1. Which is an example of social engineering?
- an unidentified person claiming to be a technician collecting user information from employees
- a computer displaying unauthorized pop-ups and adware
- an anonymous programmer directing a DDoS attack on a data center
- the infection of a computer by a virus carried by a Trojan
2. What is a significant characteristic of virus malware?
- Virus malware is only distributed over the Internet.
- Once installed on a host system, a virus will automatically propagate itself to other systems.
- A virus can execute independently of the host system.
- A virus is triggered by an event on the host system.
3. Which access attack method involves a software program that attempts to discover a system password by the use of an electronic dictionary?
- buffer overflow attack
- denial of service attack
- port redirection attack
- brute-force attack
- packet sniffer attack
- IP spoofing attack
4. What is the purpose of a reconnaissance attack on a computer network?
- to prevent users from accessing network resources
- to gather information about the target network and system
- to steal data from the network servers
- to redirect data traffic so that it can be monitored
5. To which category of security attacks does man-in-the-middle belong?
- social engineering
6. What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?
7. What is the primary goal of a DoS attack?
- to scan the data on the target server
- to prevent the target server from being able to handle additional requests
- to obtain all addresses in the address book within the server
- to facilitate access to external networks
8. What is the best description of Trojan horse malware?
- It is software that causes annoying but not fatal computer problems.
- It is the most easily detected form of malware.
- It appears as useful software but hides malicious code.
- It is malware that can only be distributed over the Internet.
9. Which tool is used to provide a list of open ports on network devices?
10. When describing malware, what is a difference between a virus and a worm?
- A virus focuses on gaining privileged access to a device, whereas a worm does not.
- A virus can be used to deliver advertisements without user consent, whereas a worm cannot.
- A virus replicates itself by attaching to another file, whereas a worm can replicate itself independently.
- A virus can be used to launch a DoS attack (but not a DDoS), but a worm can be used to launch both DoS and DDoS attacks.
11. What is the main goal of using different evasion techniques by threat actors?
- to launch DDoS attacks on targets
- to identify vulnerabilities of target systems
- to gain the trust of a corporate employee in an effort to obtain credentials
- to prevent detection by network and host defenses
12. What is the purpose of a rootkit?
- to replicate itself independently of any other programs
- to gain privileged access to a device while concealing itself
- to deliver advertisements without user consent
- to masquerade as a legitimate program
13. In what way are zombies used in security attacks?
- They probe a group of machines for open ports to learn which services are running.
- They target specific individuals to gain corporate or personal information.
- They are infected machines that carry out a DDoS attack.
- They are maliciously formed code segments used to replace legitimate applications.