1200 Flashcards Preview

Security > 1200 > Flashcards

Flashcards in 1200 Deck (100):
1

An organization that purchased security products from different vendors is demonstrating which security principle? A. obscurity B. diversity C. limiting D. layering

B. diversity

2

Each of the following can be classified as an "insider" except __________. A. business partners B. contractors C. cybercriminals D. employees

C. cybercriminals

3

__________ are a network of attackers - identify thieves - and financial fraudsters. A. script kiddies B. hackers C. cybercriminals D. spies

C. cybercriminals

4

Each of the following is a characteristic of cybercriminals except __________. A. better funded B. less risk-averse C. low motivation D. more tenacious

C. low motivation

5

Each of the following is a characteristic of cybercrime except __________. A. targeted attacks against financial networks B. exclusive use of worms and viruses C. unauthorized access to information D. theft of personal information

B. exclusive use of worms and viruses

6

An example of a(n) ___________ is a software defect in an operating system that allows an unauthorized user to gain access to a computer without a password. A. threat agent B. threat C. vulnerability D. asset exploit (AE)

C. vulnerability

7

__________ requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information and to protect all electronic and paper documents containing personally identifiable financial information. A. California Savings and Loan Security Act (CS&LSA) B. Gramm-Leach-Bliley Act (GLBA) C. USA Patriot Act D. Sarbanes-Oxley Act (Sarbox)

B. Gramm-Leach-Bliley Act (GLBA)

8

The term __________ is sometimes used to identify anyone who illegally breaks into a computer system. A. hacker B. cyberterrorist C. Internet Exploiter D. cyberrogue

A. hacker

9

An example of __________ is not revealing the type of computer - operating system - software - and network connection a computer uses. A. obscurity B. limiting c. diversity D. layering

a. obscurity

10

The __________ is primarily responsible for assessment - management - and implementation of security. A. security manager B. security administrator C. Chief Information Security Officer (CISO) D. security technician

C. Chief Information Security Officer (CISO)

11

List the 3 protections or CIA.



1- Confidentiality
2- Integrity
3- Availability

12

List the 3 sets of protections that must be implemented to secure information or AAA.

1- Authentication
2- Authorization
3- Accounting

13

List the 3 information security layers.

1- Products
2- People
3- Procedures

14

A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.

Adware

15

Software code that gives access to a program or a service that circumvents normal security protections.

Backdoor

16

A logical computer network of zombies under the control of an attacker.

Botnet

17

A malicious computer code that - like its biological counterpart - reproduces itself on the same computer.

Computer Virus (Virus)

18

The act of digging through trash receptacles to find information that can be useful in an attack.

Dumpster Diving

19

A false warning.

Hoax

20

An attack that creates a fictitious character and then plays out the role of that person on a victim.

Impersonation

21

Captures and stores each keystroke that a user types on the computer's keyboard.

Keylogger

22

Computer code that lies dormant until it is triggered by a specific logical event.

Logic Bomb

23

Software that enters a computer system without the user's knowledge or consent and then performs an unwanted - and usually harmful - action.

Malware

24

A phishing attack that automatically redirects the user to a fake site.

Pharming

25

Sending an email or displaying a Web announcement that falsely claims to be form a legitimate enterprise in an attempt to trick the user into surrendering private information.

Phishing

26

A set of software tools used by an attacker to hide the actions or presence of other types of malicious software.

Rootkit

27

Watching an authorized user enter a security code on a keypad.

Shoulder Surfing

28

A means of gathering information for an attack by relying on the weaknesses of individuals.

Social Engineering

29

Unsolicited email.

Spam

30

A phishing attack that targets only specific users.

Spear Phishing

31

A variation of spam - which targets instant messaging users instead of email users.

Spim

32

A general term used to describe software that spies on users by gathering information without consent - thus violating their privacy.

Spyware

33

The act of unauthorized individuals entering a restricted-access building by following an authorized user.

Tailgating

34

An executable program advertised as performing one activity - but actually does something else (or it may perform both the advertised and malicious activities).

Trojan Horse (Trojan)

35

A phishing attack that uses a telephone call instead of using email.

Vishing

36

A phishing attack that targets only wealthy individuals.

Whaling

37

Horizontally separating words so that they can still be read by the human eye.

Word Splitting

38

A malicious program designed to take advantage of a vulnerability in an application or an operating system in order to enter a computer and then self-replicate to other computers.

