CH 2 COVERS OBJ 2.1, 2.3, 3.1, 3.2, 4.2, 4.3 Flashcards
WHAT IS A BOTNET
GROUP OF COMPROMISED COMPUTERS USUALLY WORKING TOGETHER WITH MALWARE THAT WAS INSTALLED BY A WORM OR A TROJAN HORSE
AN INDIVIDUAL COMPUTER WITHIN A BOTNET IS REFERRED TO AS WHAT
ZOMBIE
WHAT IS A VIRUS
CODE THAT CAN INFECT A COMPUTER’S FILES
WHAT IS A HONEYPOT
COMPUTER THAT IS USED TO LURE ATTACKERS AND QUARANTINE THEIR ATTACK SO IT CAN BE ANALYZED, AND DOES NOT SPREAD TO THE REST OF THE NETWORK
WHAT ARE SOME DRAWBACKS TO USING HIDS INSTEAD OF NIDS
HIDS MAY USE A LOT OF RESOURCES, WHICH CAN SLOW SERVER PERFORMANCE AND HIDS CANNOT DETECT NETWORK ATTACKS
WHAT ATTACKS CAN HIDS DETECT
OPERATING SYSTEM ATTACKS AND WILL HAVE A HIGH LEVEL OF DETECTION FOR THOSE ATTACKS
WHAT IS A ZOMBIE
SYSTEMS THAT HAVE BEEN COMPROMISED WITHOUT THE KNOWLEDGE OF THE OWNER
WHAT COMPUTER SECURITY THREATS CAN BE UPDATED AUTOMATICALLY AND REMOTELY
ZOMBIE
HOW DOES YOUR COMPUTER BECOME A ZOMBIE
COMPUTER MUST BE CONNECTED TO THE INTERNET SO THAT THE HACKER OR MALICIOUS ATTACK CAN MAKE ITS WAY TO THE COMPUTER AND BE CONTROLLED REMOTELY
WHAT IS THE BEST MODE TO USE WHEN SCANNING FOR VIRUSES
SAFE MODE
WHAT IS A COMMON SYMPTOM OF SPYWARE
POP-UP WINDOWS
WHAT ARE COMMON SYMPTOMS OF VIRUSES
INFECTED FILES, COMPUTER SHUTS DOWN, APPLICATIONS FREEZE
WHAT ARE TWO WAYS TO SECURE THE COMPUTER WITHIN THE BIOS
CONFIGURE A SUPERVISOR PASSWORD AND SET THE HARD DRIVE FIRST IN THE BOOT ORDER
DAN IS A NETWORK ADMINISTRATOR. ONE DAY HE NOTICES THAT HIS DHCP SERVER IS FLOODED WITH INFORMATION. HE ANALYZES IT AND FINDS THAT THE INFORMATION IS COMING FORM MORE THAN 50 COMPUTERS ON THE NETWORK. WHICH OF THE FOLLOWING IS THE MOST LIKELY REASON
A WORM IS MOSTLY LIKELY THE REASON THAT THE SERVER IS BEING BOMBARDED WITH INFORMATION BY THE CLIENTS
NAME 3 EXAMPLES OF MALICIOUS SOFTWARE
ROOTKITS, SPYWARE, AND VIRUSES
WHAT TYPE OF ATTACK USES MORE THAN ONE COMPUTER
DDOS-DISTRIBUTED DENIAL OF SERVICE
WHAT ARE 2 WAYS IN WHICH YOU CAN STOP EMPLOYEES FROM USING USB FLASH DRIVES
DISABLE USB IN BIOS AND DISABLE THE USB ROOT HUB IN THE OPERATING SYSTEM
NAME 2 BLUETOOTH THREATS
BLUESNARFING AND BLUEJACKING
WHAT IS A MALICIOUS ATTACK THAT EXECUTES AT THE SAME TIME EVERY WEEK
A LOGIC BOMB
TIM BELIEVES THAT HIS COMPUTER HAS A WORM. THAT IS THE BEST TOOL TO USE TO REMOVE THAT WORM
ANTIVIRUS SOFTWARE
ACTIVE INTERCEPTION INCLUDES WHAT
A COMPUTER PLACED BETWEEN THE SENDER AND THE RECEIVER TO CAPTURE INFORMATION
WHAT TYPE OF SCANNER CAN LOCATE A ROOTKIT ON A COMPUTER
MALWARE SCANNER
WHAT TYPE OF MALWARE DOES NOT REQUIRE A USER TO EXECUTE A PROGRAM TO DISTRIBUTE THE SOFTWARE
WORM
WHAT IS A WORM
SAME AS A VIRUS BUT IT SELF REPLICATES
WHAT IS A ROOTKIT
TYPE OF SOFTWARE DESIGNED TO GAIN ADMINISTRATOR LEVEL CONTROL OVER A COMPUTER SYSTEM WITHOUT BEING DETECTED
