K05 - Host Security Enumeration

Question 1

What was the name of the first trojan program?

Answer 1

ANIMAL

Question 2

What was the name of the first PC virus?

Answer 2

brain

Question 3

What kind of software is designed to detect and destroy computer viruses?

Answer 3

antivirus

Question 4

________ exploits are vulnerabilities within software or hardware not discovered, reported, and/or a fix has not been created yet.

Answer 4

zero day

Question 5

How does antivirus software work?

Answer 5

scans

Question 6

Determine whether the scanning method described is On-demand or Real-Time: scans are executed by the user.

Answer 6

on demand

Question 7

Determine whether the scanning method described is On-demand or Real-Time: scans running in the background and constantly checking for viruses.

Answer 7

real time

Question 8

A(n) ______________ is hardware or software designed to monitor system activities in real time to detect malicious activity and behaviors.

Answer 8

intrusion detection system

Question 9

True/False: Splitting data in several packets over a network (Session Splicing) is a technique that can be used to evade an intrusion detection system.

Answer 9

true

Question 10

What is a software application that is used to store and manage the passwords that a user has for various online accounts and security features?

• Master Key
• Security vault
• Password manager
• ShopK33per

Answer 10

password manager

Question 11

The term ____________ is a broad term used to cover malicious softwares such as viruses, worms, and trojans.

Answer 11

malware

Question 12

List the malware type that best fits the following description: a type of malware that often takes the form of a piece of code inserted in an application, program, or system and is deployed by victims themselves.

Answer 12

virus

Question 13

List the malware type that best fits the following description: a type of malware that replicates itself, and can copy itself without any human interaction. It is not host-dependent.

Answer 13

worm

Question 14

List the malware type that best fits the following description: a type of malware disguised as legitimate software, application, or file to deceive users into downloading it and granting control of their device(s).

Answer 14

trojan

Question 15

List the malware type that best fits the following description: a type of malware that locks and encrypts a victim’s device or data and demands a ransom to restore access.

Answer 15

ransomware

Question 16

List the malware type that best fits the following description: a type of malware that infiltrates devices without the owner’s knowledge; often for the purpose of spying on internet activity, tracking login and password information, or collecting sensitive information that can be used for fraudulent purposes.

Answer 16

spyware

Question 17

True/False: DoS could be used to evade an IDS. Overloading the IDS with data could cause the IDS to reboot or miss entire sessions.

Answer 17

true

Question 18

What is a software application that stores passwords in an encrypted format and provides secure access to all the password information with the help of a master password?

• hash key
• Cipher
• Master Key
• Password manager

Answer 18

password manager

Question 19

True/False: Discovering and reporting a vulnerability allows organizations to develop a security remedy and implement it

Answer 19

true

Question 20

True/False: It is ideal to employ as many antiviruses and software applications as possible since they utilize minimal resources and will not slow down host machines.

Answer 20

false

Question 21

A(n) ______________ will be sent If a suspicious event is detected by an IDS.

• Alert
• Notification
• Email
• Verification code

Answer 21

alert

Question 22

True/False: Behavioral systems are highly effective against zero-day exploits since they do not require previous executions of a malware to recognize the attack.

Answer 22

false

Question 23

If malicious activity is found, an IPS will ____________ the unauthorized execution of the malicious processes.

• Log
• Flag
• Attempt to prevent
• Ignore

Answer 23

attempt to prevent

Question 24

A(n) _________ is a host-based security application on a local system and attempts to stop malicious activity from happening.

• Sniffer
• HIPS
• NBIDS
• Firewall

Answer 24

HIPS

Question 25

A host-based intrusion prevention system monitors the local operating system and applications for any malicious execution \_\_\_\_\_\_\_\_\_\_\_\_\_. * Behavior * Signatures * All of the above * None of the above

Answer 25

All of the above

Question 26

A system that passively monitors a local computer’s ingress and egress communications and applications to detect signatures is known as what? * HIDS * Firewall * IPS * Wireshark

Answer 26

HIDS

Question 27

List the network-based security component that matches the following description: A system that passively monitors the network and alerts on suspicious behavior or signatures.

Answer 27

NIDS

Question 28

List the network-based security component that matches the following description: Monitors the network for any malicious activity. If a malicious activity is found, it will prevent unauthorized execution.

Answer 28

NIPS

Question 29

List the network-based security component that matches the following description: Hardware or software barrier between the internal network from the external network. Administrators are able to configure rules that allow or deny specific traffic.

Answer 29

firewall

Question 30

List the network-based security component that matches the following description: A remote and secure connection to a network. Is achieved by using encryption over a public network, typically the internet.

Answer 30

virtual private network

Question 31

True/False Both HIPS and HIDS are used to actively block the access to files detected as malicious.

Answer 31

false