CCNA Cyber Ops (Version 1.1) – Chapter 6 Exam Answers Full

CCNA Cyber Ops (Version 1.1) – Chapter 6 Exam Answers Full
5 (2) vote[s]

How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question to find that question/answer.

NOTE: If you have the new question on this test, please comment Question and Multiple-Choice list in form below this article. We will update answers for you in the shortest time. Thank you! We truly value your contribution to the website.

1. What type of attack uses zombies?

  • Trojan horse
  • SEO poisoning
  • Spear phishing
  • DDoS *

D. The hacker infects multiple machines (zombies), creating a botnet. Zombies launch the distributed denial-of-service (DDoS) attack.

2. What is the best description of Trojan horse malware?

  • It is the most easily detected form of malware.
  • It appears as useful software but hides malicious code. *
  • It is malware that can only be distributed over the Internet.
  • It is software that causes annoying but not fatal computer problems.

B. The best description of Trojan horse malware, and what distinguishes it from viruses and worms, is that it appears as useful software but hides malicious code. Trojan horse malware may cause annoying computer problems, but can also cause fatal problems. Some Trojan horses may be distributed over the Internet, but they can also be distributed by USB memory sticks and other means. Specifically targeted Trojan horse malware can be some of the most difficult malware to detect.

3. What is the purpose of a rootkit?

  • To masquerade as a legitimate program
  • To deliver advertisements without user consent
  • To replicate itself independently of any other programs
  • To gain privileged access to a device while concealing itself *

D. Malware can be classified as follows:
Virus (self replicates by attaching to another program or file)
Worm (replicates independently of another program)
Trojan horse (masquerades as a legitimate file or program)
Rootkit (gains privileged access to a machine while concealing itself)
Spyware (collects information from a target system)
Adware (delivers advertisements with or without consent)
Bot (waits for commands from the hacker)
Ransomware (holds a computer system or data captive until payment is received)

4. When describing malware, what is a difference between a virus and a worm?

  • A virus focuses on gaining privileged access to a device, whereas a worm does not.
  • A virus replicates itself by attaching to another file, whereas a worm can replicate itself independently. *
  • A virus can be used to launch a DoS attack (but not a DDoS), but a worm can be used to launch both DoS and DDoS attacks.
  • A virus can be used to deliver advertisements without user consent, whereas a worm cannot.

B. Malware can be classified as follows:
Virus (self-replicates by attaching to another program or file)
Worm (replicates independently of another program)
Trojan horse (masquerades as a legitimate file or program)
Rootkit (gains privileged access to a machine while concealing itself)
Spyware (collects information from a target system)
Adware (delivers advertisements with or without consent)
Bot (waits for commands from the hacker)
Ransomware (holds a computer system or data captive until payment isreceived)

5. What is an example of “hacktivism”?

  • Criminals use the Internet to attempt to steal money from a banking company.
  • A country tries to steal defense secrets from another country by infiltrating government networks.
  • A teenager breaks into the web server of a local newspaper and posts a picture of a favorite cartoon character.
  • A group of environmentalists launch a denial-of-service attack against an oil company that is responsible for a large oil spill. *

D. Hacktivism is a term used to describe cyberattacks carried out by people who are considered political or ideological extremists. Hacktivists attack people or organizations that they believe are enemies to the hacktivist agenda.

6. What is the purpose of a reconnaissance attack on a computer network?

  • To steal data from the network servers
  • To prevent users from accessing network resources *
  • To redirect data traffic so that it can be monitored
  • To gather information about the target network and system

B. Preventing users from accessing network resources is a denial-of-service attack. Being able to steal data from the network servers may be the objective after a reconnaissance attack gathers information about the target network and system. Redirecting data traffic so it can be monitored is a man-in-the-middle attack.

7. Which tool is used to provide a list of open ports on network devices?

  • Nmap *
  • Ping
  • Whois
  • Tracert

A. The Nmap tool is a port scanner that is used to determine which ports are open on a particular network device. A port scanner is used before launching an attack.

