Exam 2 (Material from Chapters 5 - 9ish)

Question 1

What are the layers of the OSI model?

Answer 1

Layer 7: Application
Layer 6: Presentation
Layer 5: Session
Layer 4: Transport
Layer 3: Network
Layer 2: Data Link
Layer 1: Physical

Question 2

Explain the function of each layer of the OSI model?

Answer 2

Layer 7: Application - User interface
Layer 6: Presentation - Data format; encryption
Layer 5: Session - process-to-process communication
Layer 4: Transport - end-to-end communication
Layer 3: Network - routing data; logical addressing; WAN delivery
Layer 2: Data Link - Physical addressing; LAN delivery
Layer 1: Physical - Signaling

Question 3

What is the difference between a WAN and a LAN?

Answer 3

Wide area networks (WANs)
- Connect systems over a large geographic area
Local area networks (LANs)
- Provide network connectivity for computers located in the same geographic area

Question 4

What are some WAN Connectivity Options?

Answer 4

Cable modem
Digital subscriber line (DSL)
Fiber optics
Satellite
Dialup
Cellular 3G/4G/5G networks

Question 5

What is the Ethernet standard?

Answer 5

• Defines how computers use Media Access Control (MAC) addresses to communicate with each other on the network
• Governs both the Physical and Data Link layers of the OSI Reference Model

Question 6

What is a hub?

Answer 6

• Contain a number of plugs, or ports, where you can connect Ethernet cables for different network systems
• Echo incoming packets to all ports

Question 7

What is a switch?

Answer 7

• Perform intelligent filtering
• Know the MAC address of the system connected to each port
• When a switch receives a packet on the network, they look at the destination MAC address and send the packet only to the port where the destination system resides

Question 8

What is a virtual LAN?

Answer 8

• A collection of logically related network devices that are viewed as a partitioned network segment
• Give administrators the ability to separate network segments without having to physically separate the network cabling
• Can be used to isolate logical groups of devices to reduce network traffic and increase security

Question 9

Transmission Control Protocol/Internet Protocol (TCP/IP) and How It Works

Answer 9

• A suite of protocols that operate at both the Network and Transport layers of the OSI Reference Model
• Governs all activity across the Internet and through most corporate and home networks
• Developed by the Department of Defense to provide a highly reliable and fault-tolerant network infrastructure (security was not a focus)

Question 10

Internet Protocol version 4 (IPv4) addresses
are how many bytes long?

Answer 10

Four bytes or 32bits

Question 11

Internet Protocol version 6 (IPv6) addresses
are how many bits long?

Answer 11

128 bits

Question 12

Are IPv4 or IPv6 addresses more secure?

Answer 12

IPv6

Question 13

What is DHCP?

Answer 13

Dynamic Host Configuration Protocol (DHCP)
- Allows each computer to get its configuration information dynamically from the network instead of manually
- Provides a computer with an IPv4 address, subnet mask, and other essential communication information

Question 14

What is port 20?

Answer 14

File Transfer Protocol (FTP) data transfer

Question 15

What is port 21?

Answer 15

File Transfer Protocol (FTP) control

Question 16

What is port 22?

Answer 16

Secure Shell (SSH)

Question 17

What is port 25?

Answer 17

Simple Mail Transfer Protocol(SMTP)

Question 18

What is port 53?

Answer 18

Domain Name System(DNS)

Question 19

What is port 80?

Answer 19

Hypertext Transport Protocol (HTTP)

Question 20

What is port 110?

Answer 20

Post Office Protocol v3 (POP3)

Question 21

What is port 139?

Answer 21

Network Basic Input/Output System (NetBIOS) Session Service

Question 22

What is port 143?

Answer 22

Internet Message Access Protocol (IMAP)

Question 23

What is port 443?

Answer 23

HTTP over Secure Sockets Layer (SSL)

Question 24

What is port 989?

Answer 24

File Transfer Protocol over SSL/Transport Layer security (FTPS) for data

Question 24

What is port 53?

Answer 24

Domain Name Service (DNS)

Question 24

What is port 990?

Answer 24

File Transfer Protocol over SSL/Transport Layer security (FTPS) for control

Question 25

What is port 161?

Answer 25

Simple Network Management Protocol (SNMP)

Question 25

What is ICMP?

Answer 25

Internet Control Message Protocol (ICMP)

• A management and control protocol for IP
• Delivers messages between hosts about the health of the network

Question 26

Attackers can use ICMP to create a _____ attack against a network

Answer 26

denial of service (DoS)

Question 27

What tools use ICMP?

