ISDS 351 Chapter 11
_____ is a program in which malicious code is hidden inside a seemingly harmless program. a. A Trojan horse b. A distributed denial-of-service attack c. A spam d. A smish
a. A Trojan horse
Which of the following is created and issued by software engineers to remove a system vulnerability? a. A patch b. A key c. A license d. A constraint
a. A patch
Which of the following best describes a cybercriminal? a. An individual who attacks a computer system or network for financial gain b. An individual who hacks computers or Web sites in an attempt to promote a political ideology c. An individual who attempts to destroy the infrastructure components of governments and financial institutions d. An individual who is hired by an organization to test the security of its information systems
a. An individual who attacks a computer system or network for financial gain
Which of the following uses encryption to provide secure access to a remote computer over the Internet? a. Virtual private network (VPN) b. File transfer protocol (FTP) c. Indexing d. Data warehousing
a. Virtual private network (VPN)
Identify the attack in which a malicious hacker floods a target site with demands for data and other small tasks. a. Distributed denial-of-service b. Smishing c. Logic bomb d. Phishing
a. Distributed denial-of-service
Identify a true statement about the bring your own device (BYOD) business policy. a. It can improve employee productivity. b. It can provide data security. c. It creates a bug-free environment. d. It enhances employee interaction.
a. It can improve employee productivity.
Which of the following defines computer forensics? a. It is a discipline that combines elements of law and computer science to identify, collect, examine, and preserve data from computer systems, networks, and storage devices. b. It evaluates an organization's security policy. c. It detects viruses in a computer system and quarantines them. d. It is the software and/or hardware that monitors system and network resources and notifies network security personnel when it detects network traffic that attempts to circumvent the security measures of a networked computer environment.
a. It is a discipline that combines elements of law and computer science to identify, collect, examine, and preserve data from computer systems, networks, and storage devices.
Which of the following statements is true of the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act? a. It legalizes spamming with certain restrictions. b. It provides a solution to tackle a Trojan horse. c. It identifies distributed denial-of-service attacks. d. It prevents worms by eliminating their ability to replicate.
a. It legalizes spamming with certain restrictions.
Which intrusion detection system (IDS) contains information about specific attacks and system vulnerabilities? a. Knowledge-based IDS b. Behavior-based IDS c. Threat-based IDS d. Risk-based IDS
a. Knowledge-based IDS
Which of the following statements best describes the export phase of an advanced persistent threat? a. The data captured by an attacker is sent to the attacker's home base for analysis. b. An attacker establishes a computer program that bypasses security mechanisms. c. An attacker is ready to access compromised systems and capture information. d. The valid user credentials gathered by an attacker is used to install backdoors for distributing malware.
a. The data captured by an attacker is sent to the attacker's home base for analysis.
Identify a true statement about smishing. a. The phisher sends legitimate-looking messages through phone to acquire personal information. b. The phisher sends a survey email to obtain the configuration of an unsuspecting user's computing device. c. The phisher sends a voice mail message to an unsuspecting user to call a phone number or access a Web site. d. The phisher sends fraudulent emails to a certain organization's employees.
a. The phisher sends legitimate-looking messages through phone to acquire personal information.
Which of the following is true of white hat hackers? a. They are hired by an organization to test the security of its information systems. b. They disrupt a company's information systems and business operations. c. They capture trade secrets and attempt to gain an unfair competitive advantage in a company. d. They destroy the infrastructure components of governments, financial institutions, and emergency response units.
a. They are hired by an organization to test the security of its information systems.
_____ serves as a clearinghouse for information on new viruses, worms, and other computer security topics. a. United States Computer Emergency Readiness Team (US-CERT) b. United States Computer Query Emergency Team (US-CQET) c. United States Computer Emergency Encryption Team (US-CEET) d. United States Computer Emergency Authority Team (US-CEAT)
a. United States Computer Emergency Readiness Team (US-CERT)
A(n) _____ is a network attack in which an intruder gains access to a network and stays undetected with the intention of stealing data. a. advanced persistent threat b. vishing scam c. identity threat d. data breach
a. advanced persistent threat
The _____ code of a rootkit gets the rootkit installation started and can be activated by clicking on a link to a malicious Web site in an email or opening an infected PDF file. a. dropper b. loader c. linker d. adapter
a. dropper
To reduce the potential for online credit card fraud, most e-commerce Web sites use some form of _____ technology to protect information as it comes in from the consumer. a. encryption b. authentication c. authorization d. indexing
a. encryption
Jack was shocked to witness the sudden drop in performance of his laptop. He also found that the screen saver constant changed and that the taskbar had disappeared. The given problems are symptoms of _____ infections. a. rootkit b. smishing c. phishing d. bootkit
a. rootkit
Botnet computers are also called _____. a. zombies b. daemons c. narutus d. konohas
a. zombies
_____ is the unintended access of sensitive data by unauthorized individuals. a. A risk exportation b. A data breach c. Cyberterrorism d. Rifting
b. A data breach
Andrew, a writer, noticed that his blog was filled with repetitive advertisements and surveys that prevented him from accessing his blog and editing an article. Which of the following has caused this problem? a. A rootkit b. A distributed denial-of-service attack c. A logic bomb attack d. A cyberespionage incident
b. A distributed denial-of-service attack
Which of the following best describes a hacktivist? a. An individual who attempts to destroy the infrastructure components of governments, financial institutions, utilities, and emergency response units b. An individual who hacks computers or Web sites in an attempt to promote a political ideology c. An employee or contractor who attempts to gain financially and/or disrupt a company's information systems and business operations d. An individual who captures trade secrets and attempts to gain an unfair competitive advantage
b. An individual who hacks computers or Web sites in an attempt to promote a political ideology
Identify a true statement about the incursion phase in an advanced persistent threat. a. An intruder gains useful information about the target. b. An intruder establishes a means of accessing a computer program that bypasses security mechanisms. c. An intruder gathers valid user credentials and installs backdoors for distributing malware. d. An intruder is ready to access compromised systems and capture information.
b. An intruder establishes a means of accessing a computer program that bypasses security mechanisms.
Which of the following terms is used to describe a large group of computers controlled from one or more remote locations by hackers without the knowledge of their owners? a. Spear-phishing b. Botnet c. Cyberespionage d. Smishing
b. Botnet
_____ is a three-digit number above the signature panel on the back of a credit card. a. Personal identification number b. Card verification value c. Automated teller machine d. Know your customer digits
b. Card verification value
Which of the following is true of a virus signature? a. It quarantines the virus present in a system. b. It indicates the presence of a specific virus in a system. c. It temporarily stops the activities of a detected virus. d. It deletes a detected virus completely.
b. It indicates the presence of a specific virus in a system.
In the context of general security risk assessment, which of the following is true of the concept of reasonable assurance? a. It decides whether or not to implement a particular countermeasure against attacks. b. It recognizes that managers must use their judgment to ensure that the cost of control does not exceed a system's benefits. c. It recognizes the loss events or the risks or threats that could occur, such as a distributed denial-of-service attack or insider fraud. d. It determines the impact of each threat occurrence.
b. It recognizes that managers must use their judgment to ensure that the cost of control does not exceed a system's benefits.
Identify the mode of message transmission used in smishing. a. Multimedia Messaging Service b. Short Message Service c. Email d. Voice mail
b. Short Message Service
_____ is the abuse of email systems to send unsolicited email to large numbers of people. a. Cyberespionage b. Spam c. Phishing d. Smishing
b. Spam
Which of the following best describes malicious insiders? a. They hack computers in an attempt to promote a political ideology. b. They disrupt a company's information systems and business operations. c. They are hired by an organization to test the security of its information systems. d. They are hired by an organization to test the security of another organization's information systems.
b. They disrupt a company's information systems and business operations.
_____ is a method of computing that delivers secure, private, and reliable computing experiences based on sound business practices. a. Cloud computing b. Trustworthy computing c. Mobile computing d. Cluster computing
b. Trustworthy computing
A _____ is a harmful program that resides in the active memory of a computer and duplicates itself. a. scareware b. worm c. virus d. logic bomb
b. worm
The attack that takes place before a software developer knows about the vulnerability is known as a(n) _____. a. unidentified attack b. zero-day attack c. exploit d. threat
b. zero-day attack
Which of the following limits network access based on an organization's access policy? a. An antivirus software b. The concept of Reasonable assurance c. A firewall d. A browser
c. A firewall
David, a software engineer, was creating a report using Microsoft Word. After completing 15 pages in the file, he noticed that whenever he copied something using the keyboard, the contents were modified with unwanted numbers and phrases. Which of the following could have caused this problem? a. A worm b. Smishing c. A logic bomb d. Phishing
c. A logic bomb
Which of the following is used to ensure that only humans obtain free email accounts? a. Atomicity, consistency, isolation, and durability (ACID) b. Microprocessor without Interlocked Pipeline Stages (MIPS) c. Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) d. Document Style Semantics and Specification Language (DSSSL)
c. Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA)
_____ involves the deployment of malware that secretly steals data in the computer systems of organizations. a. Cyberterrorism b. Smishing c. Cyberespionage d. Vishing
c. Cyberespionage
Identify the industry that is considered as a high-value target for cyberterrorists. a. Automobile industry b. Logistics industry c. Gas industry d. Health industry
c. Gas industry
How does a worm negatively impact an organization? a. It steals passwords and Social Security numbers. b. It generates and grades tests that humans can pass but all but the most sophisticated computer programs cannot. c. It causes productivity losses due to workers being unable to use their computers. d. It fraudulently uses third-party emails to try to get the recipient to reveal personal data.