Worm

39

A __________ requires a user to transport it from one computer to another. A. worm B. rootkit c. virus d. trojan

C. Virus

40

Each of the following is an action that a virus can take except __________. A. transport itself through the network to another device B. cause a computer to crash C. erase files for a hard drive D. make multiple copies of itself and consume all of the free space in a hard drive

A. transport itself through the network to another device

41

Each of the following is a different type of computer virus except ___________. A. program virus B. macro virus C. remote virus D. boot virus

C. remote virus

42

Li downloads a program that prints coupons - but in the background it silently collects her passwords. Li has actually downloaded a __________. A. virus B. worm C. Trojan D. logic bomb

C. Trojan

43

To completely remove a rootkit from a computer - you should __________. A. flash the ROM BIOS B. erase and reinstall all fires in the WINDOWS folder C. expand the Master Boot Record D. reformat the hard drive and reinstall the operating system

D. reformat the hard drive and reinstall the operating system

44

Each of the following could be a logic bomb except ___________. A. erase all data if John Smith's name is removed from the list of employees. B. reformat the hard drive three months after Susan Jones left the company C. send spam e-mail to all users D. if the company's stock price drops below $10 - then credit Jeff Brown with 10 additional years of retirement credit

C. send spam e-mail to all users

45

C. GIF layering A. Word splitting B. Geometric variance

D. if the company's stock price drops below $10 - then credit Jeff Brown with 10 additional years of retirement credit

46

__________ is an image spam that is divided into multiple images - and each piece of the message is divided and then layered to create a complete and legible message. A. Word splitting B. Geometric variance C. GIF layering D. Split painting

C. GIF layering

47

__________ is a general term used for describing software that gathers information without the user's consent. A. Adware B. Scrapeware C. Pullware D. Spyware

D. Spyware

48

Each of the following is true regarding a keylogger except __________. A. hardware keyloggers are installed between the keyboard connector and computer keyboard or USB port B. software keyloggers are easy to detect C. keyloggers can be used to capture passwords - credit card numbers - or personal information D. software keyloggers can be designed to send captured information automatically back to the attacker through the Internet

B. software keyloggers are easy to detect

49

The preferred method today of bot herders for command and control of zombies is to use __________. A. Internet Relay Chat (IRC) B. e-mail C. Hypertext Transport Protocol (HTTP) D. spam

C. Hypertext Transport Protocol (HTTP)

50

Which of the following is a social engineering technique that uses flattery on a victim? A. Conformity B. Friendliness C. Fear D. Ingratiation

D. Ingratiation

51

__________ sends phishing messages only to wealthy individuals. A. Spear phishing B. Target phasing C. Microing D. Whaling

D. Whaling

52

__________ is unsolicited instant messaging. A. Spam B. Vishing C. SMS Phishing (SMS-P) D. Spim

D. Spim

53

Erin pretends to be a manager from another city and calls Nick to trick him into giving her his password. What social engineering attack has Erin performed? A. Aliasing B. Luring C. Impersonation D. Duplicity

C. Impersonation

54

How can an attacker use a hoax? A. A hoax could convince a user that a bad Trojan is circulating and that he should change his security settings. B. By sending out a hoax - an attacker can convince a user to read his e-mail more often. C. A user who receives multiple hoaxes could contact his supervisor for help. D. Hoaxes are not used by attackers today.

A. A hoax could convince a user that a bad Trojan is circulating and that he should change his security settings.

55

Which of the following is not an item that could be retrieved through dumpster diving that would provide useful information? A. Calendars B. Memos C. Organizational Charts D. Books

D. Books

56

__________ is the following of an authorized person through a secure door. A. Tagging B. Tailgating C. Social Engineering Following (SEF) D. Backpacking

B. Tailgating

57

Each of the following is the reason adware is scorned except __________. A. it displays the attackers programming skills B. it displays objectionable content C. it can cause a computer to crash slow down. D. it can interfere with a user's productivity

A. it displays the attackers programming skills

58

An attacker who controls multiple zombies in a botnet is known as a __________. A. zombie shepherd B. rogue IRC C. bot herder D. cyberrobot

C. bot herder

59

Observing someone entering a keypad code from a distance is known as __________. A. shoulder surfing B. piggybacking C. spoofing D. watching

A. shoulder surfing

60

Programs that provide additional functionality to Web browsers.

Add-ons

61

Part of the TCP/IP protocol for determining the MAC address based on the IP address.