Answer 27

Ping and Traceroute

• Ping sends a single packet to a target IP address (ICMP echo request)
• Traceroute uses ICMP echo request packets to identify the path that packets travel through a network

Question 28

What is reconnaissance?

Answer 28

The act of gathering information about a network for use in a future attack

Question 29

What is Eavesdropping?

Answer 29

When an attacker taps the data cable to see all data passing through it

Question 30

What is DoS

Answer 30

Flooding a network with traffic and shutting down a single point of failure

Question 31

What is Distributed DoS (DDoS)?

Answer 31

Uses multiple compromised systems to flood the network from many different directions

Question 32

Telephony denial of service (TDoS)

Answer 32

Attempts to prevent telephone calls from being successfully initiated or received by some person or organization

Question 33

What are three basic Network Security Defense tools?

Answer 33

• Firewalls
• VPNs
• Network access control (NAC)

Question 34

What is a firewall?

Answer 34

A firewall controls the flow of traffic by preventing unauthorized network traffic from entering or leaving a particular portion of the network

Question 35

What are three important firewall security features and explain them.

Answer 35

Flood guard
Loop protection
Network segmentation

Flood guard: Rules can limit traffic bandwidth from hosts, reducing the ability for any one host to flood a network

Loop protection: Firewalls can look at message addresses to determine whether a message is being sent around an unending loop (for example, from another form of flooding)

Network segmentation: Filtering rules enforce divisions between networks, keeping traffic from moving from one network to another

Question 36

What are three types of firewalls?

Answer 36

Packet filtering
Stateful inspection
Application proxy

Question 37

What are four firewall deployment techniques?

Answer 37

Border firewalls
Screened subnet (or demilitarized zone [DMZ]) firewalls
Multilayered firewalls
Unified threat management

*Images of these in Chapter 5 slides number 25-26

Question 38

What are URL filters?

Answer 38

Filters web traffic by examining the Uniform Resource Locator (URL) as opposed to the IP address

Question 39

What is content inspection?

Answer 39

The device looks at some or all network packet content to determine if the packet should be allowed to pass

Question 40

What is Malware inspection ?

Answer 40

A specialized form of content inspection, the device looks at packet content for signs of malware

Question 41

What are some major VPN technologies in use today?

Answer 41

Point-to-Point Tunneling Protocol (PPTP)
Secure Sockets Layer (SSL)/ Transport Layer Security (TLS)
Secure Socket Tunneling Protocol (SSTP)
Internet Protocol Security (IPSec)
OpenVPN

Question 42

What is a NAC?

Answer 42

Enables you to add more security requirements before allowing a device to connect to your network
Performs authentication and posture checking
IEEE 802.1x standard governs how clients may interact with a NAC device to gain entry to the network

Question 43

What is SIP?

Answer 43

Securing Session Initiation Protocol

Question 44

Voice and Video in an IP Network

Answer 44

Securing Session Initiation Protocol (SIP) and Voice over IP (VoIP)
- Patch all SIP/VoIP software and network component firmware
- Use virtual LANs (VLANs) to separate voice and video from other network use (i.e., workstations and printers)
- Enforce encrypted VPN use for all remote access (including SIP/VoIP)
- Require end-to-end encryption for all voice or video calls using TLS or Secure Real-Time Transport Protocol (SRTP)
- Enforce strong authentication for all network users
- Use firewalls to protect all SIP/VoIP devices and services
- Harden all SIP/VoIP devices and software

Question 45

What are WAPs?

Answer 45

Wireless access points(WAPs)
A radio that sends and receives networking information over the air between wireless devices and the wired network

• Anyone with a wireless device who is within radio range of a WAP can communicate with and attempt to connect to the network via the device
• Anyone within radio range of wireless network can capture all data sent on that network if not encrypted

Question 46

Additional Wireless Security Techniques: Hardware

Answer 46

Antenna types
Antenna placement
Power-level controls
Captive portals
Site surveys

Question 47

Wireless Network Security Controls

Answer 47

VPN over wireless
Wireless encryption
WEP (insecure and flawed)
Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP)
Wi-Fi Protected Access (WPA), WPA2, WPA3
Service set identifier (SSID) broadcast
MAC address filtering

Question 48

What is an Access Control?

Answer 48

The process of protecting a resource so that it is used only by those allowed to use it
Prevents unauthorized use
Mitigations put in place to protect a resource from a threat

Question 49

What is the Four-Part Access Control?

