Week 1 - Understanding Security Threats
What is it called when a hacker is able to get into a system through a secret entryway in order to maintain remote access to the computer?
A backdoor
Which of these sends tons of packets to a system in order to crash it or prevents services from being available? Check all that apply. An Evil Twin Ping flood Ping of Death (POD) SYN flood
Ping flood SYN flood
What could potentially decrease the availability of security and also test the preparedness of data loss? Adware Keylogger Spyware Ransomware
Ransomware
An unhappy Systems Administrator wrote a malware program to bring down the company's services after a certain event occurred. What type of malware does this describe? Ransomware Spyware A logic bomb A rootkit
A logic bomb
Botnets are designed to steal _____ from the victim. Credit card information Money Username and passwords Computing resources
Computing resources
An end-user received an email stating his bank account was compromised, and that he needs to click a link to reset his password. When the user visited the site, he recognized it as legitimate and entered his credentials which were captured by a hacker. What type of social engineering attack does this describe? A baiting attack A phishing attack A SQL injection attack A tailgating attack
A phishing attack
Phishing, baiting, and tailgating are examples of ________ attacks. Malware Password Social engineering Network
Social engineering
The practice of tricking someone into providing information they shouldn't is called ________. Man-in-the-middle attacks Brute force attacks Eavesdropping Social engineering
Social engineering
An attack that would allow someone to intercept your data as it's being sent or received is called a(n) _________ attack. Injection Denial of Service SYN flood Man-in-the-middle
Man-in-the-middle
If a hacker can steal your passwords by installing malware that captures all the messages you type, what kind of malware did the hacker install? Check all that apply. A rootkit Spyware A keylogger A logic bomb
Spyware A keylogger
Which of these is an example of the confidentiality principle that can help keep your data hidden from unwanted eyes? Preventing data loss Making sure the data hasn't been tampered with Preventing an unwanted download Protecting online accounts with password protection
Protecting online accounts with password protection
The best defense against injection attacks is to ______. Use antimalware software Use input validation Use strong passwords Use a firewall
Use input validation
The best defense against password attacks is using strong _______. Firewall configs Passwords Encryption Antimalware software
Passwords
When cleaning up a system after a compromise, you should look closely for any ______ that may have been installed by the attacker. Backdoors Poisoned DNS caches Injection attacks Rogue APs
Backdoors
Which of these is true of blackhat and whitehat hackers? Blackhats are malicious. Whitehats exploit weakness to help mitigate threats. Blackhats work with owners to fix problems. Whitehats are just trying to get into a system. Blackhats try to find weaknesses, but whitehats don't. Blackhats and whitehats shouldn't be trusted.
Blackhats are malicious. Whitehats exploit weakness to help mitigate threats.
How can injection attacks be prevented? Check all that apply. Input validation Flood guards Log analysis systems Data sanitization
Input validation Data sanitization
What type of attack can a hacker perform that involves injecting malicious code into a website to hijack a session cookie? Cross-site Scripting (XSS) A password attack SQL injection Ping flood
Cross-site Scripting (XSS)
An attacker could redirect your browser to a fake website login page using what kind of attack? Injection attack DNS cache poisoning attack DDoS attack SYN flood attack
DNS cache poisoning attack
You receive a legitimate-looking email from a sender that you recognize asking you to click a funny link. But, once you do, malware installs on your computer. What is most likely the reason you got infected? The sender's email address was spoofed. The sender's email password was used in a DNS Cache Poisoning attack. The sender's email password was cracked. The sender's email has been hacked.
The sender's email password was used in a DNS Cache Poisoning attack.
