Cybersecurity final exam review

Ace your homework & exams now with Quizwiz!

social steganography

creating a message that says one thing but means something else to a specific audience

What is the term used to describe the science of making and breaking secret codes?

cryptology

What three design principles help to ensure high availability?

provide for reliable crossover, detect failures as they occur, eliminate single points of failure

A warning banner that lists the negative outcomes of breaking company policy is displayed each time a computer user logs in to the machine. What type of access control is implemented?

deterrent

Thwarting cyber criminals includes which of the following?

establishing early warning systems and sharing cyber intelligence.

Which 128-bit block cipher encryption algorithm does the US government use to protect classified information?

AES

What is an example of an Internet data domain?

Linkedin

What does a rootkit modify?

Operating system

Which three protocols use asymmetric key algorithms?

Secure Shell (SSH) Secure Sockets Layer (SSL) Pretty Good Privacy (PGP)

a password

Something you know

What are two ways to protect a computer from malware?

Use antivirus software. Keep software up to date.

What occurs on a computer when data goes beyond the limits of a buffer?

a buffer overflow

What are three access control security services?

accounting, authentication, authorization

What does the term BYOD represent?

bring your own device

steganalysis

discovering that hidden information exists within a graphic file

Which two terms are used to describe cipher keys?

key space. key length

obfuscation

making a message confusing so it is harder to understand

a fingerprint scan

something you are

What service determines which resources a user can access along with the operations that a user can perform?

authorization

What are the three foundational principles of the cybersecurity domain?

availability, confidentiality, integrity

What is the name given to a program or program code that bypasses normal authentication?

backdoor

What are three examples of administrative access controls?

background checks policies and procedures hiring practices

What is the name of the method in which letters are rearranged to create the ciphertext?

block

An attacker is sitting in front of a store and wirelessly copies emails and contact lists from nearby unsuspecting user devices. What type of attack is this?

bluesnarfing

What are three types of sensitive information?

classified,business , PII

What principle prevents the disclosure of information to unauthorized people, resources, and processes?

confidentiality

What are two common hash functions?

MD5, SHA

What name is given to a storage device connected to a network?

NAS

What type of attack targets an SQL database using the input field of a user?

SQL injection

What name is given to a amateur hacker?

Script kiddie

What is a secure virtual network called that uses the public network?

VPN

What is the difference between a virus and a worm?

Worms self-replicate but viruses do not.

What is the workforce framework category that includes highly specialized review and evaluation of incoming cybersecurity information to determine if it is useful for intelligence?

Analyze

What type of cybersecurity laws protect you from an organization that might want to share your sensitive data?

privacy

What are two methods that ensure confidentiality?

encryption, authentication

What is a vulnerability that allows criminals to inject scripts into web pages viewed by users?

Cross-site scripting

What type of attack uses many systems to flood the resources of a target, thus making the target unavailable?

DDoS

Which asymmetric algorithm provides an electronic key exchange method to share the secret key?

Diffie-Hellman

What cryptographic algorithm is used by the NSA and includes the use of elliptical curves for digital signature generation and key exchange?

ECC

What does the acronym IoE represent?

Internet of Everything

What are two common indicators of spam mail?

The email has misspelled words or punctuation errors or both. The email has no subject line.

Which two reasons describe why WEP is a weak protocol?

The key is transmitted in clear text. The key is static and repeats on a congested network.

What is the meaning of the term logic bomb?

a malicious program that uses a trigger to awaken the malicious code

A computer is presenting a user with a screen requesting payment before the user data is allowed to be accessed by the same user. What type of malware is this?

a type of ransomware

What does the term vulnerability mean?

a weakness that makes a target susceptible to an attack

What is the name for the type of software that generates revenue by generating annoying pop-ups?

adware

What type of an attack can disable a computer by forcing it to use memory or by overworking its CPU?

algorithm

What encryption algorithm uses one key to encrypt data and a different key to decrypt data?

asymmetric

What are the three states of data?

at rest, in-process, in-transit

What three tasks are accomplished by a comprehensive security policy?

gives security staff the backing of management, defines legal consequences of violations ,sets rules for expected behavior

What is identified by the first dimension of the cybersecurity cube?

goals

What name is given to hackers who hack for a cause?

hactivist

Which two methods help to ensure data integrity?

hashing, data consistency checks

steganography

hiding data within an audio file

What are two of the tactics used by a social engineer to obtain personal information from an unsuspecting target?

intimidation, urgency

Which three processes are examples of logical access controls?

intrusion detection system (IDS) to watch for suspicious network activity firewalls to monitor traffic biometrics to validate physical characteristics

What term is used to describe the technology that replaces sensitive information with a nonsensitive version?

masking

three types of records that cyber criminals would be interested in stealing from organizations.

medical, education , employment

What name is given to any changes to the original data such as users manually modifying data, programs processing and changing data, and equipment failures?

modification

What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?

phishing

Which term describes the sending of a short deceptive SMS message used to trick a target into visiting a website?

smishing

What is a method of sending information from one device to another using removable media?

sneaker net

For the purpose of authentication, what three methods are used to verify identity?

something you are something you know something you have

a security key fob

something you have

What is the term used to describe an email that is targeting a specific person employed at a financial institution?

spear phishing

A criminal is using software to obtain information about the computer of a user. What is the name of this type of software?

spyware

What term is used to describe concealing data in another file such as a graphic, audio, or other text file?

steganography

What type of cipher encrypts plaintext one byte or one bit at a time?

stream

What encryption algorithm uses the same pre-shared key to encrypt and decrypt data?

symmetric

What is the name of the method in which letters are rearranged to create the ciphertext?

transposition

What two methods help to ensure system availability?

up-to-date operating systems, equipment maintenance

What mechanism can organizations use to prevent accidental changes by authorized users?

version control

Which three devices represent examples of physical access controls?

video cameras swipe cards locks

Which term describes the technology that protects software from unauthorized access or modification?

watermarking


Related study sets

Adult medical surgical Dosage Calculation PN

View Set

Chapter 19: Postoperative Nursing Management

View Set

Unit 0, comment dit-on 2 Les expressions de la classe

View Set

Biodiversity, Section 4: Mastering Biology Questions

View Set

GCD 3022 - Exam 4 Book Questions

View Set