Answer 49

Identification
Authentication
Authorization
Accountability

Identification - Who is asking to access the asset?
Authentication - Can their identities be verified?
Authorization - What, exactly, can the requestor access? And what can they do?
Accountability - How are actions traced to an individual to ensure the person who make data or system changes can be identified?

Question 50

Policy definition phase

Answer 50

Who has access and what systems or resources can they use?
Tied to the authorization phase

Question 51

Policy enforcement phase

Answer 51

Grants or rejects requests for access based on the authorizations defined in the first phase
Tied to identification, authentication, and accountability phases

Question 52

What are the two types of access controls?

Answer 52

Physical and Logical

Physical: Controls entry into buildings, parking lots, and protected areas
Logical: Controls access to a computer system or network

Question 53

A smart card is an example of what type of access control?

Answer 53

physical

Question 54

Explain Logical Access Controls

Answer 54

Deciding which users can get into a system
Monitoring what each user does on that system
Restraining or influencing a user’s behavior on that system

Question 55

The Security Kernel

Answer 55

Enforces access control for computer systems
Central point of access control
Implements the reference monitor concept
Mediates all access requests
Permits access only when appropriate rules or conditions are met

• Image of this on slide 10 of chapter 6

Question 56

What are the four central components of access controls?

Answer 56

Users: People who use the system or processes (subjects)

Resources: Protected objects in the system

Actions: Activities that authorized users can perform on resources

Relationships: Optional conditions that exist between users and resources

Question 57

What is authorization?

Answer 57

The process of deciding who has access to which resources

Question 58

In most organizations, authorization is based on what?

Answer 58

job roles
background screening
and government requirements

Question 59

Conditions or policies are decided by what?

Answer 59

Individual users (user is assigned privileges; most detailed and difficult to maintain)
Group membership policy
Authority-level policy

Question 60

What are some methods used for identification?

Answer 60

Username
Smart card
Biometrics

Question 61

What are some guidelines for identificaiton?

Answer 61

Nonrepudiation
Accounting

Question 62

What are some processes and requirements for authentication?

Answer 62

Knowledge: Something you know
Ownership: Something you have
Characteristics: Something unique to you (something you are)
Action/performance: Something you do/how you do it
Behavior: Some observable trait or behavior that is unique to you
Location: Somewhere you are
Relationship: A trusted individual with whom you have a relationship/someone you know

Question 63

Authentication by Knowledge examples

Answer 63

Password
- Weak passwords easily cracked by brute-force or dictionary attack
- need password best practices
Passphrase
- Stronger than a password

Question 64

Authentication by Ownership

Answer 64

Synchronous token
- Calculates a number at both the authentication server and the device
– Time-based synchronization system
– Event-based synchronization system
– Continuous authentication

Asynchronous token
- Uses challenge-response technology
– Key-fob sized device
– Token software installed on a validated mobile device
– USB token
– Smart card

*image of this on slide 17 on chapter 6 slides

Question 65

Authentication by Characteristics/Biometrics

Answer 65

Static (physiological) measures
What you are
Examples: Fingerprint patterns, iris granularity, retina blood vessels
Dynamic (behavioral) measures
What you do
Examples: Voice inflections, keyboard strokes, signature motions

Question 66

What are some concerns surrounding biometrics?

Answer 66

• Accuracy
• Acceptability
• Reaction time

Question 67

What are some types of biometrics?

Answer 67

Fingerprint
Palm print
Hand geometry
Vein analysis
Retina scan
Iris scan
Facial recognition
Voice pattern
Keystroke dynamics
Signature dynamics
Gait analysis

Question 68

What are some advantages of biometrics?

Answer 68

• Person must be physically present to authenticate
• There is nothing to remember
• Biometrics are difficult to fake
• Lost IDs or forgotten passwords are not problems

Question 69

What are some disadvantages of biometrics?

Answer 69

• Physical characteristics might change
• Physically disabled users might have difficulties
• Not all techniques are equally effective
• Response time may be too slow
• Required devices can be expensive
• Privacy issues

Question 70

What is an example of an authentication by action?

Answer 70

Recording typing patterns

Question 71

What is Single Sign On?

Answer 71

• Sign on to a computer or network once and then be allowed into all computers and systems where authorized
• Reduces human error
• Difficult to put in place

Question 72

What are some advantages of Single Sign On?