c. It causes productivity losses due to workers being unable to use their computers.
Which of the following is a drawback of the bring your own device (BYOD) business policy? a. It affects the productivity of the employees of a company. b. It inhibits the privacy of the employees of a company. c. It exposes a company's data to malware. d. It creates the image of a company as not being flexible.
c. It exposes a company's data to malware.
Which of the following is true of a macro virus? a. It propagates without human intervention, often sending copies of itself to other computers by email. b. It allows hackers to destroy hard drives, corrupt files, and steal passwords by recording keystrokes and transmitting them to a server operated by a third party. c. It inserts unwanted words, numbers, or phrases into documents or alters command functions in an infected document. d. It abuses email systems to send unsolicited email to large numbers of people.
c. It inserts unwanted words, numbers, or phrases into documents or alters command functions in an infected document.
Which of the following is a technical description of a virus? a. It is a harmful program that involves the use of Short Message Service to get personal details from victims. b. It is the act of fraudulently using email to try to get the recipient to reveal personal data. c. It is a piece of code that causes a computer to behave in an unexpected and usually undesirable manner. d. It is the abuse of email systems to send unsolicited email to large numbers of people.
c. It is a piece of code that causes a computer to behave in an unexpected and usually undesirable manner.
_____ is the act of fraudulently using email to try to get the recipient to reveal personal data. a. Spoofing b. Vishing c. Phishing d. Smishing
c. Phishing
In the context of an advanced persistent threat, identify the phase during which an intruder is ready to access unprotected or compromised systems. a. The reconnaissance phase b. The discovery phase c. The capture phase d. The export phase
c. The capture phase
Which phase of an advanced persistent threat enables an intruder to gain useful information about the target? a. The discovery phase b. The capture phase c. The reconnaissance phase d. The incursion phase
c. The reconnaissance phase
Ricky, an employee of Gycl Inc., has unknowingly shared his company's tender details and appraisal structure with the market competitor. This is an example of _____. a. smishing b. phishing c. data breach d. identity theft
c. data breach
Those who capture trade secrets and attempt to gain an unfair competitive advantage are known as _____. a. white hat hackers b. hacktivists c. industrial spies d. black hat hackers
c. industrial spies
A _____ is used by attackers to execute files, access logs, monitor user activity, and change a computer's configuration. a. scareware b. patch c. rootkit d. worm
c. rootkit
Which perpetrator violates computer or Internet security maliciously for illegal personal gain? a. A red hat hacker b. A gray hat hacker c. A white hat hacker d. A black hat hacker
d. A black hat hacker
Which of the following statements defines an intrusion detection system (IDS)? a. An IDS is a discipline that combines elements of law and computer science to identify, collect, examine, and preserve data from computer systems, networks, and storage devices. b. An IDS evaluates an organization's security policy. c. An IDS indicates the presence of a specific virus. d. An IDS is software and/or hardware that monitors system and network resources for breaches.
d. An IDS is software and/or hardware that monitors system and network resources for breaches.
Which of the following statements is true of the discovery phase of an advanced persistent threat? a. An intruder gains useful information about the target. b. An intruder establishes a computer program that bypasses security mechanisms. c. An intruder is ready to access compromised systems and capture information. d. An intruder gathers valid user credentials and installs backdoors for distributing malware.
d. An intruder gathers valid user credentials and installs backdoors for distributing malware.
