it security defense against the digital dark arts week 1 answers

Malicious Software

1. In the CIA Triad, "Confidentiality" means ensuring that data is:

  • accurate and was not tampered with.
  • available and that people can access it.
  • not accessible by unwanted parties.
  • accessible anonymously.

2. In the CIA Triad, "Integrity" means ensuring that data is:

  • available and that people can access it.
  • truthful and honest.
  • accurate and was not tampered with.
  • not accessible by unwanted parties.

3. In the CIA Triad, "Availability" means ensuring that data is:

  • available to anyone from anywhere.
  • available and people can access it.
  • not accessible by unwanted parties.
  • accurate and was not tampered with.

4. What's the relationship between a vulnerability and an exploit?

  • An exploit creates a vulnerability in a system.
  • An exploit takes advantage of a vulnerability to run arbitrary code or gain access.
  • They’re unrelated.
  • A vulnerability takes advantage of an exploit to run arbitrary code or gain access.

5. Which statement is true for both a worm and a virus?

  • They infect other files with malicious code.
  • They’re self-replicating and self-propagating.
  • They don’t cause any harm to the target system.
  • They’re undetectable by antimalware software.

6. Check all examples of types of malware:

  • Adware
  • Viruses
  • Worms
  • Key Generators

7. What are the characteristics of a rootkit? Check all that apply.

  • Is harmless
  • Is difficult to detect
  • Is destructive
  • Provides elevated credentials

8. A person at a coffee shop leaves a laptop logged in with a token and walks away for a short time. An attacker goes to the laptop and starts impersonating the laptop’s user on the website the user is logged into. What kind of attack is this?

  • A ransomware attack.
  • A rogue AP attack
  • A session hijacking attack
  • A trojan attack.

9. Which one of these shows why a DNS cache poisoning attack is dangerous?

  • It lets attackers access a site’s database and cause damage by using database commands.
  • It allows an attacker to remotely control your computer.
  • It’s not actually dangerous.
  • It allows an attacker to redirect targets to malicious web servers.

10. Which of the following is true of a DDoS attack?

  • This type of attack is used to steal a token and hijack a session.
  • The attack is used to redirect web traffic to sites run by attackers.
  • The attack traffic comes from lots of different hosts.
  • The attack comes from one source sending a flood of SYN packets.

11. Which one of the following results from a denial-of-service attack?

  • Service unreachable
  • Email address theft
  • Data destruction
  • Malware infection

12. Which of these describes a rogue AP attack?

  • An attacker uses a form of malware to perform admin level modification to a victim’s operating system.
  • A user tries to get to a service, but the service can’t be reached because an attacker has overloaded it with packets
  • An employee at a company plugs a router into the company network to make a simple wireless network. An attacker standing outside the building takes advantage of this and goes onto the wireless network.
  • Company employees think they are connecting to the company network, but they are connecting to a fake, identical network controlled by an attacker.

13. How can you protect against client-side injection attacks? Check all that apply.

  • Use a SQL database
  • Use data sanitization
  • Utilize strong passwords
  • Use input validation.

14. An attacker uses software that continuously tries different combinations of characters to gain access to something password protected. What kind of attack is this?

  • A brute-force attack
  • A POD (Ping of Death) attack
  • A dictionary attack
  • A baiting attack

15. Which of these are devices that let employees enter buildings and restricted areas and access secured computer systems at any time, day or night?

  • Door locks
  • Equipment locks
  • Badge readers
  • Bollards

16. Two people arrive at a building saying they are repair workers. An employee trusts them and lets them in. As soon as they have access to the building, they hack into a computer and steal confidential information. What kind of attack is this?

  • A tailgating attack
  • A spoofing attack
  • A zero day vulnerability attack
  • A phishing attack

17. Which of these is an XSS (Cross-site scripting) injection attack?

  • An attack where attackers fool an employee into letting them into a restricted area or building
  • An attack that targets a whole website and uses database commands to delete or steal data and run other malicious commands
  • An attack that overloads a system with ICMP echo requests to overwhelm it, and to prevent legitimate users from accessing it.
  • An attack that inserts malicious code into a website and targets the users of a service

18. An IT professional makes a backup of critical information from a company’s system so it can still be accessed if the system is attacked. Which key principle for designing information security policies does this represent?

  • The availability principle
  • The intelligence principle
  • The risk principle
  • The integrity principle

19. Which of the following is true of black hat and white hat hackers?

  • Black hats are malicious. White hats identify weaknesses to help mitigate threats.
  • Black hats try to find weaknesses, but white hats don’t.
  • Neither black hats nor white hats can be trusted.
  • Black hats work with owners to fix problems. White hats just try to get into a system.

20. After a user downloads a free software product, the computer’s browser automatically opens and jumps to random product pages. What kind of malicious software is this?