What can occur during a ping of death (POD) attack? Check all that apply. A Denial-of-Service (DoS) A buffer overflow Baiting Remote code execution
A Denial-of-Service (DoS) A buffer overflow Remote code execution
A network-based attack where one attacking machine overwhelms a target with traffic is a(n) _______ attack. Injection Denial of Service Brute force password Malware
Denial of Service
A(n) _____ attack is meant to prevent legitimate traffic from reaching a service. Injection Password Denial of Service DNS Cache poisoning
Denial of Service
What is it called if a hacker takes down multiple services very quickly with the help of botnets? Cross-site Scripting (XSS) A password attack Distributed denial-of-service (DDoS) A SQL injection
Distributed denial-of-service (DDoS)
If a hacker targets a vulnerable website by running commands that delete the website's data in its database, what type of attack did the hacker perform? SQL injection A Denial-of-Service (DoS) attack Cross-site Scripting (XSS) A dictionary attack
SQL injection
A SYN flood occurs when the attacker overwhelms a server with ______. SYN packets ACK packets Malware Injection attacks
SYN packets
An attacker, acting as a postal worker, used social engineering tactics to trick an employee into thinking she was legitimately delivering packages. The attacker was then able to gain physical access to a restricted area by following behind the employee into the building. What type of attack did the attacker perform? Check all that apply. Phishing Social engineering Tailgating Spoofing
Social engineering Tailgating
How can you increase the strength of your passwords? Check all that apply. Use a mix of capital and lowercase letters. Exclude dictionary words. Incorporate symbols and numbers. Use passwords from a precompiled list.
Use a mix of capital and lowercase letters. Exclude dictionary words. Incorporate symbols and numbers.
Which of these is an example of the integrity principle that can ensure your data is accurate and untampered with? Keeping a symmetric key secret Using MACs (Message Authentication Codes) Implementing flood guards Using Encapsulating Security Payload
Using MACs (Message Authentication Codes) Using Encapsulating Security Payload
What's the difference between a virus and a worm? Viruses replicate through files, but worms live on their own. Viruses do not replicate like worms do. Worms replicate, viruses do not. Worms replicate through files, but viruses live on their own.
Viruses replicate through files, but worms live on their own.
Which of the following are examples of injection attacks? Check all that apply. SQL injection attack Social engineering attack XSS attack SYN flood attack
SQL injection attack XSS attack
A hacker stood outside a building and spun up a wireless network without anyone's knowledge. At that point, the hacker was able to gain unauthorized access to a secure corporate network. Which of these is the name of this type of attack? A DNS Cache Poisoning attack A Denial-of-Service (DoS) attack A Rogue AP (Access Point) attack SYN flood attack
A Rogue AP (Access Point) attack
Which of these is a characteristic of Trojan malware? A Trojan may get installed without the user's consent. A Trojan is basically backdoor malware. A Trojan infection needs to be installed by the user. A Trojan is the same thing as a rootkit.
A Trojan infection needs to be installed by the user.
Which of these is where a victim connects to a network that the victim thinks is legitimate, but is really an identical network controlled by a hacker to monitor traffic? Evil Twin A logic bomb DNS Cache Poisoning A Denial of Service (DoS)
Evil Twin
If there are cyber threats and vulnerabilities to your system, what does that expose you to? Check all that apply. Tailgating Exploits Attacks The CIA triad
Exploits Attacks
What makes a DDoS attack different from a DoS attack? Check all that apply. A DoS attack has attack traffic coming from one source. A DDoS attack has attack traffic coming from one source. A DDoS attack has attack traffic coming from many different sources. A DoS attack has attack traffic coming from many different sources.
A DoS attack has attack traffic coming from one source. A DDoS attack has attack traffic coming from many different sources.
A hacker infected your computer to steal your Internet connection and used your machine's resources to mine Bitcoin. What is the name of this kind of attack? Ransomware Adware Spyware A bot
A bot
Which of these is true of vulnerabilities? Check all that apply. A vulnerability is a flaw in the code of an application that can be exploited. An exploit is the possibility of taking advantage of a vulnerability bug in code. A vulnerability is the possibility of suffering a loss in the event of an attack. An exploit takes advantage of bugs and vulnerabilities.
A vulnerability is a flaw in the code of an application that can be exploited. An exploit takes advantage of bugs and vulnerabilities.
Which of these are ways a hacker can establish a man-in-the-middle attack? Check all that apply. Evil Twin Tailgating Session hijacking Rogue Access Point (AP)
Evil Twin Session hijacking Rogue Access Point (AP)
Which of these is a way to help prevent brute-force attacks? Check all that apply. Strong passwords Password crackers Captchas Using a precompiled list of common passwords
Strong passwords Captchas