Chapter 5 - Systen Security Threats Flashcards
Your sales manager has contacted you to report that she recently misplaced her mobile device that may contain sensitive information. What should you instruct her to do first?
Remotely wipe the device
You are planning your training and awareness seminars. What should you tell employees to do with sensitive documents that are no longer needed?
Shred them
Your manager is worried about employee laptops being stolen in the middle of the day when an employee leaves their desk to get coffee or go to the washroom. What can you do to reduce the likelihood that a passerby will take a laptop left in a desk?
Use a lockdown cable
Your company has a strict policy when it comes to USB thumb drive usage in the office. An employee asks you why he is not allowed to use a thumb drive to carry files from his home computer to his office computer. Which of the following is the best answer?
A. Thumb drives do not have the capacity to store the data needed.
B. The data on a thumb drive can not be encrypted.
C. Thumb drives are too big to carry from location to location.
D. The drive could carry a virus from him to the office.
D. The drive could carry a virus from home to the office.
Which of the following best describes a Trojan virus?
A. Malicious software that is triggered by an event such as a specific date
B. A virus that disguises itself as a legitimate program but actually opens a port in the system.
C. Malicious software that monitors your internet activity
D. A virus that self-replicates
B. A virus that disguises itself as a legitimate program but actually opens a port in the system.
Bin installed an application on ten computers in the office over six months ago, and the application worked as expected. On February 12 of this year, the application deleted a number of critical files from the system. What type of virus is this?
Logic Bomb
While performing a security assessment, you notice that one of the systems has a small device connected between the keyboard and the computer. What is this device?
Keylogger
What type of root kit replaces an operating system driver file in hopes of hiding itself?
Kernel-level
A user logs in with a regular user account and then exploits a vulnerability in the operating system to gain administrative access to the system. What type of attack is this?
Privilege escalation
What is the term for a collection of systems that a hacker compromises and then uses to perform additional attacks?
Botnet
A user calls you to check out her system because it is performing slowly. You notice not only that the system is performing slowly, but that the virus scan software does not respond when you try to perform a virus scan. Which of the following represents the best action to take next in order to run a virus scan?
A. Enable the firewall.
B. Boot from DVD/USB.
C. Disable the NIC
D. Disable the firewall.
B. Boot from DVD/USB.
Your manager approaches you and says that she has been reading about the concept of live CDs and how hackers are using them to bypass system security. What would you do to help protect your systems from this type of threat?
Disable booting from CD/DVD
Which of the following is considered a valid security issue with network attached storage (NAS) devices?
A. The NAS device runs the SMB protocol.
B. If the NAS device is not configured properly, a security compromise could compromise all the data on the device.
C. The NAS device runs the NFS protocol.
D. The NAS device has a web interface for configuration.
B. If the NAS device is not configured properly, a security compromise could compromise all the data on the device.
Your manager has read that it is possible in older Bluetooth-enabled phones for a hacker to retrieve all the data from the phone. What type of attack is this?
Bluesnarfing
Identify the command you would use on a Windows system to view all listening ports on the system.
netstat -na
