1. What type of attack uses zombies?
- Trojan horse
- SEO poisoning
- Spear phishing
- DDoS *
2. What is the best description of Trojan horse malware?
- It is the most easily detected form of malware.
- It appears as useful software but hides malicious code. *
- It is malware that can only be distributed over the Internet.
- It is software that causes annoying but not fatal computer problems.
3. What is the purpose of a rootkit?
- To masquerade as a legitimate program
- To deliver advertisements without user consent
- To replicate itself independently of any other programs
- To gain privileged access to a device while concealing itself *
4. When describing malware, what is a difference between a virus and a worm?
- A virus focuses on gaining privileged access to a device, whereas a worm does not.
- A virus replicates itself by attaching to another file, whereas a worm can replicate itself independently. *
- A virus can be used to launch a DoS attack (but not a DDoS), but a worm can be used to launch both DoS and DDoS attacks.
- A virus can be used to deliver advertisements without user consent, whereas a worm cannot.
5. What is an example of “hacktivism”?
- Criminals use the Internet to attempt to steal money from a banking company.
- A country tries to steal defense secrets from another country by infiltrating government networks.
- A teenager breaks into the web server of a local newspaper and posts a picture of a favorite cartoon character.
- A group of environmentalists launch a denial-of-service attack against an oil company that is responsible for a large oil spill. *
6. What is the purpose of a reconnaissance attack on a computer network?
- To steal data from the network servers
- To prevent users from accessing network resources *
- To redirect data traffic so that it can be monitored
- To gather information about the target network and system
7. Which tool is used to provide a list of open ports on network devices?
- Nmap *
8. Which type of attack allows an attacker to use a brute-force approach?
- Packet sniffing
- Social engineering
- Denial of service
- Password cracking *
9. Which term is used to describe the act of sending an email message in an attempt to divulge sensitive information from someone?
- Phishing *
- DoS attack
- Script kiddie
10. What is the significant characteristic of worm malware?
- A worm can execute independently of the host system. *
- Worm malware disguises itself as legitimate software.
- A worm must be triggered by an event on the host system.
- Once installed on a host system, a worm does not replicate itself.
11. A network administrator detects unknown sessions involving port 21 on the network. What could be causing this security breach?
- An FTP Trojan horse is executing. *
- A reconnaissance attack is occurring.
- A denial-of-service attack is occurring.
- Cisco Security Agent is testing the network.
12. Which example illustrates how malware might be concealed?
- A botnet of zombies carry personal information back to the hacker.
- An attack is launched against the public website of an online retailer with the objective of blocking its response to visitors.
- A hacker uses techniques to improve the ranking of a website so that users are redirected to a malicious site.
- An email is sent to the employees of an organization with an attachment that looks like an antivirus update, but the attachment actually consists of spyware. *
13. Which type of security threat can be described as software that attaches itself to another program to execute a specific unwanted function?
- Virus *
- Proxy Trojan horse
- Denial-of-service Trojan horse
14. What type of malware has the primary objective of spreading across the network?
- Trojan horse
15. Why would a rootkit be used by a hacker?
- to gain access to a device without being detected
- to do reconnaissance
- to reverse engineer binary files
- to try to guess a password
16. Which type of hacker is motivated to protest against political and social issues?
- script kiddie
- vulnerability broker
17. What is a characteristic of a Trojan horse as it relates to network security?
- Extreme quantities of data are sent to a particular network device interface.
- An electronic dictionary is used to obtain a password to be used to infiltrate a key network device.
- Too much information is destined for a particular memory block, causing additional memory areas to be affected.
- Malware is contained in a seemingly legitimate executable program.
18. What is a botnet?
- a group of web servers that provide load balancing and fault tolerance
- an online video game intended for multiple players
- a network that allows users to bring their own technology
- a network of infected computers that are controlled as a group
19. Which type of Trojan horse security breach uses the computer of the victim as the source device to launch other attacks?
20. What is the primary goal of a DoS attack?
- to prevent the target server from being able to handle additional requests
- to scan the data on the target server
- to facilitate access to external networks
- to obtain all addresses in the address book within the server
21. What is a main purpose of launching an access attack on network systems?
- to prevent other users from accessing the system
- to scan for accessible networks
- to gather information about the network
- to retrieve data
22. What causes a buffer overflow?
- launching a security countermeasure to mitigate a Trojan horse
- attempting to write more data to a memory location than that location can hold
- sending repeated connections such as Telnet to a particular device, thus denying other data sources
- sending too much information to two or more interfaces of the same device, thereby causing dropped packets
- downloading and installing too many software updates at one time
23. A company pays a significant sum of money to hackers in order to regain control of an email and data server. Which type of security attack was used by the hackers?
- Trojan horse
24. What is the term used to describe an email that is targeting a specific person employed at a financial institution?
- target phishing
- spear phishing
25. Which access attack method involves a software program that attempts to discover a system password by the use of an electronic dictionary?
- packet sniffer attack
- denial of service attack
- buffer overflow attack
- brute-force attack
- port redirection attack
- IP spoofing attack
26. In what way are zombies used in security attacks?
- They are infected machines that carry out a DDoS attack.
- They are maliciously formed code segments used to replace legitimate applications.
- They target specific individuals to gain corporate or personal information.
- They probe a group of machines for open ports to learn which services are running
27. What are two evasion methods used by hackers? (Choose two.)
- access attack
- resource exhaustion
28. What are two purposes of launching a reconnaissance attack on a network? (Choose two.)
- to retrieve and modify data
- to scan for accessibility
- to escalate access privileges
- to prevent other users from accessing the system
- to gather information about the network and devices
29. What are three techniques used in social engineering attacks? (Choose three.)
- buffer overflow
- sending junk email
30. An attacker is using a laptop as a rogue access point to capture all network traffic from a targeted user. Which type of attack is this?
- port redirection
- trust exploitation
- buffer overflow
- man in the middle
31. A user is curious about how someone might know a computer has been infected with malware. What are two common malware behaviors? (Choose two.)
- The computer emits a hissing sound every time the pencil sharpener is used.
- The computer freezes and requires reboots.
- No sound emits when an audio CD is played.
- The computer gets increasingly slower to respond.
- The computer beeps once during the boot process.
32. Which type of security attack would attempt a buffer overflow?
33. What is a significant characteristic of virus malware?
- Virus malware is only distributed over the Internet.
- Once installed on a host system, a virus will automatically propagate itself to other systems.
- A virus is triggered by an event on the host system.
- A virus can execute independently of the host system
34. A senior citizen receives a warning on the computer that states that the operating system registry is corrupt and to click a particular link to repair it. Which type of malware is being used to try to create the perception of a computer threat to the user?
35. What is the motivation of a white hat attacker?
- fine tuning network devices to improve their performance and efficiency
- taking advantage of any vulnerability for illegal personal gain
- studying operating systems of various platforms to develop a new system
- discovering weaknesses of networks and systems to improve the security level of these systems
36. What is a ping sweep?
- a network scanning technique that indicates the live hosts in a range of IP addresses.
- a query and response protocol that identifies information about a domain, including the addresses that are assigned to that domain.
- a software application that enables the capture of all network packets that are sent across a LAN.
- a scanning technique that examines a range of TCP or UDP port numbers on a host to detect listening services
37. What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?
38. What are the three major components of a worm attack? (Choose three.)
- an enabling vulnerability
- a propagation mechanism
- a payload
- a probing mechanism
- a penetration mechanism
- an infecting vulnerability
39. Which security threat installs on a computer without the knowledge of the user and then monitors computer activity?
Download PDF File below: