COP4360_Final Review_True/False Flashcards
T or F
It is not possible to spread a virus via an USB stick.
False
T or F
Malicious software aims to trick users into revealing sensitive personal data.
False
T or F
Many forms of infection can be blocked by denying normal users the right to modify programs on the system
True
T or F
In addition to propagating, a worm usually carries some form of payload.
true
T or F
Flooding attacks take a variety of forms based on which network protocol is being used to implement the attack.
True
SYN-ACK and ACK packets are transported using IP, which is an unreliable network protocol.
True
A cyberslam is an application attack that consumes significant resources, limiting the server’s ability to respond to valid requests from other users.
true
The SYN spoofing attack targets the table of TCP connections on the server.
True
Given sufficiently privileged access to the network handling code on a computer system, it is difficult to create packets with a forged source address.
false
A DoS attack targeting application resources typically aims to overload or crash its network handling software.
false
The attacker needs access to a high-volume network connection for a SYN spoof attack.
false
Intrusion detection is based on the assumption that the behavior of the intruder differs from that of a legitimate user in ways that can be quantified.
true
The IDS component responsible for collecting data is the user interface.
false
Activists are either individuals or members of an organized crime group with a goal of financial reward.
false
The primary purpose of an IDS is to detect intrusions, log suspicious events, and send alerts.
true
Intruders typically use steps from a common attack methodology
true
An intruder can also be referred to as a hacker or cracker
true
Those who hack into computers do so for the thrill of it or for status.
true
Signature-based approaches attempt to define normal, or expected, behavior, whereas anomaly approaches attempt to define proper behavior.
false
Running a packet sniffer on a workstation to capture usernames and passwords is an example of intrusion.
True