Module 15 – Security Considerations Quiz Answers

1. What is an example of social engineering?

  • the infection of a computer by a virus carried by a Trojan
  • an unidentified person claiming to be a technician collecting user information from employees
  • an anonymous programmer directing a DDoS attack on a data center
  • a computer displaying unauthorized pop-ups and adware

Explanation: A social engineer attempts to gain the confidence of an employee and convince that person to divulge confidential and sensitive information, such as usernames and passwords. DDoS attacks, pop-ups, and viruses are all examples of software based security threats, not social engineering.

2. What type of program installs and gathers personal information, including password and account information, from a computer without permission or knowledge of the user?

  • pop-ups
  • spyware
  • pop-unders
  • adware

Explanation: An unauthorized program that gathers personal information from a computer is known as spyware.

3. What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?

  • Trojan
  • phishing
  • backdoor
  • vishing

Explanation: Phishing is used by malicious parties who create fraudulent messages that attempt to trick a user into either sharing sensitive information or installing malware.

4. Which malicious program appears as a legitimate program to deceive the victim, but is in fact an attack tool that can contain malicious code?​

  • worm
  • virus
  • spyware
  • Trojan horse

Explanation: A Trojan horse is a malicious program that appears legitimate but actually carries code which can damage computer systems or install backdoors if the program is initiated.

5. What type of DoS attack originates from a malicious host that has an invalid source IP address and that requests a client connection?​

  • ping of death
  • phishing
  • SYN flooding
  • brute force

Explanation: SYN flooding is a type of denial of services attack where the attacker sends fake session requests to a target host in an attempt to prevent the host from responding to legitimate session requests.​

6. Which type of attack attempts to overwhelm network links and devices with useless data?

  • brute force
  • virus
  • denial of service
  • spyware

Explanation: A denial of services attack is intended to prevent a host from responding to legitimate session requests by overwhelming it with illegitimate data or session requests.

7. How does a phisher typically contact a victim?

  • telephone
  • email
  • adware
  • spyware

Explanation: A phisher usually targets victims over email or text messaging.

8. Which type of technology can prevent malicious software from monitoring user activities, collecting personal information, and producing unwanted pop-up ads on a user computer?

Module 15 - Security Considerations Quiz Answers 2

  • two factor authentication
  • antispyware
  • firewall
  • password manager

Explanation: Antispyware software is commonly installed on a user machine to scan and remove malicious spyware software installed on a device.

9. What type of attack is the ping of death?

  • denial of service
  • brute force
  • social engineering
  • virus

Explanation: The ping death is a denial of service attack and involves sending IP packets that are too large to a target device with the goal of disrupting the function of the device so that its services are denied to users.

10. What is the primary means for mitigating virus and Trojan horse attacks?

  • antivirus software
  • blocking ICMP echo and echo-replies
  • antisniffer software
  • encryption

Explanation: Antivirus software is the primary means of mitigating both virus and Trojan horse attacks. By using up-to-date antivirus software, the spread of viruses and Trojan horse attacks can be reduced.

Notify of

Inline Feedbacks
View all comments