Security Awareness Chapters 3 and 4, Cybersecurity, CIS133 - Chapter 4 Quiz
Image Spam
4. Which of the following uses graphical images of text in order to circumvent text-based filters?
Sandboxing
5. What can be used to run JavaScript in a restricted environment and limit what resources it can access?
URL expander
6. Which of the following allows the user to hover over a reduced URL in order to view its expanded format?
Whitelist
7. To block spam, a list of senders can be entered for which the user will accept email, also known as which of the following?
Protected View
8. Microsoft Office attachments are automatically opened in which mode, which is a read-only mode that disabled editing functions?
Spam filters
9. ______________ look for specific words and block email messages containing those words
____ represent a specific way of implementing ActiveX and are sometimes called ActiveX applications.
ActiveX controls
Which type of web browser enhancement can change browser menus or create additional toolbars?
Add-ons
How does an attacker use a malvertising attack?
Attackers may infect the third-party advertising networks so that their malware is distributed through ads sent to user's web browsers.
____ allows Web authors to combine text, graphic images, audio, video, and hyperlinks into a single document.
HTML
What standardizes sounds and video format so plug-ins like Flash are no longer needed?
HTML5
Bob's computer was infected from a drive-by download attack, What did Bob do to get infected?
He viewed a website
What is the format used to write webpages?
Hypertext Markup Language (HTML)
Web servers distribute HTML documents based on a set of standards, or protocols, known as the _____.
Hypertext Transfer Protocol (HTTP)
The current version of IMAP is ____.
IMAP4
____ uses graphical images of text in order to circumvent text-based filters.
Image spam
Using which internet security best practice is information not saves by the browser, such as pages that are visited will not be recorded to history or the address bar?
Private browsing
What type of malware can lock up a user's computer and then display a message that purports to come from a law enforcement agency that states the user must pay a fine for illegal activity?
Ransomeware
A _____ is a downloadable image that can be used to scan a computer for malware.
Rescue disc
Which type of malware will hide or remove all traces of evidence that may reveal the malware, such as log entries?
Rootkits
Which of the following is not a secure internet practice?
Run JavaScript code to prevent attacks
What can be used to run JavaScript in a restricted environment and limit what resources it can access?
Sandboxing
Which of these could NOT be defined as a logic bomb?
Send spam email to all users in the company
Antivirus (AV) software on a computer must have its _____ files regularly updated by downloads from the Internet.
Signature
Which statement regarding a keylogger is NOT true?
Software keyloggers are easy to detect.
____ look for specific words and block e-mail messages containing those words.
Spam filters
Why should you not click on an embedded hyperlink?
They can take you to a different website other than what is being advertised
Why would you want to block external content from downloading into your email client?
To prevent spammers from knowing that you email address is valid
HTTP is based on which larger set of standards for internet communication?
Transmission Control Protocol/Internet Protocol (TCP/IP)
A user who installs a program that prints out coupons but in the background silently collects her passwords has installed a _____
Trojan
What is the name for a program that is advertised as performing one activity but actually does something else?
Trojan Horse. They are an executable program that masquerades as performing a benign activity but also does something malicious.
Most users actually receive only a small amount of spam in their local e-mail inbox. The majority is blocked before it even reaches the user.
True
Restricting how cookies are created and used can also be done through configuring the Web browser.
True
Web servers distribute HTML documents based on a set of standards, or protocols, known as the Hypertext Transport Protocol (HTTP).
True
How many carriers must a virus have to replicate and attack?
Two
Which windows feature provides information to users and obtains their approval before a program can make a change to the computer's settings?
User Account Control (UAC)
A(n) _____ requires a user to transport it from one computer to another
Virus
What are the three types of malware that have the primary traits of circulation and/or infection?
Viruses, worms, trojans
Each of the following is a question that the user should ask regarding data backups except _____
Who should do the backup?
The ____ is composed of Internet server computers on networks that provide online information in a specific format.
World Wide Web
The _____ is a worldwide set of interconnected computers, servers, and networks.
World wide web
The type of malware that exploits a vulnerability on one system and then immediately searches for another computer on the network that has the same vulnerability?
Worm
Is it recommended that a copy of data backup be stored at an off-site location?
Yes
An infected robot computer is known as a _____?
Zombie
What technique do attackers use in order to circumvent text-based spam filters?
image spam
Which of the following web browser additions provides links to external programs?
plug-in
Most Internet transmissions are based on ____.
port numbers
Which malware locks up a user's computer and then displays a message that purports to come from a law enforcement agency?
ransomeware
Most e-mail clients contain a ____ that allows the user to read an e-mail message without actually opening it.
reading pane
Known as ____, the deleted cookie's unique ID can still be assigned to a new cookie using the data stored in a Flash cookie as a backup.
respawning
Unsigned Java applets run in a security ____, which is like a fence that surrounds the program and keeps it away from private data and other resources on a local computer.
sandbox
ActiveX controls can be invoked from Web pages through the use of a ____ or directly by an HTML command.
scripting language
The database that contains the sequence of characters of a virus is called the _____
signature file
Which of these is a general term used for describing software that gathers information without the user's consent?
spyware
A cookie that was not created b the website that attempts to access it is called
third-party cookie
Which of these is NOT an action that a virus can take?
transport itself through the network to another device
A(n) ____ is a program that does not come from a trusted source.
unsigned Java applet
A reading pane allows the user to read an email message _____
without actually opening it
False
1. (True/False)Web servers distribute HTML documents based on a set of standards, or protocols, known as the Hypertext Transit Protocol (HTTP).