8. Which type of attack allows an attacker to use a brute-force approach?

  • Packet sniffing
  • Social engineering
  • Denial of service
  • Password cracking *

D. Common ways used to crack Wi-Fi passwords include social engineering, brute-force attacks, and network sniffing.

9. Which term is used to describe the act of sending an email message in an attempt to divulge sensitive information from someone?

  • Phishing *
  • DoS attack
  • Hacktivisim
  • Script kiddie

A. Phishing uses deception to convince people to divulge information. Hactivism is hacking done for a specific cause such as political or social reasons. A script kiddie is an inexperienced hacker who uses free scripts, software, and tools. A denial-of-service (DoS) attack causes one or more services to be inaccessible or not work.

10. What is the significant characteristic of worm malware?

  • A worm can execute independently of the host system. *
  • Worm malware disguises itself as legitimate software.
  • A worm must be triggered by an event on the host system.
  • Once installed on a host system, a worm does not replicate itself.

A. Worm malware can execute and copy itself without being triggered by a host program. It is a significant network and Internet security threat.

11. A network administrator detects unknown sessions involving port 21 on the network. What could be causing this security breach?

  • An FTP Trojan horse is executing. *
  • A reconnaissance attack is occurring.
  • A denial-of-service attack is occurring.
  • Cisco Security Agent is testing the network.

A. Network security personnel must be familiar with port numbers in order to identify the service being attacked. Well-known port number 21 is used to initiate an FTP connection to an FTP server. Well-known port 20 is then used to transfer data between the two devices. If the device connecting to the FTP server is unknown and launching an attack, the type of attack might be an FTP Trojan horse.

12. Which example illustrates how malware might be concealed?

  • A botnet of zombies carry personal information back to the hacker.
  • An attack is launched against the public website of an online retailer with the objective of blocking its response to visitors.
  • A hacker uses techniques to improve the ranking of a website so that users are redirected to a malicious site.
  • An email is sent to the employees of an organization with an attachment that looks like an antivirus update, but the attachment actually consists of spyware. *

D. An email attachment that appears as valid software but actually contains spyware shows how malware might be concealed. An attack to block access to a website is a DoS attack. A hacker uses search engine optimization (SEO) poisoning to improve the ranking of a website so that users are directed to a malicious site that hosts malware or uses social engineering methods to obtain information. A botnet of zombie computers is used to launch a DDoS attack.

13. Which type of security threat can be described as software that attaches itself to another program to execute a specific unwanted function?

  • Worm
  • Virus *
  • Proxy Trojan horse
  • Denial-of-service Trojan horse

B. Viruses can be malicious and destructive or simply change something about the computer, such as words or images, and not necessarily cause thecomputer to malfunction. Viruses can be spread through shared media such as CDs or memory sticks, but can also be delivered via the Internet and email.

14. What type of malware has the primary objective of spreading across the network?

  • virus
  • worm
  • Trojan horse
  • botnet

15. Why would a rootkit be used by a hacker?

  • to gain access to a device without being detected
  • to do reconnaissance
  • to reverse engineer binary files
  • to try to guess a password

16. Which type of hacker is motivated to protest against political and social issues?

  • cybercriminal
  • script kiddie
  • vulnerability broker
  • hacktivist

17. What is a characteristic of a Trojan horse as it relates to network security?

  • Extreme quantities of data are sent to a particular network device interface.
  • An electronic dictionary is used to obtain a password to be used to infiltrate a key network device.
  • Too much information is destined for a particular memory block, causing additional memory areas to be affected.
  • Malware is contained in a seemingly legitimate executable program.

18. What is a botnet?

  • a group of web servers that provide load balancing and fault tolerance
  • an online video game intended for multiple players
  • a network that allows users to bring their own technology
  • a network of infected computers that are controlled as a group

19. Which type of Trojan horse security breach uses the computer of the victim as the source device to launch other attacks?

