SEC+ Revision Questions System Security Threats Flashcards

1
Q

Which type of threat is mitigated by shredding paper documents?
A. Rootkit
B. Spyware
C. Shoulder surfing
D. Physical

A

Physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following statements are true? (Choose two.)
A. Worms log all typed characters to a text file.
B. Worms propagate themselves to other systems.
C. Worms can carry viruses.
D. Worms infect the hard disk MBR.

A

B. Worms propagate themselves to other systems.
C. Worms can carry viruses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

One of your users, Christine, reports that when she visits web sites, pop-up advertisements appear incessantly. After further investigation, you learn one of the web sites she had visited had infected Flash code. Christine asks what the problem was. What do you tell her caused the problem?
A. Cross-site scripting attack
B. Worm
C. Adware
D. Spyware

A

Adware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which description best defines a computer virus?
A. A computer program that replicates itself
B. A file with a .vbs file extension
C. A computer program that gathers user information
D. A computer program that runs malicious actions

A

A computer program that runs malicious actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An exploit connects to a specific TCP port and presents the invoker with an administrative command prompt. What type of attack is this?
A. Botnet
B. Trojan
C. Privilege escalation
D. Logic bomb

A

Privilege escalation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Ahmid is a software developer for a high-tech company. He creates a program that connects to a chat room and waits to receive commands that will gather personal user information. Ahmid embeds this program into an AVI file for a current popular movie and shares this file on a P2P file-sharing network. Once Ahmid’s program is activated as people download and watch the movie, what will be created?

A. Botnet
B. DDoS
C. Logic bomb
D. Worm

A

Botnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A user reports USB keyboard problems. You check the back of the computer to ensure the keyboard is properly connected and notice a small connector between the keyboard and the computer USB port. After investigation you learn this piece of hardware captures everything a user types in. What type of hardware is this?

A. Smartcard
B. Trojan
C. Keylogger
D. PS/2 converter

A

Keylogger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the difference between a rootkit and privilege escalation?

A. Rootkits propagate themselves.
B. Privilege escalation is the result of a rootkit.
C. Rootkits are the result of privilege escalation.
D. Each uses a different TCP port.

A

Privilege escalaton is the result of a rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following are true regarding backdoors? (Choose two.)
A. They are malicious code.
B. They allow remote users access to TCP port 25.
C. They are made accessible through rootkits.
D. They provide access to the Windows root account.

A

A. They are malicious code
C. Thay are made accessible through rootkits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

You are hosting an IT security meeting regarding physical server room security. A colleague, Syl, suggests adding CMOS hardening to existing server security policies. What kind of security threat is Syl referring to?

A. Changing the amount of installed RAM
B. Changing CPU throttling settings
C. Changing the boot order
D. Changing power management settings

A

Changing the boot order

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You are the IT security officer for a government department. You are amending the USB security policy. Which items apply to USB security? (Choose two.)
A. Disallow external USB drives larger than 1TB.
B. Disable USB ports.
C. Prevent corporate data from being copied to USB devices unless USB device encryption is enabled.
D. Prevent corporate data from being copied to USB devices unless USB port encryption is enabled.

A

C. Prevent corporate data from being copied to USB devices unless USB device encryption is enabled.

D. Prevent corporate data from being copied to USB devices unless USB port encryption is enabled.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following are not considered serious cell phone threats? (Choose two.)
A. Hackers with the right equipment posing as cell towers
B. Having Bluetooth enabled
C. Changing the boot order
D. Spyware

A

B. Having Bluetooth enabled
C. Changing the boot order

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is defined as the transmission of unwelcome bulk messages?
A. Worm
B. Ping of death
C. Spam
D. DOS

A

Spam

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which technology separates storage from the server?
A. Router
B. Switch
C. NAS
D. Wireless router

A

NAS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You are responsible for determining what technologies will be needed in a new office space. Employees will need a single network to share data, traditional voice calls, VoIP calls, voice mailboxes, and other services such as call waiting and call transfer. What type of service provides this functionality?

A. Ethernet switch
B. PBX
C. NAS
D. Router

A

PBX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Botnets can be used to set what type of coordinated attack in motion?

A. DDoS
B. Cross-site scripting
C. Privilege escalation
D. Rootkit

A

DDoS

17
Q

As a Windows administrator, you configure a Windows networking service to run with a specially created account with limited rights. Why would you do this?

A. To prevent computer worms from entering the network.
B. To prevent a hacker from receiving elevated privileges because of a compromised network service.
C. Windows networking services will not run with administrative rights.
D. Windows networking services must run with limited access.

A

To prevent a hacker from receiving elevated privileges because of a compromised network service.

18
Q

Discovered in 1991, the Michelangelo virus was said to be triggered to overwrite the first 100 hard disk sectors with null data each year on March 6, the date of the Italian artist’s birthday. What type of virus is Michelangelo?

A. Zero day
B. Worm
C. Trojan
D. Logic bomb

A

Logic bomb

19
Q

The Stuxnet attack was discovered in June 2010. Its primary function is to hide its presence while reprogramming industrial computer systems. The attack is believed to be spread through USB flash drives, where it transmits copies of itself to other hosts. To which of the following does Stuxnet apply? (Choose two.)

A. Rootkit
B. Spam
C. Worm
D. Adware

A

Rootkit & Worm

20
Q

A piece of malicious code uses dictionary attacks against computers to gain access to administrative accounts. The code then links compromised computers together for the purpose of receiving remote commands. What term best applies to this malicious code?

A. Exploit
B. Botnet
C. Logic bomb
D. Backdoor

A

Botnet

21
Q

Windows 8 User Account Control (UAC) allows users to change Windows settings but displays prompts when applications attempt to configure the operating system. Which of the following is addressed by UAC?

A. Privilege escalation
B. Adware
C. Spyware
D. Worms

A

Privilege escalation

22
Q

Which of the following items are affected by spyware? (Choose two.)

A. Memory
B. IP address
C. Computer name
D. Network bandwidth

A

Memory & Network bandwidth

23
Q

Juanita uses the Firefox web browser on her Linux workstation. She reports that her browser home page keeps changing to web sites offering savings on consumer electronic products. Her virus scanner is running and is up to date. What is causing this problem?

A. Firefox on Linux automatically changes the home page every two days.
B. Juanita is experiencing a denial-of-service attack.
C. Juanita’s user account has been compromised.
D. Juanita’s browser configuration is being changed by adware.

A

Juanita’s browser configuration is being changed by adware.

24
Q

Which of the following is true regarding Trojan software?
A. It secretly gathers user information.
B. It is self-replicating.
C. It can be propagated through peer-to-peer file sharing networks.
D. It automatically spreads through Windows file and print sharing networks.

A

It can be propagated through peer-to-peer file sharing networks.

25
Q

While attempting to access documents in a folder on your computer, you notice all of your files have been replaced with what appear to be random filenames. In addition, you notice a single text document containing payment instructions that will result in the decryption of your files. What type of malicious software is described in this scenario?

A. Cryptoware
B. Malware
C. Criminalware
D. Ransomware

A

Ransomware

26
Q

What type of malware dynamically alters itself to avoid detection?
A. Chameleon malware
B. Polymorphic malware
C. Changeling malware
D. Armored virus

A

Polymorphic malware

27
Q

Which of the following actions would not reduce the likelihood of malware infection? (Choose all that apply.)

A. Keeping virus definitions up to date
B. Scanning removable media
C. Encrypting hard disk contents
D. Using NAT-capable routers

A

C. Encrypting hard disk contents
D. Using NAT-capable routers

28
Q
A