It is estimated that over 100 trillion e-mails are sent annually, increasing at a rate of ____ percent each year.
10
Malvertising
10. Which of the following can be described as a poisoned ad attack?
Cookies
11. What do web servers use to track whether a user has previously visited a web site?
Add-ons
12. Which type of web browser enhancement can change browser menus or create additional toolbars?
Drive by Downloads
13. What is it called when unsuspecting users visit an infected website and their browsers download code that targets a vulnerability in the user's browser?
Extensions
14. Which of the following expands the normal capabilities of a web broswer for a specific webpage?
Private Browsing
15. Using which Internet security best practice is information not saved by the browser, such as pages that are visited will not be recorded to history or the address bar?
Same Origin
16. Which JavaScript defense restricts a JavaScript downloaded from Site A from accessing data that came from Site B?
Hyperlinks
17. ____________________ allow users to jump from one area on the Web to another with a click of the mouse button
TCP/IP
18. Text-based messages that include words such as Viagra or investments can easily be trapped by _________ filters that look for these words and block the email.
Blacklist
19. _______________________ is a list of senders from whom the user does not want to receive any email.
False
2. (True/False) Third-party cookies can be stolen and used to impersonate the user, while first-party cookies can be used to track the browsing or buying habits of a user.
True
20. (True/False) With blocked top-level domain lists, email from entire countries or regions can be blocked and treated as spam.
The SMTP server listens on port number ____.
25
First Party Cookie
3. Which type of cookie is created from the Web site that a user is currently viewing?
____ is a technology that can associate a user's identity to a public key, in which the user's public key has been "digitally signed" by a trusted third party.
A digital certificate
What do web servers use to track whether a user has previously visited a web site?
Cookies
What are the risks of first-party cookies vs. third-party cookies?
Cookies pose security and privacy risks. First-party cookies can be stolen and used to impersonate the user, while third-party cookies can be used to track the browsing or buying habits of a user. When multiple websites are serviced by a single marketing organization , cookies can be used to track browsing habits on all the clients sites.
Botnets can flood a web server with thousands of requests and overwhelm it to the point that it cannot respond to legitimate requests. What is this called?
Denying services
What is it called when unsuspecting users visit an infected website and their browsers download code that targets a vulnerability in the user's browser?
Drive by downloads
What is the first step in defending against Internet-based attacks?
Ensure that the computer itself is properly secured
Which of the following expands the normal capabilities of a web browser for a specific webpage?
Extensions
Web sites use the standard HTTP protocol for sending data through the Internet because this protocol is secure and ensures that an attacker cannot view the contents of the transmission.
False
With blocked low-level domain lists, e-mail from entire countries or regions can be blocked and treated as spam.
False
Which of the following enhancements to software provides new or expanded function-ability but does not address security vulnerabilities?
Feature update
The ____ is a worldwide set of interconnected computers, servers, and networks.
Internet
Which of the following is the more recent and advanced electronic email system?
Internet Mail Access Protocol (IMAP)
A(n) ____ is a business from which users purchase Internet access.
Internet Service Provider
Using what email protocol can mail be organized into folders on the mail server and read from any device?
Internet mail Access Protocol (IMAP)
Which of the following is true about a cookie?
It can pose a security and privacy risk
Each of the following is true about the internet except:
It is a local network of computers and networks
Each of the following is an addition that could be added to a web browser to support dynamic browsing except _____
Java
____ is a complete programming language that can be used to create stand-alone applications.
Java
Which is the most popular scripting code used with webpages?
JavaScript
____ is a scripting language that does not create standalone applications.
JavaScript
What type of spyware silently captures and stores each keystroke that a user types on the computer's keyboard?
Keylogger
Which type of firewall is an external hardware device?
Network firewall
Which level of UAC provides the lowest level of security?
Never notify
Does malware usually enter a computer system with the user's knowledge?
No. Malware is software that enters a computer system without the user's knowledge or consent and then performs an unwanted and usually harmful action
Malware payload allows an attacker to execute virtually any command on the victim's computer; this is called _____
arbitrary code execution
E-mail ____ are documents that are connected to an e-mail message, such as word processing documents, spreadsheets, or pictures.
attachments
What is access a computer, program, or service that circumvents any normal security protections called?
backdoor
Each of the following is a typical feature of a fee-based Internet backup service except _____
backup to an external hard drive
A _____ is a list of email addresses from senders from whom you do not want to receive messages.
blacklist
Which of the following is not a type of malware that has as its primary trait circulation and/or infection?
botnet
Instructions written in HTML code specify how a local computer's Web ____ should display the words, pictures, and other elements on a user's screen.
browser
The most secure option when configuring a web browser for security is _____
deny first-party and third-party cookies
Each of the following is the reason why adware is scorned, except _____
it displays the attackers programming skills
Which of the following is not a web browser addition to enhance security?
local intranet flash signal
A(n) _____ is also called a Flash cookie, named after Adobe Flash.
locally shared object (LSO)
Which type of cookie is the most complex?
locally shared object (LSO)
Botnets are composed of _____
zombies