Answer 72

Logon process is efficient
Users are generally willing to use stronger passwords
Provides continuous, clear reauthentication
Provides failed logon attempt thresholds and lockouts
Provides centralized administration

Question 73

What are some disadvantages of Single Sign On?

Answer 73

Compromised passwords grants access to an intruder
Static passwords provide very limited security
Difficulty adding SSO to unique computers or legacy systems
Scripts can expose data and do not provide two-factor authentication
Authentication server can become a single point of failure

Question 74

What are some processes used for Single Sign On (SSO)?

Answer 74

Kerberos
Secure European System for Applications in a Multi-vendor Environment (SESAME)
Lightweight Directory Access Protocol (LDAP)

Question 75

What are the formal models of access control?

Answer 75

Discretionary access control (DAC)
Mandatory access control (MAC)
Nondiscretionary access control
Rule-based access control

Question 76

______ denies access based on context or content through the application by presenting only options that are authorized for the current user.

Answer 76

Application-based DAC

Question 77

___ permission levels are:
- User based
- Job-based, group-based, or role-based access control (RBAC)
- Project based
- Task based

Answer 77

DAC

Question 78

Operating systems-based ___ policy considerations:
- Access control method
- New user registration
- Periodic review

Answer 78

DAC

Question 79

True or False: MAC is stronger than DAC

Answer 79

True

Question 80

What determines the level of restriction by sensitivity of resource (classification label)
and individuals then formally authorized (i.e., obtain clearance) to access sensitive information?

Answer 80

MAC

Question 81

Which is more secure? Nondiscretionary Access Control or DAC?

Answer 81

Nondiscretionary Access Control

Question 82

Access rules are closely managed by security administrator, not system owner or ordinary users in this access control.

Answer 82

Nondiscretionary Access Control

Question 83

Sensitive files are write-protected for integrity and readable only by authorized users in this access control.

Answer 83

Nondiscretionary Access Control

Question 84

___ ensures that system security is enforced and tamperproof.

Answer 84

Nondiscretionary Access Control

Question 85

Explicit rules grant access in this access control.

Answer 85

Rule-based access control

Question 86

Linux and macOS Access Control List (share and security permissions)

Answer 86

• Permissions
  – Read, write, execute
• Applied to
  – File owners, groups, global users

Question 87

Windows Access Control List (share and security permissions)

Answer 87

Share permissions
- Full, change, read, deny
Security permissions
- Full, modify, list folder contents, read-execute, read, write, special, deny

Question 88

What are some methods of constraining users

Answer 88

Menus
Database views
Physically constrained user interfaces
Encryption

Question 89

Microsoft offers _____ to help administrators manage access controls

Answer 89

Group Policy and Group Policy Objects (GPOs)

Question 90

Which centralized authentication, authorization, and accounting (AAA) servers are the most popular and have two configuration files?

Answer 90

RADIUS

Question 91

Which centralized authentication, authorization, and accounting (AAA) servers is an Internet Engineering Task Force (IETF) standard and has one configuration file

Answer 91

TACACS+

Question 92

Which centralized authentication, authorization, and accounting (AAA) servers has base protocol and extensions, uses User Datagram Protocol (UDP) in peer-to-peer (P2P) mode rather than client/server mode

Answer 92

DIAMETER

Question 93

Which centralized authentication, authorization, and accounting (AAA) servers is an open standard based on XML for exchanging both authentication and authorization data

Answer 93

SAML

Question 94

What access control handles access control decisions and administration locally; access control is in hands of the people closest to the system users?

Answer 94

Decentralized Access Control

Question 95

Password Authentication Protocol (PAP) and Challenge-Handshake Authentication Protocol (CHAP) are what common access protocols?

Answer 95

Decentralized access control

Question 96

What are some advantages of cloud computing?

Answer 96

No need to maintain a data center
No need to maintain a disaster recovery site
Outsourced responsibility for performance and connectivity
On-demand provisioning

Question 97

What are some disadvantages of cloud computing?

Answer 97

More difficult to keep private data secure
Greater danger of private data leakage
Greater demand for constant network access
Greater need for clients to trust outside vendors

Question 98

What is the goal of cryptography?

Answer 98

Make the cost or the time required to decrypt ciphertext without the key exceed the value of the protected information

Question 99

____ is the number of possible keys to a cipher.

Answer 99

Keyspace

Question 100

What is the most scrutinized cipher in history?

Answer 100

Data Encryption Standard (DES)

Question 101

_____ is the art of breaking code.

Answer 101

Cryptanalysis

Question 102

True/False: Cryptography was used in World Wars I and II

Answer 102

True

Question 103

What year was symmetric and asymmetric key cryptography introduced in?

