CTI 120 Final
As the Chief Security Officer for a small medical records processing company, you have just finished setting up the physical security for your new office. You have made sure that the parking lot is illuminated, that you have guards at the door as well as doing periodic patrols, and you have badge readers throughout the building at key locations. You also have put biometric access technology on the data center door. And of course, you have cameras in the parking lot, building entrances, and the data center entrances. This is an example of which security concept ?
Defense in depth
This Windows 10 feature hardens the system against malware by running only trusted applications, preventing malicious code from running. This uses the processor's virtualization to protect the PC.
Device Guard
Which of the following refers to a form of brute force password attack that uses an extensive list of pre-defined passwords?
Dictionary
A type of attack that uses an extensive list of potential passwords based on common words is known as a(n) __________________
Dictionary Attack
Which of the following are common types of routing protocols? (Choose all that apply.)
Distance vector Link state
The _____________ stores a copy of the centralized database ( accounts and security information of a domain) used in Active Directory.
Domain Controller
What type of server runs Active Directory storing a copy of the account and security information?
Domain Controller
The two common types of Network Address Translation are [_____] and [___].
Dynamic Static
A client wants to use smart cards with the VPN. Which authentication protocol should be used?
EAP
Which technology is used to encrypt an individual file on an NTFS volume?
EFS
The process of scrambling information so that it needs to be decoded before it can be read is called _________________
Encryption
Which of the following is not a method for authentication?
Encryption
Which type of permission is granted directly to a file or folder?
Explicit
Which of the following are considered removable devices or drives? (Choose all that apply.)
External hard drive Memory card USB flash drive
An authentication server on a DMZ that will allow only users from a partner company. Which type of network is being configured?
Extranet
A public Wi-Fi network in a coffee shop or a hotel is NOT subject to a sniffer attack.
False
Email attachments are safe to open from any sender.
False
For a more secure environment, all users should be administrators of their computer and not a standard user.
False
When installing apps on mobile devices you do not need to review the permissions requested by the app.
False
A central, secure database in which Windows stores hardware and software configuration information and system security policies is ______________________. This includes information about device drivers, setup programs, hardware profiles and user profiles.
...
Active Directory provides a variety of network services including the following (select all correct answers)
...
How can password security be bypassed?
...
The benefits of a VLAN are: (Select the best answer)
...
Which of the following are advantages of SSTP? (Select the best answer)
...
You are setting up your first secure Windows workstation and you are setting the password history. What are the minimum and maximum settings you can use?
0, 24
SMTP uses TCP port:
25
On which OSI layer do routers function?
3
On which OSI layer do TCP and UDP function?
4
When using Internet Explorer, how many content zones are there?
4
The highest setting that account lockout duration can use is _______________.
99,999
What is the maximum setting for Minimum Password Age?
998
A(n) _______________ tracks which user can access which object and what the user can do with that object.
ACL
A firewall technology that supports address and port translation and checks whether the type of application traffic is allowed.
ALG
The three common types of protocol spoofing are [___] spoofing, [____] spoofing, and [_____] address spoofing.
ARP Soofing DNS Spoofing IP address Spoofing
An attack on the protocol that determines a devices MAC address on the network using the IP address. The attacker can take over the IP address of the victim.
ARP spoofing
If a user is deploying technologies to restrict access to a resource, they are practicing the __________ security principle.
Access Control
When the user has exceeded the number of incorrect logon attempts this setting will determine how long they must wait before attempting to logon again.
Account Lockout Duration
The number of incorrect logon attempts permitted before a system will lock an account is known as the _______________________.
Account Lockout Threshold
Which setting should be applied to ensure that a possible dictionary attack against a Windows application server has a limited chance at success?
Account Lockout Threshold
Which of the following should be performed if legitimate emails are being blocked by a spam-blocking device?
Add the address or domain for these emails to the white list
This Windows feature is used to create rules and control how users access and use programs. It is located in the Local Group Policy editor.
AppLocker
Which of the following is used to stop a program from running on a Windows 10 system?
AppLocker
A sales team for a medium-sized manufacturing company has just deployed a new e-commerce application to allow for the direct sale of products to its customers. To secure this application, an application firewall is deployed. At what layer of the OSI model does the application firewall occur?
Application
This type of firewall is also known as a proxy server
Application level firewall
Which type of key has one key for encryption and a different key for decryption?
Asymmetric
To track a user's activities in Windows, you need to enable ___________________
Auditing
This core security principle of ___________ describes a resource being accessible to a user, application or system. Fault tolerance and redundancy are primary methods for protection.
Availability
Which of the following refers to the process of eliminating a risk by choosing to not engage in an action or activity?
Avoidance
These are attacks against an opening left in a functional piece of software that allows access into a system or software application without the owner's knowledge. Many times these are left by the application developer or system accounts created by administrators that they can use if they leave the company.
Back Door
A filter used to determine if email is considered spam based on content in the email
Bayesian Filter
Which technology is used to encrypt an an entire disk?
BitLocker
Which of the following are benefits of SSL/TLS VPNs over IPsec VPNs? (Select all that apply)
Browser and OS independent Less expensive NAT Support
Which of the following are password-based attacks (Choose all that apply)
Brute force Dictionary
Which NTFS permission is needed to change attributes and permissions?
Full Control
A set of rules that allows an administrator granular control over the configuration of objects in Active Directory (AD), including user accounts, operating systems, applications, and other AD objects, is known as a(n) _____________.
Group Policy Object (GPO)
A set of rules which allow an administrator granular control over the configuration of Active Directory objects
Group Policy Objects
_______________ is a one-way encryption. After data is encrypted it cannot be decrypted. It is often used for storing passwords and digital signatures.
Hash Function
A(n) ______ can be deployed to distract an attacker from the critical systems on your network.
Honeypot
Which of the following elements and issues should be considered when deciding whether to use a software solution for a firewall? (Choose all that apply.)
Host operating system Other Applications Stability
HIDS is a ______________________.
Host-based intrusion detection system
The ________ defines DNS.
IETF
To use VPN Reconnect, which VPN protocol should be used?
IKEv2
Which of the following pieces of information are typically examined by a stateless inspection firewall? (choose all that apply)
IP address of the sending host IP address of the recieving host Data packet type
Which system can detect, alert and prevent a breach from occurring? (Choose the best answer)
IPS
The two most common protocols you can use to create a VPN are [___] and [_____].
IPsec SSL/TLS
In this cloud computing service model the vendor provides the servers, storage and networking resources. You are responsible for the applications, development and management tools and operating systems. In this model you have the most control.
IaaS
All of the following are steps in threat modeling EXCEPT:
Identify the strategy for growth
All of the following are benefits of a VLAN EXCEPT:
Increased security due to the use of additional routers
The user's ability to control when, how and to what extent information about themselves will be collected, used and shared is called _____________.
Information Privacy
Which types of network traffic originates from outside the network routers and proceeds toward a destination inside the network?
Ingress
The ______________ permissions flow from a parent object to the child object
Inherited
The _____________ is used to create and customize the profiles including settings needed for user to connect to the VPN server. This can be distributed to users to simplify the set up.
CMAK
Where is our computer most susceptible to others seeing the information we are sending?
Coffee shop wireless
This cloud deployment model is used when two similar organizations with shared concerns use the same cloud computing resources.
Community cloud
_____________ is the characteristic of a resource that ensures that access is restricted to only permitted users, applications, or computer systems.
Confidentiality
The information security acronym CIA stands for which of the following?
Confidentiality, Integrity, Availability
Which of the following are common types of password attacks? (Choose three answers)
Cracked Keylogging Brute Force
Which of the following is an attack that relies on having a user execute a malicious script embedded in a web page? (Choose the best answer.)
Cross-site scripting
The goal of this attack is to overwhelm the network or host with a high volume of traffic causing it to shut down or become unable to serve legitimate users.
DDoS
The VPN server has been configured and is running properly. However, it has not been configured to hand out IP addresses to clients. When a VPN server is configured this way, the clients obtain their IP addresses from a _____ server.
DHCP
A manager wants to set up an area that is not on the LAN but not quite on the Internet. This area will house servers that will serve requests to users who are connecting to your web server. What type of network area or zone should be set up?
DMZ
The IT director has asked you to install a firewall. Which of the following is not a type of firewall?
DMZ
What special area serves as a buffer area between the Internet and the internal network? Web servers that are accessed from the Internet are often stored in this area.