Address Resolution Protocol (ARP)

62

An attack that corrupts the ARP cache.

ARP Poisoning

63

Files that are coupled to e-mail messages.

Attachments

64

An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.

Buffer Overflow

65

An attack that targets vulnerabilities in client applications that interact with a compromised server or processes malicious data.

Client-Side Attack

66

A file on a local computer in which a server stores user-specific information.

Cookie

67

Injecting and executing commands to execute on a server.

Command Injection

68

An attack that injects scripts into a Web application server to direct attacks at clients.

Cross-Site Scripting (XSS)

69

An attack that attempts to prevent a system from performing its normal functions.

Denial of Service (DoS)

70

An attack that takes advantage of a vulnerability in the Web application program or the Web server software so that a user can move from the root directory to other restricted directories.

Directory Traversal

71

An attack that uses multiple zombie computers (even hundreds or thousands) in a botnet to flood a device with requests.

Distributed Denial of Service (DDoS)

72

An attack that substitutes DNS addresses so that the computer is automatically redirected to another device.

DNS Poisoning

73

A hierarchical name system for matching computer names and numbers.

Domain Name System (DNS)

74

A cookie that is created from the Web site that currently is being viewed.

First-Party Cookie

75

A cookie named after the Adobe Flash player. Also known as local shared objects (LSO's). Flash cookies cannot be deleted through the browser's normal configuration settings as regular cookies can. Typically - they are saved in multiple locations on the hard drive and can take up as much as 100 - 000 bytes of storage per cookie (about 25 times the size of a normal cookie). Flash cookies can also be used to reinstate regular cookies that a user has deleted or blocked.

Flash Cookie

76

A list of the mappings of names to computer numbers.

Host Table

77

Part of HTTP that is composed of fields that contain the different characteristics of the data that is being transmitted.

HTTP Header

78

Modifying HTTP headers to create an attack.

HTTP Header Manipulation

79

An attack that intercepts legitimate communication and forges a fictitious response to the sender.

Man-In-The-Middle

80

A cookie that is recorded on the hard drive of the computer and does not expire when the browser closes.

Persistent Cookie (Tracking Cookie)

81

A utility that sends an ICMP echo request message to a host.

Ping

82

An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets.

Ping Flood

83

An attack that exploits a vulnerability in software to gain access to resources that the user would normally be restricted from obtaining.

Privilege Escalation

84

An attack that makes a copy of the transmission before sending it to the recipient.

Replay

85

A cookie that is only used when a browser is visiting a server using a secure connection.

Secure Cookie

86

A cookie that is stored in Random Access Memory (RAM) - instead of on the hard drive - and only lasts for the duration of visiting a Web site.

Session Cookie

87

An attack in which an attacker attempts to impersonate the user by using his session token.

Session Hijacking

88

A form of verification used when accessing a secure Web application.

Session Token

89

An attack that broadcasts a ping request to all computers on the network yet changes the address from which the request came to that of the target.

Smurf Attack

90

Impersonating another computer or device.

Spoofing

91

An attack that targets SQL servers by injecting commands to be manipulated by the database.

SQL Injection

92

An attack that takes advantage of the procedures for initiating a TCP session.

SYN Flood Attack

93

A cookie that was created by a third party that is different from the primary Web site.

Third-Party Cookies

94

An attack involving using a third party to gain access rights.

Transitive Access

95

A markup language that is designed to carry data instead of indicating how to display it.

XML (Extensible Markup Language)

96

An attack that injects XML tags and data into a database.

XML Injection

97

Attacks that exploit previously unknown vulnerabilities - so victims have not time (zero days) to prepare or defend against the attacks.

Zero Day Attacks

98

A __________ attack exploits previously unknown vulnerabilities.

D. zero day

99

Why can traditional networking security devices NOT be used to block Web application attacks? A. Traditional network security devices ignore the content of HTTP traffic - which is the vehicle of Web application attacks B. Web application attacks use Web browsers that cannot be controlled on a local computer C. Network security devices cannot prevent attacks from Web resources D. The complex nature of TCP/IP allows for too many ping sweeps to be blocked.

A. Traditional network security devices ignore the content of HTTP traffic - which is the vehicle of Web application attacks

100

Attackers use buffer overflows to __________. A. corrupt the kernel so the computer cannot reboot. B. point to another area in data memory that contains the attacker's malware code C. place a virus into the kernel D. erase buffer overflow signature files

B. point to another area in data memory that contains the attacker's malware code