Answer 103

1976

Question 104

____ cryptography uses photons, particles, or waves of light, and their unique properties transmitted across an optical fiber channel to create an unbreakable cryptosystem

Answer 104

Quantum

Question 105

What enables you to prevent a party from denying a previous statement or action

Answer 105

Nonrepudiation

Question 106

Many symmetric ciphers operate as either a ____ cipher or a ____ cipher.

Answer 106

stream, block

Question 107

What is a keyword mixed alphabet cipher?

Answer 107

Uses a cipher alphabet that consists of a keyword, minus duplicates, followed by the remaining letters of the alphabet

Question 108

What is a simple substitution cipher

Answer 108

Allows any letter to uniquely map to any other letter

Question 109

What is a product cipher?

Answer 109

Combination of multiple ciphers, each of which could be a transposition or substitution cipher

Question 110

What is an example of a product cipher?

Answer 110

Data Encryption Standard (DES)

Question 111

What is an example of an exponentiation cipher?

Answer 111

Involves computing exponentials over a finite mathematical field and relies on the difficulty of factoring large numbers

Question 112

What is an example of an exponentiation cipher?

Answer 112

Rivest–Shamir–Adelman (RSA)

Question 113

In asymmetric key ciphers when given some random input, you can generate associated key pairs that are _____ of each other.

Answer 113

inverses

Question 114

What is a checksum?

Answer 114

Summary information appended to a message to ensure that the values of the message have not changed

Question 115

Digital signatures require _____ key cryptography

Answer 115

asymmetric

Question 116

____ bind the identity of an entity to a particular message or piece of information and ensure the integrity of a message and verify who wrote it.

Answer 116

Digital Signatures

Question 117

Is DES symmetric key or asymmetric key cryptography?

Answer 117

symmetric

Question 118

Is 3DES symmetric key or asymmetric key cryptography?

Answer 118

symmetric

Question 119

Is International Data Encryption Algorithm (IDEA) symmetric key or asymmetric key cryptography?

Answer 119

symmetric

Question 120

Is CAST symmetric key or asymmetric key cryptography?

Answer 120

symmetric

Question 121

Is Blowfish symmetric key or asymmetric key cryptography?

Answer 121

symmetric

Question 122

Is AES symmetric key or asymmetric key cryptography?

Answer 122

symmetric

Question 123

Is RC2 symmetric key or asymmetric key cryptography?

Answer 123

symmetric

Question 124

Is RSA symmetric key or asymmetric key cryptography?

Answer 124

asymmetric

Question 125

Is ECC symmetric key or asymmetric key cryptography?

Answer 125

asymmetric

Question 126

A ___ is a key storage method that allows some authorized third-party access to a key under certain circumstances.

Answer 126

key escrow

Question 127

The ______ Handshake Protocol consists of two phases: server authentication and an optional client authentication.

Answer 127

Secure Sockets Layer (SSL)

Question 128

_____ verify a person’s identity or that person’s association with a message.

Answer 128

Digital signatures

Question 129

A ______ vouches for the validity of a credential, and maintains a list of invalid, or revoked, certificates in either a certificate revocations list (CRL) or by maintaining the data to support the newer Online Certificate Status Protocol (OCSP).

Answer 129

certificate authority (CA)

Question 130

This hash takes an input of any arbitrary length and generates a 128-bit message digest that is computationally infeasible to match by finding another input

Answer 130

MD5 message digest algorithm

Question 131

This hash produces a 160-bit hash from a message of any arbitrary length

Answer 131

Secure Hash Algorithm (SHA-1)

Question 132

This is a hash function that uses a key to create the hash, or message digest

Answer 132

Hash message authentication code (HMAC)

Question 133

This is a collection of functions that provide hash values for a wide range of applications

Answer 133

RACE Integrity Primitives Evaluation Message Digest (RIPEMD)

Question 134

_____ are a combination of a strong hash of a message, which acts as a fingerprint

Answer 134

Digital signatures

Question 135

____ is any program that contains instructions that run on a computer system and perform operations that the user does not intend

Answer 135

Malware

Question 136

Malicious code attacks what?
A: Confidentiality
B. Integrity
C. Availability
D. All of the above

Answer 136

D. All of the above

Question 137

What are the 3 types of viruses?

Answer 137

System infectors, File infectors, Data infectors

Question 138

Explain the difference between system infectors, file infectors, and data infectors.

