Final Flashcards
Which of the following actors is most responsible for fueling counterfeit pharmaceutical companies?
Consumers
Internet Exchanges are switches that allow several networks to connect and pass bandwidth.
True
A Network Time Protocol server runs on UDP port 123 and responds to requests with megabytes worth of data. An attacker can perform an amplification attack by repeatedly sending small UDP packets to the server.
True
Eve knows that hundreds of millions of people visit images.google.com to search for pictures on the web. She decides to register imagesgoogle.com so she can set up a fake Google Images website that steals sensitive data. The domain she purchased is known as a:
Doppelganger
Which of the following is NOT an example of phishing?
Debbie is a shareholder of Acme Corporation. She receives an email that claims that the executive team will host a private meeting in the afternoon. She dresses up like a janitor and sneaks into the executive meeting in hopes of learning about upcoming financial results.
A command-line tool returns the following output: Interesting ports on 192.168.0.1: PORT STATE SERVICE 21/tcp closed ftp 22/tcp open ssh 23/tcp open telnet 25/tcp closed smtp 80/tcp open http 110/tcp open pop3
This tool is MOST LIKELY used for:
Scanning
Microsoft Office files are often used as vectors for spreading malware since they support code execution.
True
Eve successfully obtains the TLS certificate and corresponding public key for https://www.bing.com/. Eve can monitor search queries that are made on https://www.bing.com/.
False
Eve discovers a web application that allows the user to specify a filename as a URL parameter, and the application returns the file associated with the filename.
For example, Eve visits the following URL and receives an image file called cloudy.png:
http://secretserver.com/index.html?image=cloudy.png
She replaces the image filename with /etc/passwd and receives a file with password hashes when she visits:
http://secretserver.com/index.html?image=/etc/passwd
Which type of vulnerability did Eve exploit?
Insecure direct object reference
Malware analysis tools should run at a lesser privilege level than the malware being analyzed. This helps prevent the malware from knowing that it is being analyzed.
False
Which of the following statements about malware packing is CORRECT?
Packing involves encrypting malware so that signature-based detection can be evaded.
A frequency analysis attack can be successfully used to decrypt data that has been encrypted with the Data Encryption Standard (DES) algorithm.
False
According to the reading, Secure and Flexible Monitoring of Virtual Machines, which of the following statements is INCORRECT?
One of the design requirements of XenAccess was that it needs to create snapshots of virtual machines on a regular basis. These snapshots would allow a virtual machine to be rolled back in case a malicious actor tampered with its data.
Domain reputation systems are designed to protect users. They regularly scan ecommerce websites and run algorithms to determine if the products being sold are legitimate or fake.
False
In decision tree classification, a tree is created according to the following rules:
Each node represents a feature
Each branch represents a rule
Each leaf represents an outcome
True
