SEC+ Revision Questions System Security Threats Flashcards
Which type of threat is mitigated by shredding paper documents?
A. Rootkit
B. Spyware
C. Shoulder surfing
D. Physical
Physical
Which of the following statements are true? (Choose two.)
A. Worms log all typed characters to a text file.
B. Worms propagate themselves to other systems.
C. Worms can carry viruses.
D. Worms infect the hard disk MBR.
B. Worms propagate themselves to other systems.
C. Worms can carry viruses.
One of your users, Christine, reports that when she visits web sites, pop-up advertisements appear incessantly. After further investigation, you learn one of the web sites she had visited had infected Flash code. Christine asks what the problem was. What do you tell her caused the problem?
A. Cross-site scripting attack
B. Worm
C. Adware
D. Spyware
Adware
Which description best defines a computer virus?
A. A computer program that replicates itself
B. A file with a .vbs file extension
C. A computer program that gathers user information
D. A computer program that runs malicious actions
A computer program that runs malicious actions
An exploit connects to a specific TCP port and presents the invoker with an administrative command prompt. What type of attack is this?
A. Botnet
B. Trojan
C. Privilege escalation
D. Logic bomb
Privilege escalation
Ahmid is a software developer for a high-tech company. He creates a program that connects to a chat room and waits to receive commands that will gather personal user information. Ahmid embeds this program into an AVI file for a current popular movie and shares this file on a P2P file-sharing network. Once Ahmid’s program is activated as people download and watch the movie, what will be created?
A. Botnet
B. DDoS
C. Logic bomb
D. Worm
Botnet
A user reports USB keyboard problems. You check the back of the computer to ensure the keyboard is properly connected and notice a small connector between the keyboard and the computer USB port. After investigation you learn this piece of hardware captures everything a user types in. What type of hardware is this?
A. Smartcard
B. Trojan
C. Keylogger
D. PS/2 converter
Keylogger
What is the difference between a rootkit and privilege escalation?
A. Rootkits propagate themselves.
B. Privilege escalation is the result of a rootkit.
C. Rootkits are the result of privilege escalation.
D. Each uses a different TCP port.
Privilege escalaton is the result of a rootkit
Which of the following are true regarding backdoors? (Choose two.)
A. They are malicious code.
B. They allow remote users access to TCP port 25.
C. They are made accessible through rootkits.
D. They provide access to the Windows root account.
A. They are malicious code
C. Thay are made accessible through rootkits
You are hosting an IT security meeting regarding physical server room security. A colleague, Syl, suggests adding CMOS hardening to existing server security policies. What kind of security threat is Syl referring to?
A. Changing the amount of installed RAM
B. Changing CPU throttling settings
C. Changing the boot order
D. Changing power management settings
Changing the boot order
You are the IT security officer for a government department. You are amending the USB security policy. Which items apply to USB security? (Choose two.)
A. Disallow external USB drives larger than 1TB.
B. Disable USB ports.
C. Prevent corporate data from being copied to USB devices unless USB device encryption is enabled.
D. Prevent corporate data from being copied to USB devices unless USB port encryption is enabled.
C. Prevent corporate data from being copied to USB devices unless USB device encryption is enabled.
D. Prevent corporate data from being copied to USB devices unless USB port encryption is enabled.
Which of the following are not considered serious cell phone threats? (Choose two.)
A. Hackers with the right equipment posing as cell towers
B. Having Bluetooth enabled
C. Changing the boot order
D. Spyware
B. Having Bluetooth enabled
C. Changing the boot order
What is defined as the transmission of unwelcome bulk messages?
A. Worm
B. Ping of death
C. Spam
D. DOS
Spam
Which technology separates storage from the server?
A. Router
B. Switch
C. NAS
D. Wireless router
NAS
You are responsible for determining what technologies will be needed in a new office space. Employees will need a single network to share data, traditional voice calls, VoIP calls, voice mailboxes, and other services such as call waiting and call transfer. What type of service provides this functionality?
A. Ethernet switch
B. PBX
C. NAS
D. Router
PBX