DMZ
A network administrator that has been put in charge of registering your company's domain name and setting up the DNS so that people on the Internet can get to the website should use ___________ to ensure that DNS entries are not poisoned by an attacker.
DNSSEC
Which of the following is NOT a tunneling protocol?
DNSSEC
A small business owner has purchased a new wireless access point and wants to ensure that only his systems are able to connect to the wireless network. He enables MAC address filtering and put the MAC addresses for all his computers in the permitted table. The filtering occurs at what layer of the OSI model?
Data-link
The consistency, accuracy, and validity of data or information is called __________. Hashing is often used to ensure this.
Integrity
A physical object that can be connected to the Internet and controlled that way:
IoT device
What is the primary authentication method used on Microsoft Active Directory?
Kerberos
A(n) ________________ is an input to an encryption algorithm. Different values will produce different encrypted output when applied to the same plain text. This is needed for encryption and decryption.
Key
A business traveler notices there is an extra connector between the keyboard and the computer, in a business center. She has most likely encountered a(n) _______________
Keylogger
What malicious software or hardware captures every keystroke directly from the keyboard and sends it to a hacker?
Keylogger
A VPN server that uses inbound port 1701 is installed. The server is utilizing the _________ protocol.
L2TP
A client wants to install a VPN server that can offer unencrypted tunnels by default, or encrypted tunnels by using IPSec. Which of the following services should be used?
L2TP
An example of an online application that can be used to create stronger and more complex passwords because the application makes it easy to store and use the passwords.
LastPass
Examples of built-in groups include all of the following EXCEPT:
Local Operators
Administrative tool in Windows 10 used to change password settings
Local Security Policy
Which Administrative Tool should be used to configure password control settings on a Windows 10 Workstation?
Local Security Policy
When traveling on business and headed out to dinner with a client, which of the following should be done to secure a laptop? (Choose the best answer.)
Lock it in the car trunk
The advantages of NAT include all of the following EXCEPT:
Logically separating hosts on the internal network
Which of the following is an attack that relies on the attacker being able to trick the sending host into thinking his or her system is the receiving host, and the receiving host into thinking his or her system is the sending host? (Choose the best answer.)
Man-in-the-middle
Which of the following are not valid password controls? (Choose all that apply.)
Maximum Password Length Account Lockout Count
Which of the following is a two-factor authentication that uses an enrolled device and Windows Hello?
Microsoft Passport
Which type of account is used with outlook.com and OneDrive and can be used to synchronize a desktop across multiple computers?
Microsoft account
Which of the following are valid risk responses? (Choose all that apply.)
Mitigation Transfer Avoidance
A customer desires a device that can detect network anomalies and report them to an administrator. What type of device is necessary?
NIDS
What type of device is designed to inspect traffic, detect malicious activities, and take steps to mitigate the malicious activity by removing, detaining or redirecting malicious traffic?
NIPS
An issue with one of the ports on the firewall is suspected. Which of the following is the appropriate tool to use to scan the ports?
NMAP
Which of the following file systems offers the best security?
NTFS
_______________ is a file system that supports large volumes, is more tolerant than previous systems and has the ability to assign permissions to files and folders.
NTFS
Which of the following uses an ACL? (Choose two)
NTFS folder Active Directory user
An attack that relies on access to a physical LAN segment is known as a(n) ____________ attack
Network Sniffing
_________________ are copies of network files that are stored on your computer so that a user can access them when they are not connected to the network.
Offline Files
When you cannot access a folder because someone removed the permissions so that no one can access it, you must take __________ of the folder.
Ownership
Which authentication protocol should not be used because it is the least secure?
PAP
Which authentication sends the username and password in plain text?
PAP
When using VPNs which of the following are authentication protocols that can be used: (Select all that apply)
PAP EAP-MS-CHAPv2 MS-CHAPv2
The master time keeper and master for password changes in an Active Directory domain is:
PDC emulator
A(n) _____________ is a secret numeric password shared between a user and a system that can be used to authenticate the user to the system.
PIN
Which infrastructure is used to assign and validate digital certificates?
PKI
When setting up a VPN that allows connections on inbound port 1723, which of the following tunneling protocols should be used?
PPTP
This cloud computing service model is often used by developers. The vendor supplies a complete infrastructure for application development (development tools, operating system, servers, storage, networking resources) while the developers manage the applications.
