IT Security: Defense against the digital dark arts
What is it called when a hacker is able to get into a system through a secret entryway in order to maintain remote access to the computer?
A Backdoor
What can occur during a ping of death (POD) attack? Check all that apply.
A Denial of Service. A POD is a type of DoS attack. A Buffer Overflow. A POD can result in a buffer overflow. Remote Code Execution. A POD can result in a buffer overflow which allows for the remote execution of malicious code.
What makes a DDoS attack different from a DoS attack? Check all that apply.
A DoS attack has attack traffic coming from one source. The extra "D" in DDoS stands for "Distributed." This means the attack traffic is distributed among a larger number of attacking machines. A DDoS attack has attack traffic coming from many different sources.
A hacker stood outside a building and spun up a wireless network without anyone's knowledge. At that point, the hacker was able to gain unauthorized access to a secure corporate network. Which of these is the name of this type of attack?
A Rouge AP (Access Point) attack. A Rogue AP is an access point that is installed on the network without the network admin's knowledge. This is very dangerous because this can allow a hacker to gain unauthorized access to a secure network.
If there are cyber threats and vulnerabilities to your system, what does that expose you to? Check all that apply.
Attacks. You should be aware of possible threats and vulnerabilities so that you can better prepare against attacks to your system from a hacker. Exploits. If threats and vulnerabilities exist in your system, that exposes you to exploits that hackers can use to harm your system.
An attacker could redirect your browser to a fake website login page using what kind of attack?
DNS cache poisoning attack. A DNS cache poisoning attack would allow an attacker to redirect your requests for websites to a server they control.
A(n) _____ attack is meant to prevent legitimate traffic from reaching a service.
Denial of Service. A DoS, or denial-of-service, attack is meant to prevent legitimate traffic from reaching a service.
A network-based attack where one attacking machine overwhelms a target with traffic is a(n) _______ attack.
Denial of Service. This is a classic denial-of-service attack. Note that this is not a distributed denial-of-service attack, as the attack traffic is coming from a single source and not distributed over many attacking hosts
How can you increase the strength of your passwords? Check all that apply.
Incorporate symbols and numbers Use a mix of capital and lowercase letters Exclude dictionary words. The best way to prevent a password attack is to utilize strong passwords. For example, don't include real words you would find in a dictionary.
How can injection attacks be prevented? Check all that apply.
Input Validation. Injection attacks can be mitigated with good software development principles such as validating input. Data Sanitization. Injection attacks can be mitigated with good software development principles such as sanitizing data.
The practice of tricking someone into providing information they shouldn't is called ________.
Social Engineering
An attacker, acting as a postal worker, used social engineering tactics to trick an employee into thinking she was legitimately delivering packages. The attacker was then able to gain physical access to a restricted area by following behind the employee into the building. What type of attack did the attacker perform? Check all that apply.
Tailgaiting Social Engineering
What's the difference between a virus and a worm?
Viruses replicate through files, but worms live on their own. Viruses and worms are similar. The difference is that a virus spreads through files and worms don't need to attach to something to spread.