_____ occurs when the personal information of an individual is stolen and used. a. Trustworthy computing b. Cyberespionage c. Cyberterrorism d. Identity theft
d. Identity theft
Which of the following defines a rootkit? a. It is the act of fraudulently using email to try to get the recipient to reveal personal data by sending legitimate-looking emails urging the recipient to take action to avoid a negative consequence or to receive a reward. b. It is the unintended release of sensitive data by unauthorized individuals. c. It is the abuse of email systems to send unsolicited email to large numbers of people. d. It is a set of programs that enables its user to gain administrator-level access to a computer without the end user's consent or knowledge.
d. It is a set of programs that enables its user to gain administrator-level access to a computer without the end user's consent or knowledge.
Which of the following statements best defines cyberterrorism? a. It involves the deployment of malware that secretly steals data in the computer systems of organizations. b. It is the unintended release of sensitive data or the access of sensitive data by unauthorized individuals. c. It is a network attack in which an intruder gains access to a network and stays undetected with the intention of stealing data over a long period of time. d. It is the intimidation of a government by using information technology to disable critical national infrastructure to achieve ideological goals.
d. It is the intimidation of a government by using information technology to disable critical national infrastructure to achieve ideological goals.
Which of the following exploits when downloaded onto a smartphone takes control of the device and its data until the owner agrees to pay a sum of money to the attacker? a. Camware b. Spyware c. Scareware d. Ransomware
d. Ransomware
Which of the following is true of spam? a. Spam is a type of attack with which a hacker takes over computers via the Internet and causes them to flood a target site with demands for data and other small tasks. b. Spam is a program in which malicious code is hidden inside a seemingly harmless program. c. Spam is a set of programs that enables its user to gain administrator-level access to a computer without the end user's consent or knowledge. d. Spam is an extremely inexpensive method of marketing used by many legitimate organizations.
d. Spam is an extremely inexpensive method of marketing used by many legitimate organizations.
Which of the following best describes spear-phishing? a. The phisher sends a survey to the employees of several organizations to obtain details of the configuration of their computing devices. b. The phisher sends a voice mail message to a number of people to call a phone number or access a Web site. c. The phisher sends legitimate-looking text messages through his or her phone to advertise a certain organization. d. The phisher sends fraudulent emails to a certain organization's employees disguising them as mails from high-level executives from within the organization.
d. The phisher sends fraudulent emails to a certain organization's employees disguising them as mails from high-level executives from within the organization.
Identify the primary security threat for mobile devices. a. Distributed denial-of-service attack b. Cyberterrorism c. Cyberespionage d. Theft of device
d. Theft of device
Which of the following statements is true about worms? a. They abuse email systems to send unsolicited email to large numbers of people. b. They allow hackers to destroy hard drives, corrupt files, and steal passwords by recording keystrokes and transmitting them to a server operated by a third party. c. They insert unwanted words, numbers, or phrases into documents or alter command functions in an infected document. d. They propagate without human intervention, often sending copies of themselves to other computers by email.
d. They propagate without human intervention, often sending copies of themselves to other computers by email.
Identify a true statement about Trojan horses. a. They lead consumers to counterfeit Web sites designed to trick them into divulging personal data. b. They are used by organizations to test the security of information systems. c. They involve the use of Short Message Service (SMS) texting for phishing. d. They spy on users by recording keystrokes and transmitting them to a server operated by a third party.
d. They spy on users by recording keystrokes and transmitting them to a server operated by a third party.
Identify the mode of message transmission used in vishing. a. Multimedia Messaging Service b. Short Message Service c. Email d. Voice mail
d. Voice mail
In the context of computer crimes, those who cause problems, steal data, and corrupt systems are known as _____. a. black hat hackers b. white hat hackers c. hacktivists d. crackers
d. crackers
In the context of computer crimes, those who attempt to destroy the infrastructure components of governments and financial institutions are known as _____. a. hacktivists b. white hat hackers c. black hat hackers d. cyberterrorists
d. cyberterrorists
In computing, a(n) _____ is an attack on an information system that takes advantage of a particular system vulnerability. a. exit door b. glitch c. bot d. exploit
d. exploit
A thorough _____ should test system safeguards to ensure that they are operating as intended. a. internet audit b. cost audit c. software audit d. security audit
d. security audit
The additional security option, used for credit card transactions, that keeps track of a customer's historical shopping patterns and notes deviations from the norm is _____. a. transaction incognito mode b. transaction identification code c. transaction-spam control software d. transaction-risk scoring software
d. transaction-risk scoring software