PaaS
A type of firewall that filters traffic based on rules. The rules use fields in the packet header such as IP addresses, IP protocol, and ports
Packet Filtering
Which of the following are valid firewall types? (Choose all that apply)
Packet Filtering Application
Which of the following would be considered appropriate security measures for a building's external security perimeter? (Choose all that apply.)
Parking lot lights Security guards
The setting that determines the number of unique passwords that must be used before a password can be re-used is the _____________
Password History
Which two features in Windows Server 2008 and later permit the use of fine-grained password policies? (Choose two.)
Password Settings Container Password Settings Object
This is used to create fine-grained password polices that can be applied using Active Directory
Password Settings object (PSO)
Which of the following is not a biometric device?
Password reader
A strong password can protect our computers and data. Characteristics of a strong password include: (Check all that apply)
Passwords of 8 characters or more Create passwords with combinations of letters, numbers, upper and lower case and special characters
A(n) ___________ defines the type of access over an object or the properties of an object such as an NTFS file or printer
Permission
Which of the following are layers of the OSI model? (Choose all that apply.)
Physical Application Network
Which type of DoS attack uses large ICMP packets to cause an overflow of the memory buffers allocated for packets?
Ping of death
Which of the following services is used for centralized authentication, authorization, and accounting?
RADIUS
Two protocols that provide centralized authentication, authorization, and accounting management for computers to connect to and use a network server are (select two):
RADIUS TACACS+
A(n) ____________________ is a full replication of the domain database and is located in places where a domain controller is needed but where physical security of the domain controller cannot be guaranteed.
RODC (Read-only Domain Controller)
Proseware, Inc., wants you to set up a VPN server. Which of the following services in Windows Server 2016 should be used?
RRAS
Which of the following refers to the process of disabling unneeded services and ports to make the system more secure?
Reducing the attack surface area
The centralized database that holds most of the Windows configurations is known as the _____________
Registry
Which of the following are common uses for a VPN? (Choose all that apply)
Remote access Secure network-to-network connections
An attack that records a stream of data, modifies it, and then resends it is known as a(n) _________ attack.
Replay attack
The __________________ option needs to be less than or equal to the Account Lockout Duration.
Reset Account lockout counter after
_____________ refers to the risk of an event that remains after measures have been taken to reduce the likelihood or minimize the effect of the event.
Residual risk
A Risk Manager for a medium-sized pharmaceutical company who is asked to perform a formal risk analysis would most likely record the results of the risk assessment in a(n) ______________________
Risk Register
Local user accounts are found in:
SAM
A type of server responsible for outgoing email transport
SMTP server
A client wants to use a Windows Server 2016 server as a VPN server. However, the networking team allows only HTTPS through the firewall. Which VPN protocol should be used?
SSTP
When a user is notified of an attempt by programs to make changes to their computer, the desktop will be dimmed. This dimming indicates the computer is in ___________________ mode, because other programs can't run until the changes are approved or disapproved.
Secure Desktop
Which of the following is a collection of security settings that can be used to configure client settings?
Security Baseline
Which of the following is a free tool that allows administrators to quickly configure and manage desktops and users using Group Policy?
Security Compliance manager
A device that may provide a second password to log in to a system is a(n) __________
Security Token
What email validation system is designed to stop spam that uses source address spoofing?
Sender Policy Framework
_____________ is an email validation system that is designed to verify if an email is coming from the proper email server.
Sender policy framework
A _________ account is one type of account you can configure so that the password does not expire.
Service
Which of the following refers to a thoroughly tested, cumulative set of hotfixes and other patches?
Service pack
Which physical device is used to authenticate users based on what a user has?
Smart Card
A secretary at your office just got off the phone with someone who said he was calling from the corporate IT department. The caller had a number of questions about the secretary's computer setup, and he asked for her user ID and password. In this situation, the secretary was most likely a victim of _____________
Social engineering
_____________ is a method to gain access to data, systems, or networks, primarily through misrepresentation.
Social engineering
The type of attack that relies on a weakness in an operating system or an application is known as a(n) _____________.
Software vulnerability attack
_____________ is another name for junk email
Spam
Which type of malware collects personal information or browsing history, often without the user's knowledge?
Spyware
A firewall that accepts or rejects packets based on a set of rules is installed. This firewall keeps track of the state of the network connection. It is running a type of packet filtering known as _________________________
Stateful packet filtering
Which of the following technologies could be used to help ensure the confidentiality of proprietary manufacturing techniques for an auto parts manufacturing business? (Choose two answers.)
Strong encryption Strong authentication
Which of the following would be an acceptable password on a Windows 10 Pro system with Password Complexity enabled and Minimum Password Length set to 8? (Choose all that apply.)
Summer2010 ^^RGood4U St@rTr3k
Which type of key has one key for encryption and the same key for decryption?
Symmetric
When copying a file or folder to a new volume, which permissions are acquired?
The same permissions as the target folder.
Which of the following explains why a minimum password age would be set?
To make sure a user does not reset a password multiple times until he or she can reuse his or her original password
What malware looks like a useful or desired executable program but is in reality program that is supposed to cause harm to your computer or steal information from your computer?
Trojan horse
A stateless packet filter does not retain memory of packets that have passed through the firewall
True
A user may access files on a server over a network using a shared folder instead of logging directly on to a server to access the files.
True
Access can be denied to the Microsoft Store through Local Security Policies.
True
An example of PII is a person's social security number.
True
As an employee you have a responsibility to protect PII data you come in contact with according to company policy.
True
They typical firewall configuration will default to deny all traffic and permit specific traffic.
True
Windows Defender can scan a computer on a regular basis and remove or quarantine malware.
True
When selecting a VPN protocol, you should consider the the following (select all that apply):
Type of implementation (site-to-site or remote access VPN) Support for IPv6 Authentication requirements for computers and users Operating systems used
What Windows feature notifies you when something tries to make changes to your computer without your knowledge?
UAC
What technology is used by Windows to prevent unauthorized changes to your system?
UAC
When attempting to change the computer's display settings, which of the following causes a pop-up asking that prompts if a user wants to continue?
UAC
Which of the following describes the easiest way to set up a VPN client on a computer for a user who is not technically savvy?
Using CMAK to create an executable to install
This technology is used to divide a network into logical segments and creates separate broadcast domains.
VLAN
Which of the following uses the processor's virtualization to protect the PC, including data and credential tokens on the system's disks?
Virtual Secure Mode (VSM)
In Windows 10, which component is used by Device Guard and Credential Guard to protect the PC?
Virtual secure mode
Which type of malware reproduces itself on a computer without the owner's consent and will often delete or corrupt files?
Virus
This early WLAN authentication and encryption mechanism is not currently used due to flaws in the encryption mechanism. The flaw made it easy for an attacker to crack the encryption and access the wireless network.
WEP
If you are setting up a WLAN in a corporate environment and you want to use 802.1x and a RADIUS server to secure the connections, you need to use __________ keys.
WPA/WPA2
What is the best security method for wireless networks?
WPA2
The ____________ is an enormous system of interlinked hypertext documents.
WWW
________ allows users to interact with each other and contribute to Web sites.
Web 2.0
Which host-based firewall software comes with today's version of Windows?
Windows Firewall
Which program can be used to configure IPsec on a computer running Windows Server 2016?
Windows Firewall with Advanced Security
A two-factor authentication that consists of an enrolled device and an Windows Hello (biometric) or PIN.
Windows Passport
To control which updates get pushed to clients within an organization, an administrator would use [__] or [____].
Windows Server Update Service System Center Configuration Manager
Businesses use this service to test, schedule and deploy Windows updates
Windows Server Update Service (WSUS)
The Windows feature to keep the Windows operating system up to date with patches to security issues is called ______________.
Windows Update
Microsoft's built-in antivirus and antispyware program is _____________.
Windows defender
A(n) ________ is a computer program that uses a network to self-replicate.
Worm
You are employed as a network administrator at Widget.com. Widget.com has its headquarters in Dallas, and a new branch office Miami. The networks in both of these offices are connected to the internet. You have been instructed to devise a solution to allow the sharing of data and access to network resources in a secure manner. Which of the following actions should you take?
You should consider configuring a virtual private network (VPN) between the Dallas and Miami offices.
Which of the following is a best practice regarding the use of passwords?
You should create a strong password.
Which of the following is most likely the problem when a computer seems to be slow and a different default web page displays?
Your computer has been infected with malware.