IS HIDS CONSIDER AN INLINE DEVICE
NO BECAUSE THEY RUN ON AN INDIVIDUAL COMPUTER
NAME 3 INLINE DEVICES
FIREWALLS, ROUTERS, AND CSU/DSU
WHAT IS BLUEJACKING
SENDING OF UNSOLICITED MESSAGES TO BLUETOOTH ENABLED DEVICES SUCH AS MOBILE PHONES
WHAT IS BLUESNARFING
UNAUTHORIZED ACCESS OF INFORMATION FROM A WIRELESS DEVICE THROUGH A BLUETOOTH CONNECTION
WHITELISTING, BLACKLISTING, AND CLOSING OPEN RELAYS ARE ALL MITIGATION TECHNIQUES ADDRESSING WHAT KIND OF THREAT
SPAM
HOW DO MOST NETWORK VIRUSES SPREAD
THROUGH EMAIL
WHAT IS THE DIFFERANCE BETWEEN A TROJAN HOUSE AND A WORM
A WORMS SELF REPLICATES WITHOUT USER INTERVENTION AND TROJAN HORSES DO NOT SELF REPLICATE
WHAT TYPE OF VIRUS HIDES ITS CODE TO MASK ITSELF
ARMORED VIRUS
NAME THE TYPES OF VIRUSES
BOOT SECTOR, MACRO, PROGRAM, POLYMORPHIC, STEALTH, ARMORED, MULTIPARTITE
NAME THE TYPES OF VIRUSES
BOOT SECTOR, MACRO, PROGRAM, POLYMORPHIC, STEALTH, ARMORED, MULTIPARTITE
WHAT TYPE OF MALWARE APPEARS TO THE USER AS LEGITIMATE BUT ACTUALLY ENABLES UNAUTHORIZED ACCESS TO THE USERS COMPUTER
TROJAN
WHAT WOULD BE CONSIDERED DETRIMENTAL EFFECTS OF A VIRUS
TECHNICAL SUPPORT RESOURCES ARE CONSUMED BY INCREASED USER CALLS AND USERS ARE TRICKED INTO CHANGING THE SYSTEM CONFIGURATION
TO MITIGATE RISKS WHEN USERS ACCESS COMPANY EMAIL WITH THEIR SMARTPHONE, WHAT SECURITY POLICY SHOULD BE IMPLEMENTED
A PASSWORD SHOULD BE SET ON THE SMARTPHONE AND THE PHONE SHOULD LOCK AFTER A CERTAIN TIME PERIOD
YOUR MANAGER WANTS YOU TO IMPLEMENT A TYPE OF INTRUSION DETECTION SYSTEM (IDS) THAT CAN BE MATCHED TO CERTAIN TYPES OF TRAFFIC PATTERNS. WHAT KIND OF IDS IS THIS
SIGNATURE BASED IDS
YOU ARE THE SECURITY ADMINISTRATOR FOR YOUR ORGANIZATION. YOU WANT TO ENSURE THE CONFIDENTIALITY OF DATA ON MOBILE DEVICES. WHAT IS THE BEST SOLUTION?
DEVICE ENCRYPTION IS THE BEST SOLUTION TO PROTECT THE CONFIDENTIALITY OF DATA.
YOU ARE TASK WITH IMPLEMENTING A SOLUTION THAT ENCRYPTS THE CEO’S LAPTOP. HOWEVER YOU AR NOT ALLOWED TO PURCHASE ADDITIONAL HARDWARE OR SOFTWARE. WHICH OF THE FOLLOWING SOLUTIONS SHOULD YOU IMPLEMENT
TPM OR TRUSTED PLATFORM MODULE IS A CHIP THAT RESIDES ON THE MOTHERBOARD OF THE LAPTOP. IT GENERATE CRYPTOGRAPHIC KEYS THAT ALLOW THE ENTIRE DISK TO BE ENCRYPTED AS IN FULL DISK ENCRYPTION
ONE OF YOUR CO-WORKERS COMPLAINS OF VERY SLOW SYSTEM PERFORMANCE AND SAYS THAT A LOT OF ANTIVIRUS MESSAGES ARE BEING DISPLAYED. THE USER ADMITS TO RECENTLY INSTALLING PIRATED SOFTWARE AND DOWNLOADING AND INSTALLING AN ILLEGAL KEYGEN TO ACTIVATE THE SOFTWARE. WHAT TYPE OF MALWARE HAS AFFECTED THE USER’S COMPUTER
A TROJAN WAS PROBABLY INSTALLED AS PART OF THE KEYGEN PACKAGE
A SMARTPHONE HAS BEEN LOST. YOU NEED TO ENSURE 100% THAT NO DATA CAN BE RETRIEVED FROM IT. WHAT SHOULD YOU DO?
REMOTE WIPE
