Fundamentals of IT and Cybersecurity Chapter 3 Study Guide

Ace your homework & exams now with Quizwiz!

Which statement describes a distributed denial of service attack

An attacker builds a botnet comprised of zombies

What is a vulnerability that allows criminals to inject scripts into web pages viewed by users?

cross site scripting

What best practices can help defend against social engineering attacks?

educate employees resist the urge do not provide

A cyber criminal sends a series of maliciously formatted packets to the database server. The server cannot parse the packets and the event causes the server crash. What is the type of attack the cyber criminal launches?

Dos

The employees in a company receive an email stating that the account password will expire immediately and requires a password reset within 5 minutes. What would would be the classifification of this malicious email?

It is a hoax

What type of attack will make illegitimate websites higher in a web search result list?

SEO poisoning

What type of attack targets an SQL database using the input field of a user?

SQL injection

What occurs on a computer when data goes beyond the limits of a buffer?

a buffer overflow

What is the meaning of the term logic bomb?

a malicious program that uses a trigger to awaken the malicious code

A computer is presenting a user with a screen requesting payment before the user data is allowed to be accessed by the same user. What type of malware is this?

a type of ransomeware

What is the name for the type of software that generates revenue by generating annoying popups?

adware

What is the name given to a program or program code that bypasses normal authentication?

backdoor

An attacker is sitting in front of a store and wirelessly copies emails and contact lists from nearby unsuspecting user devices. What type of attack is this?

blue snarfing

What type of application attack occurs when data goes beyond the memory areas allocated to the application?

buffer overflow

An executive manager went to an important meeting. The secretary in the office receives a call from a person claiming that the executive manager is about to give an important presentation but the presentation files are corrupted. The caller sternly recommends that the secretary email the presentation right away to a personal email address. The caller also states that the executive is holding the secretary responsible for the success of this presentation. Which type of social engineering tactic would describe this scenario?

intimidation

What are the tactics used by a social engineer to obtain personal information from an unsuspecting target?

intimidation urgancy

What are two ways to protect a computer from malware? (Choose two.)

keep software up to date use anti virus software

A penetration testing service hired by the company has reported that a backdoor was identified on the network. What action should the organization take to find out if systems have been compromised?

look for unauthorized accounts

What does a rootkit modify?

operating system

What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?

phishing

Users report that the database on the main server cannot be accessed. A database administrator verifies the issue and notices that the database file is now encrypted. The organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced?

ransomware

Which term describes the sending of a short deceptive SMS message used to trick a target into visiting a website?

smishing

What type of attack has an organization experienced when an employee installs an unauthorized device on the network to view network traffic?

sniffing

What is a nontechnical method that a cybercriminal would use to gather sensitive information from an organization?

social engineering

What is the term used to describe an email that is targeting a specific person employed at a financial institution?

spear phishing

What is an impersonation attack that takes advantage of a trusted relationship between two systems?

spoofing

A criminal is using software to obtain information about the computer of a user. What is the name of this type of software?

spyware

What are the common indicators of spam mail?

the email has misspelled words or punctuation errors or both the email has no subject line

What reasons that make WEP is a weak protocol?

the key is transmitted in clear text the key is static and repeats on a congested network

What are the most effective ways to defend against malware?

update the operating system and other application software install and update antivirus software

Users report that the network access is slow. After questioning the employees, the network administrator learned that one employee downloaded a third-party scanning program for the printer. What type of malware might be introduced that causes slow performance of the network?

worm

What is the difference between a virus and a worm?

worms self reproduce while viruses do not


Related study sets

Nutrition: Chapter 3 Practice Test

View Set

Operating Systems Ch. 7 Deadlock

View Set

8.10.4 Documenting Sources: In-Text Citations

View Set