  • DoS
  • FTP
  • data-sending
  • proxy

20. What is the primary goal of a DoS attack?

  • to prevent the target server from being able to handle additional requests
  • to scan the data on the target server
  • to facilitate access to external networks
  • to obtain all addresses in the address book within the server

21. What is a main purpose of launching an access attack on network systems?

  • to prevent other users from accessing the system
  • to scan for accessible networks
  • to gather information about the network
  • to retrieve data

22. What causes a buffer overflow?

  • launching a security countermeasure to mitigate a Trojan horse
  • attempting to write more data to a memory location than that location can hold
  • sending repeated connections such as Telnet to a particular device, thus denying other data sources
  • sending too much information to two or more interfaces of the same device, thereby causing dropped packets
  • downloading and installing too many software updates at one time

23. A company pays a significant sum of money to hackers in order to regain control of an email and data server. Which type of security attack was used by the hackers?

  • DoS
  • spyware
  • Trojan horse
  • ransomware

24. What is the term used to describe an email that is targeting a specific person employed at a financial institution?

  • spam
  • spyware
  • vishing
  • target phishing
  • spear phishing

25. Which access attack method involves a software program that attempts to discover a system password by the use of an electronic dictionary?

  • packet sniffer attack
  • denial of service attack
  • buffer overflow attack
  • brute-force attack
  • port redirection attack
  • IP spoofing attack

26. In what way are zombies used in security attacks?

  • They are infected machines that carry out a DDoS attack.
  • They are maliciously formed code segments used to replace legitimate applications.
  • They target specific individuals to gain corporate or personal information.
  • They probe a group of machines for open ports to learn which services are running

27. What are two evasion methods used by hackers? (Choose two.)

  • scanning
  • encryption
  • access attack
  • phishing
  • resource exhaustion

28. What are two purposes of launching a reconnaissance attack on a network? (Choose two.)

  • to retrieve and modify data
  • to scan for accessibility
  • to escalate access privileges
  • to prevent other users from accessing the system
  • to gather information about the network and devices

29. What are three techniques used in social engineering attacks? (Choose three.)

  • vishing
  • phishing
  • pretexting
  • buffer overflow
  • man-in-the-middle
  • sending junk email

30. An attacker is using a laptop as a rogue access point to capture all network traffic from a targeted user. Which type of attack is this?

  • port redirection
  • trust exploitation
  • buffer overflow
  • man in the middle

31. A user is curious about how someone might know a computer has been infected with malware. What are two common malware behaviors? (Choose two.)

  • The computer emits a hissing sound every time the pencil sharpener is used.
  • The computer freezes and requires reboots.
  • No sound emits when an audio CD is played.
  • The computer gets increasingly slower to respond.
  • The computer beeps once during the boot process.

32. Which type of security attack would attempt a buffer overflow?

  • ransomware
  • reconnaissance
  • DoS
  • scareware

33. What is a significant characteristic of virus malware?

  • Virus malware is only distributed over the Internet.
  • Once installed on a host system, a virus will automatically propagate itself to other systems.
  • A virus is triggered by an event on the host system.
  • A virus can execute independently of the host system

34. A senior citizen receives a warning on the computer that states that the operating system registry is corrupt and to click a particular link to repair it. Which type of malware is being used to try to create the perception of a computer threat to the user?

  • DoS
  • scareware
  • phishing
  • adware

35. What is the motivation of a white hat attacker?

  • fine tuning network devices to improve their performance and efficiency
  • taking advantage of any vulnerability for illegal personal gain
  • studying operating systems of various platforms to develop a new system
  • discovering weaknesses of networks and systems to improve the security level of these systems

36. What is a ping sweep?

  • a network scanning technique that indicates the live hosts in a range of IP addresses.
  • a query and response protocol that identifies information about a domain, including the addresses that are assigned to that domain.
  • a software application that enables the capture of all network packets that are sent across a LAN.
  • a scanning technique that examines a range of TCP or UDP port numbers on a host to detect listening services

37. What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?

  • Trojan
  • vishing
  • phishing
  • backdoor

38. What are the three major components of a worm attack? (Choose three.)

  • an enabling vulnerability
  • a propagation mechanism
  • a payload
  • a probing mechanism
  • a penetration mechanism
  • an infecting vulnerability

39. Which security threat installs on a computer without the knowledge of the user and then monitors computer activity?

  • spyware
  • viruses
  • worms
  • adware

Download PDF File below:

Related Articles

Leave a Reply

Photo and Image Files
Audio and Video Files
Other File Types

Send this to a friend