Cybersecurity Essentials Chapter 3 Quiz Questions Answers

Cybersecurity Essentials 1.1 Chapter 3 Quiz Answers Full Questions

Chapter 3: Cybersecurity Threats, Vulnerabilities, and Attacks

1.What are two common indicators of spam mail? (Choose two.)

  • The email is from a friend.
  • The email has no subject line.
  • The email has keywords in it.
  • The email has misspelled words or punctuation errors or both.
  • The email is from your supervisor.
  • The email has an attachment that is a receipt for a recent purchase.

Explanation: Spam is a common method of advertising through the use of unsolicited email and may contain malware.

2.What is the term used to describe an email that is targeting a specific person employed at a financial institution?

  • spyware
  • target phishing
  • spear phishing
  • spam
  • vishing

Explanation: Spear phishing is a phishing attack customized to reach a specific person or target.

3.Which term describes the sending of a short deceptive SMS message used to trick a target into visiting a website?

  • grayware
  • spam
  • smishing
  • impersonation

Explanation: Smishing is also known as SMS phishing and is used to send deceptive text messages to trick a user into calling a phone number or visiting a specific website.

4.What does a rootkit modify?

  • Microsoft Word
  • programs
  • screen savers
  • operating system
  • Notepad

Explanation: A rootkit commonly modifies an operating system to create a backdoor to bypass normal authentication mechanisms.

5.What is the name given to a program or program code that bypasses normal authentication?

  • virus
  • worm
  • Trojan
  • backdoor
  • ransomware

Explanation: A backdoor is a program or program code implemented by a criminal to bypass the normal authentication that is used to access a system.

6.A computer is presenting a user with a screen requesting payment before the user data is allowed to be accessed by the same user. What type of malware is this?

  • a type of worm
  • a type of logic bomb
  • a type of ransomware
  • a type of virus

Explanation: Ransomware commonly encrypts data on a computer and makes the data unavailable until the computer user pays a specific sum of money.

7. What is the difference between a virus and a worm?

  • Viruses self-replicate but worms do not.
  • Worms require a host file but viruses do not.
  • Worms self-replicate but viruses do not.
  • Viruses hide in legitimate programs but worms do not.

Explanation: Worms are able to self-replicate and exploit vulnerabilities on computer networks without user participation.

8. What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?

  • Trojan
  • vishing
  • phishing
  • backdoor
  • social engineering

Explanation: Phishing is used by malicious parties who create fraudulent messages that attempt to trick a user into either sharing sensitive information or installing malware.

9. What are two ways to protect a computer from malware? (Choose two.)

  • Empty the browser cache.
  • Use antivirus software.
  • Delete unused software.
  • Keep software up to date.
  • Defragment the hard disk.

Explanation: At a minimum, a computer should use antivirus software and have all software up to date to defend against malware.

10. What occurs on a computer when data goes beyond the limits of a buffer?

  • an SQL injection
  • cross-site scripting
  • a buffer overflow
  • a system exception

Explanation: A buffer overflow occurs by changing data beyond the boundaries of a buffer and can lead to a system crash, data compromise, or cause escalation of privileges.

11.An attacker is sitting in front of a store and wirelessly copies emails and contact lists from nearby unsuspecting user devices. What type of attack is this?

  • RF jamming
  • bluesnarfing
  • smishing
  • bluejacking

Explanation: Blusnarfing is the copying of user information through unauthorized Bluetooth transmissions.

12. A criminal is using software to obtain information about the computer of a user. What is the name of this type of software?

  • phishing
  • virus
  • adware
  • spyware

Explanation: Spyware is software that tracks the activity of a user and obtains information about that user.

13. What is the meaning of the term logic bomb?

  • a malicious worm
  • a malicious program that uses a trigger to awaken the malicious code
  • a malicious virus
  • a malicious program that hides itself in a legitimate program

Explanation: A logic bomb remains inactive until a trigger event occurs. Once activated, a logic bomb runs malicious code that causes harm to a computer.

14.What are two of the tactics used by a social engineer to obtain personal information from an unsuspecting target? (Choose two.)

  • intimidation
  • honesty
  • urgency
  • compassion
  • integrity

Explanation: Social engineering tactics include the following:
Authority
Intimidation
Consensus/Social Proof
Scarcity
Urgency
Familiarity/Liking
Trust

15.What is the name for the type of software that generates revenue by generating annoying pop-ups?

  • pop-ups
  • adware
  • spyware
  • trackers

Explanation: Adware is a type of malware that displays pop-ups on a computer to generate revenue for the creator of the malware.

16. What is a vulnerability that allows criminals to inject scripts into web pages viewed by users?

  • buffer overflow
  • Cross-site scripting
  • SQL injection
  • XML injection

Explanation: Cross-site scripting (XSS) allows criminals to inject scripts that contain malicious code into web applications.

17. Which two reasons describe why WEP is a weak protocol? (Choose two.)

  • WEP uses the same encryption features as Bluetooth.
  • The key is static and repeats on a congested network.
  • The default settings cannot be modified.
  • Everyone on the network uses a different key.
  • The key is transmitted in clear text.

Explanation: The initialization vector (IV) of WEP is as follows:
Is a 24-bit field, which is too small
Is cleartext and readable
Is static and causes identical key streams to repeat on a busy network

18. What type of attack targets an SQL database using the input field of a user?

  • buffer overflow
  • XML injection
  • Cross-site scripting
  • SQL injection

Explanation: A criminal can insert a malicious SQL statement in an entry field on a website where the system does not filter the user input correctly.

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments