Hola

Question 1

possibility that a harmful event, such as an attack, will occur.

Answer 1

threat

Question 2

weakness that makes a target susceptible to an attack.

Answer 2

vulnerability

Question 3

has become an umbrella

Answer 3

malware

Question 4

malicious executable code attached to another executable file

Answer 4

Viruses

Question 5

In order to avoid detection, a virus

Answer 5

mutates

Question 6

malicious code that replicates by independently exploiting
vulnerabilities in networks.

Answer 6

worms

Question 7

malware that carries out malicious operations under the guise of a desired operation such as playing an online game

Answer 7

trojan horse

Question 8

is a malicious program that uses a trigger to awaken the
malicious code

Answer 8

logic bomb

Question 9

Cybersecurity specialists recently discovered logic bombs that attack and destroy the hardware components in a workstation or server

Answer 9

true

Question 10

holds a computer system, or the data it contains, captive until the target makes a payment

Answer 10

ransomware

Question 11

refers to the program or code introduced by a criminal who has compromised a system

Answer 11

backdoor

Question 12

modifies the operating system to create a backdoor. Attackers then use the backdoor to access the computer remotely

Answer 12

rootkit

Question 13

takes advantage of programming errors or design flaws

Answer 13

privilege escalation

Question 14

also known as junk mail, is unsolicited email. In most cases, is a method of advertising. However, can send harmful links, malware, or
deceptive content.

Answer 14

spam

Question 15

is software that enables a criminal to obtain information about a user’s computer activities

Answer 15

spyware

Question 16

typically displays annoying pop-ups to generate revenue for its
authors.

Answer 16

adware

Question 17

persuades the user to take a specific action based on fear

Answer 17

scareware

Question 18

phishing is a form of …

Answer 18

fraud

Question 19

is a highly targeted phishing attack. Sends customized
emails to a specific person

Answer 19

spear phishing

Question 20

is phishing using voice communication technology. Criminals can spoof calls from legitimate sources using voice over IP (VoIP) technology

Answer 20

vishing

Question 21

(Short Message Service phishing) is phishing using text messaging on mobile phones. Malware is installed on the mobile phone

Answer 21

smishing

Question 22

is the impersonation of a legitimate website. Misdirects users to a fake website that appears to be official

Answer 22

pharming

Question 23

is a phishing attack that targets high profile targets within an
organization such as senior executives. Targets include politicians or celebrities

Answer 23

whaling

Question 24

Security breaches can affect web browsers. A criminal can hack a browser’s executable file, a browser’s components, or its plugins

Answer 24

browser plugins

Question 25

Search engines such as Google work by ranking pages and
presenting relevant results based on users’ search queries. uses to make a malicious website appear higher in search results

Answer 25

SEO Poisoning

Question 26

is a completely non-technical means for a criminal to gather
information on a target. is an attack that attempts to manipulate individuals into performing actions or divulging confidential information

Answer 26

social engineering

Question 27

A criminal observes, or shoulder surfs, to pick up PINs, access codes or credit card numbers

Answer 27

shoulder surfing

Question 28

“One man’s trash is another man’s treasure”. Is the process of going through a target’s trash to see what information an organization throws out. a
container that holds classified or sensitive documents for later destruction by fire

Answer 28

dumpster diving

Question 29

Similar to eavesdropping on someone. Attackers examine all network traffic their NIC. Criminals accomplish network with a software application,
hardware device, or a combination of the two

Answer 29

sniffing

Question 30

is an impersonation attack, and it takes advantage of a trusted
relationship between two systems

Answer 30

spoofing

Question 31

Attack by intercepting communications between computers to steal information crossing the network

Answer 31

man in the middle

Question 32

is a computer attack that tries to exploit software
vulnerabilities that are unknown or undisclosed by the software vendor.

Answer 32

zero-day attack

Question 33

Software program that records or logs the keystrokes of the user of the system. captured in the log file can reveal usernames,
passwords, websites visited, and other sensitive information

Answer 33

keyboard logging

Question 34

is becoming a problem area in mobile security with the popularity of smartphones. includes applications that behave in an annoying or
undesirable manner

Answer 34

grayware

Question 35

is a wireless access point installed on a secure network without explicit authorization

Answer 35

rogue access point

Question 36

Wireless signals are susceptible to electromagnetic interference
(EMI), radio-frequency. Disrupts the transmission of a radio or satellite station.

Answer 36

RF jamming

Question 37

Sending unauthorized messages to another Bluetooth device. A variation of this is to send a shocking image to the other device

Answer 37

bluejacking

Question 38

occurs when the attacker copies the victim’s information from his device. This information can include emails and contact lists

Answer 38

bluesnarfing

Question 39

uses a key for encryption. Since everyone is using
the same key, the criminal has access to a large amount of traffic for analytic attacks.

Answer 39

WEP and WPA

Question 40

has three participants: the criminal, the victim, and the website.
The cyber-criminal does not target a victim directly. The criminal exploits vulnerability
within a website or web application. Criminals inject client-side scripts into web
pages viewed by users, the victims. A malicious script of this type can access any
cookies, session tokens, or other sensitive information

Answer 40

cross-site scripting

Question 41

One way to store data at a website is to use a database. Types of databases: Structured Query Language (SQL) or Extensible Markup Language
(XML). Both injection attacks exploit weaknesses not validating database queries
properly

Answer 41

code injection

Question 42

Data goes beyond the limits of a buffer. Buffers are memory areas allocated to an application. The application accesses memory allocated to other processes. This can lead to a system crash, data compromise, or provide escalation of privileges

Answer 42

buffer overflow

Question 43

Allow a cybercriminal to execute malicious code and take control of a system. Allows a criminal to execute any
command on a target machine

Answer 43

remote code executions vulnerabilities

Question 44

Java operates through an interpreter, the Java Virtual Machine (JVM). The JVM enables the Java program’s functionality. Java is the second biggest
number of security vulnerabilities next to Adobe’s Flash plugin

Answer 44

Java extensions

Question 45

Use email, instant messaging, or other social media to try to gather information such as login credentials or account
information

Answer 45

phishing