Answer 138

System infectors
– Target computer hardware and software startup functions

File infectors
– Attack and modify executable programs (COM, EXE, SYS, and DLL files in Microsoft Windows)

Data infectors
– (Also called macro infectors) Attack document files containing embedded macro programming capabilities

Question 139

What is a rootkit?

Answer 139

Malware that modifies or replaces one or more existing programs to hide the fact that a computer has been compromised

Modify parts of the operating system to conceal traces of their presence

Provide attackers with access to compromised computers and easy access to launching additional attacks

Question 140

____ consumes computing resources bandwidth and central processing unit (CPU) time.

Answer 140

Spam

Question 141

True/False: Opt-out (unsubscribe) features in spam messages can represent a new form of reconnaissance attack to acquire legitimate target addresses

Answer 141

True

Question 142

____ are self-contained programs designed to propagate from one host machine to another using the host’s own network communications protocols

Answer 142

Worms

Question 143

____ are unlike viruses, do not require a host program to survive and replicate

Answer 143

Worms

Question 144

___ usually probe network-attached computers to exploit a specific vulnerability

Answer 144

Worms

Question 145

What is the largest class of malware?

Answer 145

Trojan Horses

Question 146

What are programs that masquerade as useful programs while hiding malicious intent?

Answer 146

Trojan Horses

Question 147

These programs rely on social engineering to spread and operate; spread through email messages, website downloads, social networking sites, and automated distribution agents (bots)

Answer 147

Trojan Horses

Question 148

_____ are programs that execute a malicious function of some kind when they detect certain conditions

Answer 148

Logic bombs

Question 149

Once in place, these programs wait for a specified condition or time, which, when it occurs, causes ______ to activate and carry out its tasks

Answer 149

logic bombs

Question 150

_______ typically originate with organization insiders because people inside an organization generally have more detailed knowledge of the IT infrastructure than outsiders

Answer 150

Logic bombs

Question 151

___ are robotically controlled networks.

Answer 151

botnets

Question 152

Controllers communicate with other members of the botnet using ______ channels

Answer 152

Internet Relay Chat (IRC)

Question 153

Attackers can use botnets to distribute malware and spam and to launch ______ attacks against organizations or even countries

Answer 153

denial of service (DoS)

Question 154

____ are attacks that overwhelm a server or network segment to the point that the server or network becomes unusable

Answer 154

Denial of Service (DoS)

Question 155

_____ attacks crash a server or network device or create so much network congestion that authorized users cannot access network resources

Answer 155

Denial of Service (DoS)

Question 156

______ attacks are when an attacker uses Internet Protocol (IP) spoofing to send a large number of packets requesting connections to the victim computer

Answer 156

Synchronize (SYN) Flood

Question 157

______ attacks are when attackers forge Internet Control Message Protocol (ICMP) echo request packets to IP broadcast addresses from remote locations to generate DoS attacks

Answer 157

Smurf

Question 158

____ is any unsolicited background process that installs itself on a user’s computer and collects information about the user’s browsing habits and website activities

Answer 158

Spyware

Question 159

Spyware affects ______ and ______.

Answer 159

privacy and confidentiality

Question 160

______ cookies are cookies that share information across sites. Some cookies are persistent and are stored on a hard drive indefinitely without user permission.

Answer 160

Spyware

Question 161

______ triggers nuisances such as popup ads and banners when user visits certain websites

Answer 161

Adware

Question 162

_______ affects productivity and may combine with active background activities. It collects and tracks information about application, website, and Internet activity.

Answer 162

Adware

Question 163

_____ tricks users into providing logon information on what appears to be a legitimate website but is actually a website set up by an attacker to obtain this information

Answer 163

Phishing

Question 164

_____is when an attacker supplies information about victim that appears to come from a legitimate company

Answer 164

Spear Phishing

Question 165

___ is the use of social engineering to obtain access credentials such as usernames and passwords

Answer 165

Pharming

Question 166

_____ capture keystrokes or user entries and forwards information to attacker. This enables the attacker to capture logon information, banking information, and other sensitive data.

Answer 166

Keystroke Loggers

Question 167

What motivates attackers?

Answer 167

• money
• fame
• political beliefs or systems
• anger or revenge
• cyberwarfare or espionage

Question 168

____ are the group of individuals responsible for planning, designing, implementing, and monitoring an organization’s security plan

Answer 168

Security administration

Question 169

The physical location where security administration work is often referred to as the
_____?

Answer 169

security operations center (SOC)