space they are executing which of the following attacks? buffer overflow session hijacking DDoS DoS
rootkit
Which of the following is created after an attack and usually hides within the OS tools, so it is almost impossible to detect? toolbox rootkit macro virus shell
antivirus
Which type of program can mitigate some risks associated with malware? antivirus shells bots rootkits
Network security
Which type of security is specifically concerned with computers or devices that are part of a network infrastructure? Host security Network security Server security Computer security
macro
Which type of virus is written as a list of commands that can be set automatically to run as soon as a computer user opens the file? keylogger adware rootkit macro
True
Whitelisting allows only approved programs to run on a computer. True False
Intrusion Detection System
The acronym IDS stands for which of the following? Information Destruction System Intrusion Detection System Intruder Dispersal System Information Dissemination System
Adware
Which of the following sometimes displays a banner that notifies the user of its presence? Webware Adware Spyware Malware
Session hijacking
Which type of attack is being carried out when an attacker joins a TCP session and makes both parties think he or she is the other party? A buffer overflow attack Session hijacking A DoS attack Ping of Death
virus
What type of malicious program cannot stand on its own and can replicate itself through an executable program attached to an e-mail? rootkit shell keylogger virus
True
Malware is malicious software, such as a virus, worm, or Trojan program, introduced into a network. True False
Ping of Death
What type of attack causes the victim's computer to crash or freeze when the attacker delivers an ICMP packet that is larger than the maximum allowed 65,535 bytes? session hijacking MTU ping buffer overflow Ping of Death
Man-in-the-Middle
What type of attack is occurring when an attacker places themselves between two parties and manipulates messages being passed back and forth? Man-in-the-Middle Ping of Death DDOS Middle-Capture
Keyloggers
What type of hardware devices and computer programs can be used to obtain passwords by capturing key strokes on a targeted computer system? Keyloggers Shells Macro viruses Viruses
Trojan programs
What type of malicious computer programs present themselves as useful computer programs or applications? macro viruses Spyware programs Trojan programs worms
eavesdropping
What type of malicious procedure involves using sniffing tools to capture network communications to intercept confidential information or gather credentials that can be used to extend the attack? capturing overflowing eavesdropping injecting
ransomware
What type of virus is used to lock a user's system, or cloud accounts until the system's owner complies by paying the attacker a monetary fee? macro ransomware keylogger rootkit
zombies
When a computer hacker uses multiple compromised computers to carry out a DDOS attack, the compromised computers are usually referred to as which of the following? viruses macros zombies cyborgs
card access
Which of the following physical security methods provides the ability to secure a company's assets and document any individuals physical time of entry? rotary locks card access combination locks deadbolt locks
signatures
Which term best describes a hash or code pattern that antivirus software companies use to compare known viruses to every file on a computer? signatures heuristics macros bots
heuristics
Which term best describes malicious programmatic behaviors that antivirus software companies use to compare known viruses to every file on a computer? macros signatures heuristics bots
denial-of-service
Which type of attack cripples the network and prevents legitimate users from accessing network resources? denial-of-service buffer overflow social engineering session hijacking
False
Malware programs cannot be detected by antivirus programs. True False
False
A DDoS attack is launched against a host from a single server or workstation. True False
antivirus
The virus signature file is maintained by what type of software? antivirus keylogger remote control firewall
True
In a buffer overflow attack, an attacker finds a vulnerability in poorly written code that doesn't check for a defined amount of memory space use. True False
social engineering
A computer hacker may use a phishing e-mail to lure a user into following a malicious link. What type of technique is being used by the computer hacker? mail fraud social engineering heuristics ransoming
worm
A malicious computer program that replicates and propagates itself without having to attach to a host is called which of the following? shell worm Trojan virus