Module 1: Cybersecurity Threats Vulnerabilities and Attacks Quiz Answers

Cybersecurity Essentials Module 1 Quiz Answers

Module 1: Cybersecurity Threats Vulnerabilities and Attacks Quiz Question Answers

1. A cybercriminal sends a series of maliciously formatted packets to a database server, which causes the server to crash. What do you call this type of attack?

  • SQL injection
  • DoS
  • Man-in-the-middle
  • Packet injection

Explanation: A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

2. Employees in an organization report that the network access is slow. Further investigation reveals that one employee downloaded a third-party scanning program for the printer. What type of malware may have been introduced?

  • Phishing
  • Worm
  • Spam
  • Trojan horse

Explanation: Worms are malicious code that replicates by independently exploiting vulnerabilities in networks. Worms usually slow down networks. Whereas a virus requires a host program to run, worms can run by themselves. Other than the initial infection, worms no longer require user participation. After a worm affects a host, it is able to spread very quickly over the network. Worms share similar patterns. They all have an enabling vulnerability, a way to propagate themselves, and they all contain a payload.

3. A penetration test carried out by an organization identified a backdoor on the network. What action should the organization take to find out if their systems have been compromised?

  • Look for policy changes in Event Viewer
  • Scan the systems for viruses
  • Look for unauthorized accounts
  • Look for usernames that do not have passwords

Explanation: If a penetration test is successful, the corporation should check to locate vulnerabilities in the network and also check to see if there are new unauthorized accounts.

4. All employees in an organization receive an email stating that their account password will expire immediately and that they should reset their password within five minutes. Which of the following statements best describes this email?

  • It is a piggyback attack
  • It is an impersonation attack
  • It is a hoax
  • It is a DDoS attack

Explanation: A hoax is an act intended to deceive or trick someone. This type of email can cause unnecessary disruption, extra work, and fear.

5. What do you call an impersonation attack that takes advantage of a trusted relationship between two systems?

  • Man-in-the-middle
  • Sniffing
  • Spamming
  • Spoofing

Explanation: In spoofing attacks, hackers can disguise their devices by using a valid address from the network and therefore bypass authentication processes. MAC addresses and IP addresses can be spoofed and can also be used to spoof ARP relationships.

6. Which best practices can help defend against social engineering attacks? (Choose three.)

  • Add more security guards
  • Educate employees regarding security policies
  • Enable a policy that states that the IT department should supply information over the phone only to managers
  • Deploy well-designed firewall appliances
  • Resist the urge to click on enticing web links
  • Do not provide password resets in a chat window

Explanation: A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.

7. What non-technical method could a cybercriminal use to gather sensitive information from an organization?

  • Pharming
  • Man-in-the-middle
  • Social engineering
  • Ransomware

Explanation: Social engineering is a very effective way to get personal or sensitive corpoate information from an employee. Cybercriminals may try to get to know an employee and then use trust or familiarity to gather the needed information.

8. Employees in an organization report that they cannot access the customer database on the main server. Further investigation reveals that the database file is now encrypted. Shortly afterward, the organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced?

  • DoS attack
  • Trojan horse
  • Man-in-the-middle attack
  • Ransomware

Explanation: In a ransomware attack, the attacker compromises the victum computer and encrypts the hard drive so that data can no longer be accessed by the user. The attacker then demands payment from the user to decrypt the drive.

9. Which of the following statements describes a distributed denial of service (DDoS) attack?

  • One computer accepts data packets based on the MAC address of another computer
  • A botnet of zombies, coordinated by an attacker, overwhelms a server with DoS attacks
  • An attacker sends an enormous quantity of data that a server cannot handle
  • An attacker monitors network traffic to learn authentication credentials

Explanation: An attacker builds a network of infected hosts, called a botnet, comprised of zombies. Zombies are the infected hosts. The attacker uses handler systems to control the zombies. The zombie computers constantly scan and infect more hosts, creating more zombies. When ready, the hacker instructs the handler systems to make the botnet of zombies carry out a DDoS attack.

10. What type of attack occurs when data goes beyond the memory areas allocated to an application?

  • RAM spoofing
  • SQL injection
  • RAM injection
  • Buffer overflow

Explanation: A buffer overflow occurs when data is written beyond the limits of a buffer. By changing data beyond the boundaries of a buffer, the application can access memory allocated to other processes. This can lead to a system crash or data compromise, or provide escalation of privileges.

Notify of

Inline Feedbacks
View all comments
6 months ago

The awareness and identification of vulnerabilities is a critical function of a cybersecurity specialist. Which of the following resources can they use to identify specific details about vulnerabilities?

NIST/NICE framework
ISO/IEC 27000 model
***CVE national database

6 months ago

A secretary receives a phone call from someone claiming that their manager is about to give an important presentation but the presentation files are corrupted.

The caller sternly asks that the secretary email the presentation right away to a personal email address. The caller also states that the secretary is being held personally responsible for the success of this presentation. 

What type of social engineering tactic is the caller using?

Trusted partners

Would love your thoughts, please comment.x