________________ is used to protect your system from malware. It is recommended to run a full system scan at least once a week.
anti-virus software
This process reviews and identifies vulnerabilities as well as methods to reduce potential for an attack.
attack surface analysis
What technology is not used to implement confidentiality?
auditing
What do you call the process in which a user is identified via a username and password?
authentication
Which of the following is used to identify a person before giving access?
authentication
The core security principle of ____________, means that when a user needs to get to information it is available to them. This principle includes actions in case of outages due to equipment failure, software or natural disasters.
availability
A ______ allows someone access by circumventing normal security precautions for the application. This gives a remote user unauthorized control of a system or automatically initiates an unauthorized task. This could be created by malware or could be created by developers.
backdoor
if a site is known to send spam, the site can be added to a(n) ___________ to block any email from that site.
black list
When a hacker attempts to crack a password by trying as many combinations of characters as time and money permits is called a(n) _______________ attack.
brute force
Viruses and worms often exploit _________________. This can occur when more data is sent than the buffer can hold.
buffer overflows
A server or device that tries to serve client requests without actually contacting the remote server. This is done to save bandwidth and increase the speed at which client requests are satisfied.
caching proxy
The certification path with the list of certificates used to authenticate an entity is called the ___________________________.
certificate chain
An example of a __________________ attack, hackers get access to an encrypted password file. Then they run password tools against the file to try to break as many passwords as possible.
cracked password
SSL is a cryptographic system that uses two keys to encrypt data. The public key is stored in a(n) ____________.
digital certificate
What type of electronic document contains an identity such as a user name or organization, along with a corresponding public key?
digital certificate
This type of NAT maps an a private address to a public address. The public address is assigned from a pool of addresses at the time of the translation.
dynamic
Which of the following is considered the most effective way to protect against social engineering?
employee awareness
Which of the following tasks is recommended if sensitive or confidential information stored in offline files?
encrypt the offline files
When you assign permissions to a folder, you should first grant permissions to __________ rather than users.
groups
The number of routers traversed by a packet between its source and destination is referred to as the ____________________
hop count
This type of firewall is designed to protect a one computer from network-based attacks. An example is Windows firewall.
host firewall
What type of firewall do you use to block access to certain websites or instant messengers?
internet content filter
A network zone that allows remote access for employees of a company is set up. This is known as an __________
intranet
Which of the following is the best thing to do to protect a computer against malware, besides installing an antivirus software package? (Choose the best answer)
keep your machine up to date with the latest security patches
_______________ is software that is designed to infiltrate or infect a computer, usually with ill intent.
malware
At which layer of the OSI model does routing occur?
network
What process prevents someone from denying that she accessed a resource?
nonrepudiation
What technique is used to send you to a fake, but realistic-looking, website to verify your account information?
phishing
Which of the following refers to a social engineering technique in which a user receives an email stating that his account has just expired and he should log on to a legitimate-looking website to fix the problem?
phishing
After setting up a default VPN in Windows Server 2016, the supervisor is not satisfied with the level of security. She would rather have L2TP combined with IPsec. What tunneling protocol is used with the default settings and is less secure than L2TP with IPsec?
pptp
A client wants a server installed that can cache web pages in order to increase the speed of commonly accessed Web sites. What type of server is required?
proxy
Acts as an intermediary between the LAN and the Internet. It evaluates requests from clients. If they meet certain criteria it forwards them to the appropriate server.
proxy server
When virus protection identifies a file as containing malware, it will ______________ the file to protect the computer from the malware.
quarantine
What type of device can be easily lost or stolen or can be used for espionage?
removable devices
A(n) __________ authorizes a user to perform certain actions on a computer.
right
The probability or likelihood that an event will occur is called _____________.
risk
You are in the local coffee shop and need to connect to your work system. You are connected through the coffee shop public unsecured Wi-Fi. You decide to use VPN when connecting to your work system. This is an example of:
risk mitigation
What malware gives administrator-level control over a computer system without being detected?
rootkit
When you use special software to read data as it is broadcast on a network, you are ___________ the network.
sniffing
An action or occurrence that could result in the breach, outage, or corruption of a system by exploiting known or unknown vulnerabilities is a(n) _____
threat
Which DMZ configuration uses one firewall with three interfaces?
three-leg perimeter configuration
For antivirus software to be effective, it must be kept ___________.
updated
An example of a(n) ____________ is a message that states you should delete the win.com file, because it is a virus.
virus hoax