  • Adware
  • A worm
  • A Keylogger
  • A rootkit

21. An unhappy systems administrator installed malware that attacked after a timed event, rather than when it was installed. What type of malware does this describe?

  • Ransomware
  • A logic bomb
  • A rootkit
  • Spyware

22. A victim connects to a network they think is legitimate, but the network is really an identical network controlled by a hacker. What type of network attack are they a victim of?

  • A Denial of Service (DoS)
  • A logic bomb
  • An evil twin
  • DNS cache poisoning

23. Which type of network-based attack prevents legitimate users from accessing a system by overwhelming the network?

  • A brute force password attack
  • An injection attack
  • A Denial of Service (DoS) attack
  • A malware attack

24. An attacker sends a large number of SYN packets, but does not send any ACK messages back. The connection stays open and uses up the source’s resources. What is this attack called?

  • A zero day exploit
  • A half-open attack
  • A DNS cache poisoning attack
  • A ping flood

25. Which of the following measures can prevent injection attacks? Select all that apply.

  • Data sanitization
  • Log analysis systems
  • Input validation
  • Flood guards

26. What kind of attack keeps trying different combinations of characters and letters until it gets password access to a system?

  • An Injection attack
  • A phishing attack
  • A dictionary attack
  • A brute force attack

27. An email message tells a user there is a problem with the user’s bank account. The email directs the user to a login page that steals the user’s information. What is this called?

  • Phishing
  • Tailgating
  • Injection
  • Denial of Service

28. Which of the following is an example of the CIA triad’s confidentiality principle in action?

  • Preventing an unwanted download
  • Making sure data hasn’t been tampered with
  • Protecting online accounts with a password
  • Preventing data loss

29. Which of the following is an example of a zero-day vulnerability?

  • A user accidentally loads malware onto a computer that logs the user’s keypresses and uses them to get confidential information.
  • After a user downloads and starts a piece of software, it starts showing ads and collecting data.
  • A group of hackers finds a flaw in a new software product and takes advantage of it before the vendor or developer finds it.
  • A user voluntarily downloads a piece of software hoping it will be useful, but instead it lets hackers access the user’s computer.

30. What kind of malware can block access to data and decrease the availability of security by holding the system hostage?

  • Spyware
  • A logic bomb
  • Ransomware
  • Adware

31. What is it called when a hacker gets into a system through a secret entryway to gain remote access to the computer?

  • Ransomware
  • A backdoor
  • Adware
  • A Trojan

32. Which of the following best helps you strengthen your password?

  • Use passwords from a precompiled list
  • Incorporate symbols, numbers, and capital letters
  • Choose the name of a favorite movie as a password
  • Use the name of a beloved pet as a password

33. An attacker leaves a flash drive loaded with malware on a table. Someone plugs the drive into their computer to see what’s on it and accidentally installs malware. What kind of attack is this?

  • Baiting
  • DDoS
  • Phishing
  • Tailgating

34. What's the difference between a virus and a worm?

  • Worms replicate through files, but viruses live on their own.
  • Viruses do not replicate, but worms do.
  • Worms replicate, but viruses do not.
  • Viruses replicate through files, but worms live on their own.

35. An employee at a company plugs a router into the corporate network to make a simple wireless network. An attacker outside the building uses it to get access to the corporate network. What is the name of this type of attack?

  • SYN flood attack
  • A rogue AP (Access Point) attack
  • A Denial-of-Service (DoS) attack
  • A DNS cache poisoning attack

36. Which of the following can occur during a ping of death (POD) attack? Select all that apply.

  • Phishing
  • Baiting
  • A buffer overflow
  • Execution of malicious code

37. What is it called when a hacker takes down multiple services very quickly with the help of botnets?

  • Distributed denial-of-service (DDoS)
  • Cross-site Scripting (XSS)
  • A SQL injection
  • A password attack

38. If a hacker targets a vulnerable website by running commands that delete the website's data in its database, what type of attack did the hacker perform?

  • Cross-site Scripting (XSS)
  • SQL injection
  • A dictionary attack
  • A Denial-of-Service (DoS) attack

39. Fill in the blank: Phishing, spoofing, and tailgating are examples of ________ attacks.

  • Network
  • Social engineering
  • Malware
  • Injection

40. In the terminology of information security, what is a vulnerability?

  • The possibility of suffering a loss in the event of an attack
  • A program that entices users to download it, then installs malware on their systems
  • A piece of malware that records each keypress by the user and gathers confidential information
  • A flaw in the code of an application that can be exploited

41. What is a tool that protects passwords by checking whether the input is coming from a machine or a human?

  • A firewall
  • A CAPTCHA
  • A key logger
  • Antimalware software

42. Which one of the following is a type of DoS attack?

  • A brute force attack
  • A rogue AP attack
  • A SYN flood attack
  • A DNS cache poisoning attack

Leave a Reply