Chapter 2 Quiz prep

Ace your homework & exams now with Quizwiz!

You have just discovered that a hacker is trying to penetrate your network using MAC spoofing. Which of the following BEST describes MAC spoofing?

Changing a hacker's network card to match a legitimate address being used on a network.

There are five phases in the security intelligence life cycle. During which phase do you gather and process information from your internal sources, such as system and application logs?

Collection

Which type of security control identifies, logs, and reports incidents as they happen?

Detective

A list of actions and objectives taken to mitigate risk is known as a:

Framework

Which of the following motivates attackers to use DoS and DDoS attacks?

Hacktivism, profit, and damage reputation

Which items should be included in data retention standards?

How long to store data How data should be destroyed

Which security control category controls system oversight?

Managerial

Which enumeration process tries different combinations of usernames and passwords until it finds something that works?

Brute force

Restoring data from backup is an example of which type of security control?

Compensating

Jose, a medical doctor, has a mobile device that contains sensitive patient information. He is concerned about unauthorized access to the data if the device is lost or stolen. Which of the following is the BEST option for preventing this from happening?

Configure the device to remotely wipe as soon as it is reported lost.

Which of the following BEST describes the key difference between DoS and DDoS?

DDoS has attackers using numerous computers and connections.

During which phase of the Kill Chain framework is malware code encapsulated into commonly used file formats, such as PDF files, image files, or Word documents?

Weaponization

You are looking through your network usage logs and notice logins from a variety of geographic locations that are far from where your employees usually log in. Could this be a problem and why?

Yes. Logins from strange geographical locations can show that a hacker is trying to gain access from a remote location.

Which of the following operating systems is the most prevalent on the smartphone market?

Android

Which threat modeling measurement is used to describe how an attack can exploit a vulnerability?

Attack vector

Threat actors can be divided into different types based on their methods and motivations. Which type of hacker usually targets government agencies, corporations, or other entities they are protesting?

Hacktivist

What seven-phase framework did Lockheed Martin develop to identify an attacker's step-by-step attack process?

Kill Chain

Which framework includes the Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control, and Actions on Objectives phases?

Kill Chain

Which type of testing is typically done by an internal tester who has full knowledge of the network, computer system, and infrastructure?

Known

Which of the following Bring Your Own Device (BYOD) risks is both a security issue for an organization and a privacy issue for a BYOD user?

Mixing personal and corporate data

Which type of test simulates an insider threat by giving the tester partial information about the network and computer systems?

Partially known

Threats that do not have an existing fix, do not have any security fixes, and do not have available patches are called what?

Zero-day threats

Which security function identifies and evaluates threats in hopes of reducing their impact?

Risk management

Which of the following can void a mobile device's warranty, cause poor performance, or brick a mobile device (making it impossible to turn on or repair)?

Rooting or jailbreaking

Mary has been receiving text messages that contain links to malicious websites. Which type of attack is Mary a victim of?

SMiShing


Related study sets

Health (learning and making choices)

View Set

ITIL Introducción a la gestión de servicios TI Módulo 1

View Set

Unit 3 - Nursing Process, Nursing Process Practice Questions, Chapter 2. Critical Thinking & the Nursing Process, Chapter 3. Nursing Process: Assessment, Chapter 5. Nursing Process: Planning Outcomes, Chapter 6. Nursing Process: Planning Intervention...

View Set

Apex Learning 2.3.2 Quiz Career and College Prep

View Set