System Security Threats Flashcards
Which type of threat is mitigated by shredding paper documents?
Rootkit
Spyware
Physical
Physical
Shredding document prevents physical threats such as theft of those documents or acquiring information from them
Which of the following statements are true? (Choose two.)
Worms log all typed characters to a text file.
Worms propagate themselves to other systems.
Worms can carry viruses.
Worms infect the hard disk MBR.
Worms propagate themselves to other systems.
Worms can carry viruses.
Worms are programs that multiply and self-propagate over the network, and they sometimes carry viruses (the worm is the delivery mechanism, and viruses must be attached to a file)
One of your users, Christine, reports that when she visits web sites, pop-up advertisements appear incessantly. After further investigation, you learn one of the web sites she had visited had infected Flash code. Christine asks what the problem was. What do you tell her caused the problem?
Cross-site scripting attack
Worm
Adware
Adware
Adware is responsible for displaying pop-up advertisements pertaining to a user’s interest, usually as a result of spyware
Which description best defines a computer virus?
A computer program that replicates itself
A computer program that gathers user information
A computer program that runs malicious actions
A computer program that runs malicious actions
Viruses are applications that run malicious actions without user consent
An exploit connects to a specific TCP port and presents the invoker with an administrative command prompt. What type of attack is this?
Botnet
Trojan
Privilege escalation
Privilege escalation
Privilege escalation occurs when a user gains higher rights than she should have, either because she was given too many rights or because of a security flaw
Ahmid is a software developer for a high-tech company. He creates a program that connects to a chat room and waits to receive commands that will gather personal user information. Ahmid embeds this program into an AVI file for a current popular movie and shares this file on a P2P file-sharing network. Once Ahmid’s program is activated as people download and watch the movie, what will be created?
Botnet
DDoS
Logic bomb
Botnet
Botnets consist of computers infected with malware that are under hacker control
A user reports USB keyboard problems. You check the back of the computer to ensure the keyboard is properly connected and notice a small connector between the keyboard and the computer USB port. After investigating, you learn that this piece of hardware captures everything a user types in. What type of hardware is this?
Smartcard
Trojan
Keylogger
Keylogger
Hardware keyloggers capture every keystroke and store them in a chip
What is the difference between a rootkit and privilege escalation?
Rootkits propagate themselves.
Privilege escalation is the result of a rootkit.
Rootkits are the result of privilege escalation.
Privilege escalation is the result of a rootkit.
Rootkits conceal themselves from operating systems and allow remote access with escalated privileges
Which of the following are true regarding backdoors? (Choose two.)
They are malicious code.
They allow remote users access to TCP port 26.
They are made accessible through rootkits.
They provide access to the Windows root account.
They are malicious code.
They are made accessible through rootkits.
Malicious code produces undesired results, such as a rootkit providing access to a backdoor
You are hosting an IT security meeting regarding physical server room security. A colleague, Syl, suggests adding CMOS hardening to existing server security policies. What kind of security threat is Syl referring to?
Changing the amount of installed RAM
Changing CPU throttling settings
Changing the boot order
Changing the boot order
Changing the boot order means having the ability to boot through alternative means, thus bypassing any operating system controls
You are the IT security officer for a government department. You are amending the USB security policy. Which items apply to USB security? (Choose two.)
Disallow external USB drives larger than 1TB.
Disable USB ports.
Prevent corporate data from being copied to USB devices unless USB device encryption is enabled.
Prevent corporate data from being copied to USB devices unless USB port encryption is enabled.
Disable USB ports.
Prevent corporate data from being copied to USB devices unless USB device encryption is enabled.
Disabling USB ports on a system blocks malicious code on infected USB devices. Forcing USB device encryption ensures data confidentiality of departmental data
Which of the following are not considered serious cell phone threats? (Choose two.)
Hackers with the right equipment posing as cell towers
Having Bluetooth enabled
Changing the boot order
Ransomware
Having Bluetooth enabled
Changing the boot order
Enabling Bluetooth itself is not a threat any more than surfing the Web is. Most Bluetooth devices have security options such as passwords and device trust lists. You cannot change the “boot order” on a cell phone like you can on a computer system
What is defined as the transmission of unwelcome bulk messages?
Worm
Ping of death
Spam
Spam
Spam affects business productivity by consuming enormous amounts of bandwidth and storage space for unsolicited messages
Which technology separates storage from the server?
Router
Switch
NAS
NAS
Network attached storage (NAS) devices are network appliances that contain disks. Client and server operating systems can access this NAS using various protocols such as TCP/IP or Network File System (NFS)
You are responsible for determining what technologies will be needed in a new office space. Employees will need a single network to share data, traditional voice calls, VoIP calls, voice mailboxes, and other services such as call waiting and call transfer. What type of service provides this functionality?
Ethernet switch
PBX
NAS
PBX
A private branch exchange (PBX) offers telecommunication and data networking services in the form of hardware or software. PBXs may exist at the customer’s or provider’s premises