Chapter 9 Flashcards
Different types of organizations have similar levels of network security risks.
T/F
False
The term malware is derived from a combination of the words malicious and software.
T/F
True
A hacker, in the original sense of the word, is someone with technical skills and malicious intent.
T/F
False
The day after Patch Tuesday is informally Exploit Wednesday.
T/F
True
A drop ceiling could be used by an intruder to gain access to a secured room.
T/F
True
Over a long distance connection, using SSH keys is more secure than using passwords.
T/F
True
The original version of the Secure Hash Algorithm was developed by MIT.
T/F
False
Sudden unexplained increases in file sizes and unusual error messages with no apparent cause are both potential symptoms of a viral infection.
T/F
True
Current research indicates that a long, random string of words, such as correct horse battery staple is much more secure than a random series of letters, numbers, and symbols that is short enough to be remembered.
T/F
True
It is ideal to use the same password for multiple different applications, provided the password is complex enough.
T/F
False
Which penetration testing tool combines known scanning and exploit techniques to explore potentially new attack routes?
Nessus
metasploit
nmap
Sub7
metasploit
Which of the following statements correctly describes the malware characteristic of polymorphism?
Polymorphic malware can change its characteristics every time it is transferred to a new system.
Polymorphic malware is designed to activate on a particular date, remaining harmless until that time.
Polymorphic malware is software that disguises itself as a legitimate program, or replaces a legitimate program’s code with destructive code.
Polymorphic malware utilizes encryption to prevent detection.
Polymorphic malware can change its characteristics every time its transferred to a new system
A virus that remains dormant until a specific condition is met, such as the changing of a file or a match of the current date is known as what kind of malware?
encrypted virus
logic bomb
boot sector virus
worm
logic bomb
Which of the following statements describes a worm?
A program that disguises itself as something useful but actually harms your system.
A process that runs automatically, without requiring a person to start or stop it.
A program that runs independently of other software and travels between computers and across networks.
A program that locks a user’s data or computer system until a ransom is paid.
A program that runs independently of other software and travels between computers a across networks
If multiple honeypots are connected to form a larger network, what term is used to describe the network?
combolure
lurenet
honeycomb
honeynet
honeynet
An attack that relies on redirected and captured secure transmissions as they occur is known as what type of attack?
buffer overflow
session hijacking attack
man-in-the-middle attack
banner-grabbing attack
man-in-the-middle attack
Which of the following scenarios represents a phishing attempt?
An employee at your company has received a malware-infected file in their e-mail.
A person posing as an employee tried to access a secured area at your organization.
A gift was offered to an employee with access to secured information in exchange for details.
An e-mail was sent to a manager at your company that appeared to be from the company’s CTO, asking for access.
An email was sent to a manager at your company that appeared to be from the company’s CTO, asking for access
In a red team blue team exercise, what is the purpose of the blue team?
The blue team is tasked with attacking the network.
The blue team must observe the actions of the red team.
The blue team is charged with the defense of the network.
The blue team consists of regulators that ensure no illegal activity is undertaken.
The blue team is charged with the defense of the network
Which of the following utilities performs sophisticated vulnerability scans, and can identify unencrypted data such as credit card numbers?
Nmap
Nessus
Metasploit
L0phtcrack
Nessus
If someone is offered a free gift or service in exchange for private information or access to a computer system, what type of social engineering is taking palce?
phishing
baiting
quid pro quo
tailgating
quid pro quo
A person posing as an employee strikes up a conversation with a legitimate employee as they walk into a secured area, in an attempt to gain access. What kind of social engineering is this?
phishing
baiting
quid pro quo
tailgating
tailgating
In the typical social engineering attack cycle, what occurs in Phase 3?
The attacker researches the desired target for clues as to vulnerabilities.
The attacker builds trust with the target and attempts to gain more information.
The attacker exploits an action undertaken by the victim in order to gain access.
The attacker executes an exit strategy in such a way that does not leave evidence or raise suspicion.
The attacker exploits an action undertaken by the victim in order to gain access
The concept of giving employees and contractors only enough access and privileges to do their jobs is known by what term?
least-risk privilege profile
principle of least privilege
minimal access/minimal exposure
limited liability access
principle of least privilege
What statement regarding denial of service attacks is accurate?
A denial-of-service attack occurs when a MAC address is impersonated on the network.
A denial-of-service attack prevents legitimate users from accessing normal network resources.
A denial-of-service attack is generally a result of a disgruntled employee.
A denial-of-service attack is no longer a major concern due to the increased throughput available on most networks.
A denial of service attack prevents legitimate users from accessing normal network resources
