Introduction to Cybersecurity 2.1 Chapter 2 Quiz Answers – Chapter 2: Attacks, Concepts and Techniques
1. In what way are zombies used in security attacks?
- They probe a group of machines for open ports to learn which services are running.
- They target specific individuals to gain corporate or personal information.
- They are infected machines that carry out a DDoS attack.
- They are maliciously formed code segments used to replace legitimate applications.
Explanation: Zombies are infected computers that make up a botnet. The zombies are used to deploy a distributed denial of service (DDoS) attack.
2. Which type of attack allows an attacker to use a brute force approach?
- password cracking
- social engineering
- packet sniffing
- denial of service
Explanation: Common ways used to crack Wi-Fi passwords include social engineering, brute-force attacks, and network sniffing.
3. Which two characteristics describe a worm? (Choose two.)
- is self-replicating
- travels to new computers without any intervention or knowledge of the user
- hides in a dormant state until needed by an attacker
- infects computers by attaching to software code
- executes when software is run on a computer
Explanation: Worms are self-replicating pieces of software that consume bandwidth on a network as they propagate from system to system. They do not require a host application, unlike a virus. Viruses, on the other hand, carry executable malicious code which harms the target machine on which they reside.
4. What is the purpose of a rootkit?
- to deliver advertisements without user consent
- to replicate itself independently of any other programs
- to gain privileged access to a device while concealing itself
- to masquerade as a legitimate program
Explanation: Malware can be classified as follows:
– Virus (self replicates by attaching to another program or file)
– Worm (replicates independently of another program)
– Trojan Horse (masquerades as a legitimate file or program)
– Rootkit (gains privileged access to a machine while concealing itself)
– Spyware (collects information from a target system)
– Adware (delivers advertisements with or without consent)
– Bot (waits for commands from the hacker)
– Ransomware (holds a computer system or data captive until payment is received)ent)
5. Which tool is used to provide a list of open ports on network devices?
- Ping
- Tracert
- Whois
- Nmap
Explanation: The Nmap tool is a port scanner that is used to determine which ports are open on a particular network device. A port scanner is used before launching an attack.
6. What is the most common goal of search engine optimization (SEO) poisoning?
- to overwhelm a network device with maliciously formed packets
- to increase web traffic to malicious sites
- to build a botnet of zombies
- to trick someone into installing malware or divulging personal information
Explanation: A malicious user could create a SEO so that a malicious website appears higher in search results. The malicious website commonly contains malware or is used to obtain information via social engineering techniques.
7. Which example illustrates how malware might be concealed?
- A botnet of zombies carry personal information back to the hacker.
- An attack is launched against the public website of an online retailer with the objective of blocking its response to visitors.
- A hacker uses techniques to improve the ranking of a website so that users are redirected to a malicious site.
- An email is sent to the employees of an organization with an attachment that looks like an antivirus update, but the attachment actually consists of spyware.
Explanation: An email attachment that appears as valid software but actually contains spyware shows how malware might be concealed. An attack to block access to a website is a DoS attack. A hacker uses search engine optimization (SEO) poisoning to improve the ranking of a website so that users are directed to a malicious site that hosts malware or uses social engineering methods to obtain information. A botnet of zombie computers is used to launch a DDoS attack.
8. What is the primary goal of a DoS attack?
- to facilitate access to external networks
- to scan the data on the target server
- to obtain all addresses in the address book within the server
- to prevent the target server from being able to handle additional requests
Explanation: A denial of service (DoS) attack attempts to overwhelm a system or process by sending large amounts of data or requests to the target. The goal is to keep the system so overwhelmed handling false requests that it is unable to respond to legitimate ones.