Related Questions
Q57:
Which of the following sequence of events best describes an online intrusion? A) Malware enters the device, and then opens a backdoor, which opens a communications link on the device that a hacker can exploit. B) A backdoor is opened on the device locally, which allows malware to be loaded onto the device by a hacker. C) A USB drive containing a trojan is inserted into a device, which opens a backdoor allowing a hacker access to the device. D) None of the above.
Q58:
__________ are standalone programs that masquerade as useful utilities or applications.
Q59:
Once you have installed antivirus software, you don't typically need to keep it running full time in the background.
Q60:
A(n) ________________ takes place when an unauthorized person gains access to a digital device by using an Internet connection and exploiting vulnerabilities in hardware or software. A) address spoofing exploit B) online intrusion C) brute force attack D) rogue antivirus
Q61:
A(n) __________ pings a packet of data to a port in order to see if that port is open or not. A) rootkit B) port scan C) virus signature D) heuristic analysis
Q63:
Which of the following can be used to block unauthorized access while allowing authorized communications on a device or network? A) Network router B) Personal firewall C) Hardware that uses NAT (network address translation) D) All of the above
Q64:
Hackers can use ports to communicate with devices in botnets.
Q65:
A(n) _____________ is a hacker's LAN server that is designed to look like a legitimate Wi-Fi hotspot.
Q66:
A botnet has a server that is controlled by hackers.
Q67:
If you suspect that your computer might be infected by a zero-day exploit, launching a(n) _______________ with a product such as Malwarebytes might identify the infection. A) on-demand scan B) rootkit C) botnet D) DDoS
Which of the following terms would best match this definition: Transforms a message or data file in such a way that | encryption |
An original message or file that has not yet been encrypted is referred to as ciphertext. | false |
A cryptographic ________ is a word, number, or phrase that must be known to encrypt or decrypt data. | key |
There are various encryption methods, but __________ is the encryption standard currently used worldwide. | AES |
A cryptographic __________ is a procedure for encryption or decryption. | algorithm |
Which of the following is not an example of an authentication protocol? | password, PINs, fingerprint scanner |
The single most effective security measure for digital devices is to password protect access to them. | true |
Passwords used as encryption ________ help to make hijacked data unusable. | keys |
Android devices automatically encrypt data stored on the device when a user activates the login password. | false |
It is not possible to encrypt a Windows hard drive volume. | false |
OS X devices include a utility that automatically encrypts data stored locally. | true |
A(n) _______ password is difficult to hack. | strong |
Conventional wisdom tells us that strong passwords are at least _____ characters in length and include one or | eight |
Which of the following type of attack uses passwordcracking software to generate every possible combination of | brute force |
Which of the following is not a characteristic of a weak password? | eight characters in length and include one or more uppercase letters, numbers and symbols |
Brute force attacks methodically try every possible password until the correct one is found | true |
Password _________ is a measure in bits of a password’s unpredictability. | entropy |
Password entropy is a measure in _____ of a password’s unpredictability | bits |
If you want to store passwords on your digital device, make sure to _________ the file in which they are stored. | encrypt |
If you feel more secure with a totally random and unique password for each of your logins, then a(n) | password manager |
The core function of a password manager is to store user IDs with their corresponding ________. | passwords |
Password managers can generate unique passwords that have very good entropy | true |
Password managers store passwords in a(n) _________ file | enrypted |
If you use a password manager, what do you as the user need to remember? | the master password |
A password manager can store passwords in an encrypted file located at which of the following storage locations? | local storage, cloud storage, USB storage |
________ refers to any computer program designed to surreptitiously enter a digital device. | malware |
The action carried out by malware code is referred to as a(n) _______. | payload |
Common classifications of _________ include viruses, worms, and trojans. | malware |
A computer _________ is a set of selfreplicating program instructions that surreptitiously attaches itself to a | virus |
n addition to replicating itself, a virus selfdistributing. | false |
Viruses spread themselves from one device to another | false |
__________ is the process of modifying an executable file or data stream by adding additional commands | code injection |
What is the process called when an app from a source other than an official app store is installed on a device? | side-loading |
any code that is designed to hide the existence of processes and privileges is referred to as a(n) _______. | rootkit |
A key characteristic of viruses is their ability to lurk in a device for days or months, quietly replicating themselves. | true |
A computer _______ is a selfreplicating, selfdistributing program designed to carry out unauthorized activity on a | worm |
. Which of the following is not a characteristic of a computer worm? | spread through a process called side-loading |
Stuxnet is a notorious computer _______. | worm |
Similar to a worm, a trojan is not designed to spread itself to other devices. | false |
Most trojans are not designed to replicate themselves | true |
A(n) __________ is a computer program that seems to perform one function while actually doing something else. | trojan |
_________ are standalone programs that masquerade as useful utilities or applications | trojan |
Trojans depend on ________ to spread. | social engineering |
A(n) _________ is designed to deliver malicious code into a device. | dropper |
Any data entering a digital device could be malware. | true |
The best defense against malware is _____________ | antivirus software |
