CPE-PC 321 Lec 3 Flashcards
(20 cards)
What is malware?
a. A type of software that improves network security
b. A set of network monitoring tools
c. Malicious software designed to damage, disrupt, or gain unauthorized access to systems
d. A cybersecurity protocol for secure communication
c. Malicious software designed to damage, disrupt, or gain unauthorized access to systems
Malware includes viruses, worms, Trojans, ransomware, spyware, and adware.
What is a computer virus?
a. A program that self-replicates and attaches itself to other files
b. A hardware device used to secure a network
c. A method of encrypting computer data
d. A security patch that prevents malware infections
a. A program that self-replicates and attaches itself to other files
Viruses spread by attaching themselves to legitimate files and executing when the host file is opened.
What is a worm?
a. A type of virus that requires a host file to spread
b. A self-replicating program that spreads without attaching to a file
c. A method for securing a network against attacks
d. A tool used to encrypt files
b. A self-replicating program that spreads without attaching to a file
Worms exploit network vulnerabilities to spread automatically.
What is a Trojan horse attack?
a. A type of malware disguised as a legitimate program
b. A type of hardware security tool
c. A method for preventing network intrusions
d. A cybersecurity framework
a. A type of malware disguised as a legitimate program
Trojans trick users into installing malicious software by pretending to be useful programs.
What is ransomware?
a. Malware that encrypts files and demands payment to unlock them
b. A tool used for penetration testing
c. A security feature of modern operating systems
d. A type of phishing attack
a. Malware that encrypts files and demands payment to unlock them
Ransomware attacks can lock users out of their systems until they pay a ransom.
What is phishing?
a. A method of securely transferring data
b. A form of social engineering used to trick users into revealing sensitive information
c. A way to encrypt network traffic
d. A technique for securely storing passwords
b. A form of social engineering used to trick users into revealing sensitive information
Phishing attacks commonly use fake emails or websites to steal login credentials and financial data.
What is spyware?
a. Software that monitors a user’s activities without their consent
b. A security tool that protects against hacking attempts
c. A program used to encrypt network communications
d. A firewall configuration setting
a. Software that monitors a user’s activities without their consent
Spyware collects information such as keystrokes, browsing habits, and login credentials.
What is adware?
a. A type of malware that generates unwanted advertisements
b. A security patch to prevent malware infections
c. A tool used to remove malicious programs
d. A type of ransomware attack
a. A type of malware that generates unwanted advertisements
Adware displays excessive pop-ups and can redirect users to malicious websites.
What is a Denial-of-Service (DoS) attack?
a. An attack that disrupts network services by overwhelming them with traffic
b. A method for securely transmitting data
c. A type of phishing attack
d. A security feature in modern operating systems
a. An attack that disrupts network services by overwhelming them with traffic
DoS attacks prevent legitimate users from accessing a system by flooding it with requests.
What is a Distributed Denial-of-Service (DDoS) attack?
a. An attack that prevents malware from spreading
b. A network security measure to protect against hacking
c. A type of DoS attack that originates from multiple sources
d. A tool used by security professionals to monitor network traffic
c. A type of DoS attack that originates from multiple sources
DDoS attacks use multiple devices (often compromised machines) to overwhelm a target system.
What is a buffer overflow attack?
a. An attack that exploits a vulnerability in poorly written code to execute malicious commands
b. A method for encrypting sensitive data
c. A technique for improving network security
d. A way to recover lost data
a. An attack that exploits a vulnerability in poorly written code to execute malicious commands
Buffer overflow attacks occur when more data is written to a memory buffer than it can hold, allowing attackers to execute malicious code.
What is a keylogger?
a. A type of malware that records a user’s keystrokes
b. A secure method for storing passwords
c. A tool used to detect network intrusions
d. A type of firewall
a. A type of malware that records a user’s keystrokes
Keyloggers capture keyboard inputs to steal passwords and sensitive data.
What is an exploit?
a. A legal penetration testing tool
b. A piece of code designed to take advantage of a vulnerability
c. A secure encryption method
d. A type of firewall rule
b. A piece of code designed to take advantage of a vulnerability
Exploits are used to target system weaknesses, often for malicious purposes.
What is network eavesdropping?
a. A method for encrypting network traffic
b. The unauthorized interception of network communications
c. A security patch to prevent malware infections
d. A tool used for network monitoring
b. The unauthorized interception of network communications
Eavesdropping attacks involve intercepting unencrypted network traffic to steal sensitive information.
What is session hijacking?
a. Gaining unauthorized control of an active network session
b. Encrypting network traffic to prevent data breaches
c. A method for recovering lost data
d. A cybersecurity measure to protect against malware
a. Gaining unauthorized control of an active network session
Session hijacking allows attackers to take over a user’s session and impersonate them.
What is a Man-in-the-Middle (MITM) attack?
a. A network security tool
b. A firewall configuration method
c. An attack where an attacker intercepts and alters communication between two parties
d. A method for securing network traffic
c. An attack where an attacker intercepts and alters communication between two parties
MITM attacks allow attackers to eavesdrop or modify data in real-time.
What is an intrusion detection system (IDS)?
a. A tool that monitors network traffic for suspicious activity
b. A method for encrypting sensitive data
c. A secure way to store passwords
d. A tool used to launch cyberattacks
a. A tool that monitors network traffic for suspicious activity
IDS detects unauthorized access attempts and alerts administrators.
What is an Advanced Persistent Threat (APT)?
a. A security patch to prevent malware infections
b. A targeted cyberattack carried out over a long period
c. A method for securing wireless networks
d. A type of firewall rule
b. A targeted cyberattack carried out over a long period
APTs involve sophisticated, long-term cyberattacks against specific targets.
What is social engineering?
a. A method for improving network security
b. A cybersecurity technique used to prevent malware infections
c. Manipulating people into revealing confidential information
d. A type of firewall configuration
c. Manipulating people into revealing confidential information
Social engineering exploits human behavior to gain unauthorized access to systems.
What is the primary goal of malware attacks?
a. To improve system performance
b. To gain unauthorized access, steal data, or disrupt operations
c. To provide free software updates
d. To protect against cyber threats
b. To gain unauthorized access, steal data, or disrupt operations
Malware is designed to harm systems, steal sensitive data, and compromise network security.
