Chapter 2

Question 1

Which of the following is not a primary trait of malware?
A. diffusion
B. circulation
C. infection
D. concealment

Answer 1

A. diffusion

Question 2

Which type of malware requires a user to transport it from one computer to another?
A. worm
B. rootkit
C. adware
D. virus

Answer 2

D. virus

Question 3

Which type of mutation completely changes a virus from its original form by rewriting its own code whenever it is executed?
A. betamorphic
B. oligomorphic
C. polymorphic
D. metamorphic

Answer 3

D. metamorphic

Question 4

Ebba received a message from one of her tech support employees. In violation of company policy, a user had downloaded a free program to receive weather reports, but the program had also installed malware on the computer that gave the threat actor unrestricted access to the computer. What type of malware had been downloaded?
A. virus
B. ransomware
C. RAT
D. Trojan

Answer 4

C. RAT

Question 5

Linnea’s father called her to say that a message suddenly appeared on his screen that says his software license has expired and he must immediately pay $500 to have it renewed before control of the computer will be returned to him. What type of malware is this?
A. persistent virusware
B. Trojanware
C. blocking ransomware
D. lockoutware

Answer 5

C. blocking ransomware

Question 6

Astrid’s computer screen suddenly says that all files are now locked until money is transferred to a specific account, at which time she will receive a means to unlock the files. What type of malware has infected her computer?
A. Bitcoin malware
B. Crypto-malware
C. Blocking virus
D. Networked worm

Answer 6

B. Crypto-malware

Question 7

What is the name of the threat actor’s computer that gives instructions to an infected computer?
A. Command and control (C&C) server
B. Resource server
C. Regulating Net Server (RNS)
D. Monitoring and Infecting (M&I) server

Answer 7

A. Command and control (C&C) server

Question 8

Which of these could NOT be defined as a logic bomb?
A. If the company’s stock price drops below $100, then credit Juni’s account with 10 additional years of retirement credit.
B. Erase all data if Matilda’s name is removed from the list of employees.
C. Reformat the hard drive three months after Sigrid left the company.
D. Send spam email to Moa’s inbox on Tuesday.

Answer 8

D. Send spam email to Moa’s inbox on Tuesday.

Question 9

Which of the following is NOT correct about a rootkit?
A. A rootkit is able to hide its presence or the presence of other malware.
B. A rootkit accesses “lower layers” of the operating system.
C. A rootkit is always the payload of a Trojan.
D. The risk of a rootkit is less today than previously.

Answer 9

C. A rootkit is always the payload of a Trojan.

Question 10

Which of these is a general term used for describing software that gathers information without the user’s consent?
A. gatherware
B. adware
C. spyware
D. scrapeware

Answer 10

c. spyware

Question 11

Which statement regarding a keylogger is NOT true?
A. Keyloggers can be used to capture passwords, credit card numbers, or personal information.
B. Software keyloggers are generally easy to detect.
C. Hardware keyloggers are installed between the keyboard connector and computer keyboard USB port.
D. Software keyloggers can be designed to send captured information automatically back to the attacker through the Internet.

Answer 11

B. Software keyloggers are generally easy to detect.

Question 12

A watering hole attack is directed against _____.
A. wealthy individuals
B. a smaller group of specific users
C. all users of a large corporation
D. attackers who send spam

Answer 12

B. a smaller group of specific users

Question 13

_____ sends phishing messages only to wealthy individuals.
A. Whaling
B. Spear phishing
C. Target phishing
D. Microing

Answer 13

A. Whaling

Question 14

Lykke receives a call while working at the helpdesk from someone who needs his account reset immediately. When Lykke questions the caller, he says, “If you don’t reset my account immediately, I will call your supervisor!” What psychological approach is the caller attempting to use on Lykke?
A. Familiarity
B. Scarcity
C. Intimidation
D. Consensus

Answer 14

C. Intimidation

Question 15

Hedda pretends to be the help desk manager and calls Steve to trick him into giving her his password. What social engineering attack has Hedda performed?
A. aliasing
B. duplicity
C. impersonation
D. luring

Answer 15

C. impersonation

Question 16

How can an attacker use a hoax?
A. A hoax could convince a user that a bad Trojan is circulating and that he should change his security settings.
B. By sending out a hoax, an attacker can convince a user to read his email more often.
C. A user who receives multiple hoaxes could contact his supervisor for help.
D. Hoaxes are not used by attackers today.

Answer 16

A. A hoax could convince a user that a bad Trojan is circulating and that he should change his security settings.

Question 17

Which of these items retrieved through dumpster diving would NOT provide useful information?
A. calendars
B. organizational charts
C. memos
D. books

Answer 17

D. books

Question 18

_____ is following an authorized person through a secure door.
A. Tagging
B. Tailgating
C. Backpacking
D. Caboosing

Answer 18

B. Tailgating

Question 19

Each of these is a reason why adware is scorned EXCEPT _____.
A. it displays objectionable content
B. it displays the attacker’s programming skills
C. it can interfere with a user’s productivity
D. it can cause a computer to crash or slow down

Answer 19

B. it displays the attacker’s programming skills

Question 20

What is the term used for a threat actor who controls multiple bots in a botnet?
A. bot herder
B. zombie shepherd
C. rogue IRC
D. cyber-robot

Answer 20

A. bot herder