A virus __________ is a section of program code that contains a unique series of instructions known to be part of | signature |
Antivirus software can use techniques called__________ to detect malware by analyzing the characteristics and | heuristic analysis |
One method of heuristic analysis allows the suspicious file to run in a guarded environment called a(n) | sandbox |
Heuristics may produce false positives that mistakenly identify a legitimate file as malware | true |
When antivirus software detects malware, which of the following would not be a course of action you could take? | conduct a heuristic analysis |
Once you have installed antivirus software, you don’t typically need to keep it running full time in the background | false |
A virus __________ usually arrives as an email message that contains warnings about a supposedly new virus. | hoax |
A(n) ________________ takes place when an unauthorized person gains access to a digital device by using an | online intrusion |
Which of the following sequence of events best describes an online intrusion? | malware enters the device, then opens a backdoor, leading to an open communication link on the device that a hacker can exploit |
A ___________ is malware that arrives in a trojan disguised as legitimate software and sets up a secret | RAT |
A(n) __________ is an undocumented method of accessing a digital device. | backdoor |
RATs can be used to create a backdoor to a victim’s device that takes control of the device’s camera. | true |
If you are traveling and expect to access files on a computer that you’ve left at home, make sure the remote | false |
Which type of device is the top target for ransomware? | smartphones |
___________ locks a device and then requests payment for an unlocking code | ransomware |
Hackers who gain control over several computers can organize them into a clientserver network known as a(n) | botnet |
A botnet has a server that is controlled by hackers. | true |
______ can be used to flood a Web site with so much traffic that it can no longer provide its intended service | DDoS, botnets, and commands from a botmaster |
Correctly installed antivirus software will prevent all intrusions. | false |
Antivirus software cannot be expected to block threats that do not arrive in the form of malware. | true |
A(n) ______________ attack exploits previously unknown vulnerabilities in software applications, hardware, and | zero-day |
_____________ software shields certain applications against behaviors commonly exhibited by intrusions | anti-exploit |
Hackers can use ports to communicate with devices in botnets | true |
A(n) __________ pings a packet of data to a port in order to see if that port is open or not. | port scan |
. A network utility called ______________ produces a detailed list of open ports on a device. | netstat |
A(n) __________ is a device or software that is designed to block unauthorized access while allowing authorized | firewall |
Which of the following can be used to block unauthorized access while allowing authorized communications on a | network router, personal firewall and hardware that uses a NAT |
Any software that secretly gathers personal information without the victim’s knowledge is classified as | spyware |
Which of the following would be considered spyware? | a keylogger |
MITM attacks include which of the following | address spoofing, IMSI catchers, evil twins |
The objective of a MITM attack is for a third party to block communications between two entities. | false |
A(n) _____________ is a LAN server that is designed to look like a legitimate WiFi hotspot | evil twin |
To establish a(n) ________, hackers set up an unsecured WiFi hotspot complete with an Internet connection. | evil twin |
__________ changes an originating address or a destination address to redirect the flow of data between two | address spoofing |
If a hacker intercepts encrypted data by way of a MITM attack, the contents of that data is not always secure. | true |
The current method of encrypting communication between a client and a server depends on a security protocol | TLS |
_______ is a 64bit number that uniquely identifies a cellular device. | IMSI |
IMSI catchers are operated by cellular service companies. | false |
______________ is a deceptive practice that exploits human psychology by inducing victims to interact with a | social engineering |
____________ is a term for a person who devises and carries out a scam in order to accomplish a goal. | NOT main-in-the-middle, internet worm or RAT |
Social engineering attacks prey on human vulnerabilities | true |
A social engineering scam called ___________ is when a victim is promised a large sum of money in exchange | advance fee fraud |
__________ is defined as unsolicited messages that are usually sent in massive numbers using electronic mail | spam |
Spam sent by scammers often uses spoofed email addresses. | true |
Most massmailing databases are legitimately compiled from customer lists. | false |
Spam accounts for approximately ______ of all email. | 70% |
The CANSPAM Act is considered an effective means of controlling the volume of spam on the Internet. | false |
___________ is a term describing spam that uses a false pretext to trick victims into participating. | pretexting |
Most ISPs and email services do not use filtering techniques to block spam. | false |
A spam __________ uses a set of rules to examine email messages and determine which are spam. | filter |
Which of the following is not a type of spam filter? | entropy |
Blacklist and header filtering is usually performed by email clients and Webmail services. | false |
. ________ is an email scam that masquerades as a message from a legitimate source. | phishing |
_________ redirects Web site traffic to fraudulent Web sites | pharming |
Pharming attacks carried out by DNS spoofing can be detected by antivirus software or spyware removal | false |
____________ is a service offered by Google that checks URLs against a list of suspicious Web site URLs. | safe browsing |
Microsoft uses a service called Safe Browsing to alert users about sites to avoid. | false |
. A ______________ exploit usually begins with a virus warning and an offer to disinfect the infected device. | rogue antivirus |
The most common types of PUPs and PUAs are toolbars and alternative browsers. | true |
What is the term used to describe unwanted software that installs along with the application software that you | PUP |