Security +

Question 1

What is the CIA triangle?

Answer 1

Confidentiality, Integrity, Availability. Loss of one one can lead to another.

Question 2

What are causes of compromised security?

Answer 2

Technology weaknesses, Configuration weaknesses, Policy weaknesses, Human Error or malice

Question 3

What are some of the biometric devices used?

Answer 3

Fingerprint scanner, hand geometry scanner, eye scanner (including retina and iris scanners), voice verification, signature verification, and DNA scan

Question 4

What are some Malware varieties?

Answer 4

Virus, Worm, Trojan horse, Logic bomb, Rootkit, Spyware, Adware, Keylogger, Botnet, Backdoor, Drive by download, zero day exploit

Question 5

What is a virus?

Answer 5

A computer virus is a destructive application that is loaded on your computer. A virus is a program, not data, and you can only catch a virus by running a program.

Question 6

Describe the structure of a virus

Answer 6

Replication - viruses must propagate themselves. Payload - the malicious activity a virus performs when triggered. Payload trigger - The date or counter or circumstances present when a virus payload goes off.

Question 7

What is DoS?

Answer 7

Denial of Service

Question 8

What is DDoS?

Answer 8

Distributed denial of service

Question 9

Name some examples of payload

Answer 9

Displaying messages, launching DDoS attack Erasing files randomly by type or usage, formatting hard drive, overwrite mainboard bios, sending email, expose private information

Question 10

What is encryption?

Answer 10

Converting to unreadable format

Question 11

Decryption

Answer 11

Converting back to readable format

Question 12

Algorithm

Answer 12

Procedure for encrypting or decrypting

Question 13

Cipher

Answer 13

Pair of encryption and decryption algorithms

Question 14

Cryptography

Answer 14

Science of encryption

Question 15

Phishing

Answer 15

the activity of defrauding an online account holder of financial information by posing as a legitimate company

Question 16

Whaling

Answer 16

A type of fraud that targets high-profile end users

Question 17

Vishing

Answer 17

The act of using the telephone in an attempt to scam the user into surrendering private information

Question 18

Steganography

Answer 18

Hidden messages, often plain text, concealed in images etc.

Question 19

Hashes

Answer 19

Fixed length derivation of plaintext

Question 20

Three factors for authentication

Answer 20

biometrics, cac card, password (something you are, something you have, something you know)

Question 21

What is the biggest authentication vulnerability

Answer 21

Failed password attempts that don’t result in banning

Question 22

What are some authentication vulnerabilities

Answer 22

Short and insecure passwords, reusing passwords, saved passwords, protocol and algorithm deficiencies, failed attempts that dont result in banning

Question 23

How many anivirus and anti spyware programs should you have?

Answer 23

one antivirus, and as many anti spyware as you want

Question 24

Give an example of a two factor password

Answer 24

CAC followed by biometrics

Question 25

What is a trojan horse?

Answer 25

A backdoor installed into your computer so that it can be controlled

Question 26

What is a worm?

Answer 26

Like a virus, but it self replicates continuously until it eventually crashes your computer

Question 27

When updating BIOS, what do you not want to do?

Answer 27

Do not turn off computer

Question 28

What is a botnet?

Answer 28

a network of private computers infected with malicious software and controlled as a group without the owners’ knowledge, e.g., to send spam messages

Question 29

Give some examples of physical access control

Answer 29

ID badges, proximity cards, smart cards, physical tokens, common access cards, biometrics

Question 30

What does social engineering mostly exploit?

Answer 30

Exploits trust between people

Question 31

What kind of malware is the most common?

Answer 31

Spyware (adware)