Upgrade to remove ads
Only ₩37,125/year
- Social Science
- Sociology
-
Flashcards
-
Learn
-
Test
-
Match
-
Flashcards
-
Learn
-
Test
-
Match
Terms in this set (40)
What type of malicious software masquerades as legitimate software to entice the user to run it?
Trojan Horse
Which control is not designed to combat malware?
Firewalls
Which type of denial of service attack exploits the existence of software flaws to disrupt a service?
Logic Attack
Which type of attack involves the creation of some deception in order to trick unsuspecting users?
Fabrication
In which type of attack does the attacker attempt to take over an existing connection between two systems?
Session Hijacking
Which group is the most likely target of a social engineering attack?
Receptionists and Administrative Assistants
Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales?
Opportunity Cost
Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?
Address Resolution Protocol (ARP) poisoning
Which term describes an action that can damage or compromise an asset?
Threat
Which tool can capture the packets transmitted between systems over a network?
Protocol Analyzer (Packet Sniffer or just Sniffer)
Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?
Zero-Day Attack
Tony is working with a law enforcement agency to place a wiretap pursuant to a legitimate court order. The wiretap will monitor communications without making any modifications. What type of wiretap is Tony placing?
Passive Wiretap
Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?
Evil Twin
An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using?
Urgency
Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri?
White-Hat Hacker
Which password attack is typically used specifically against password files that contain cryptographic hashes?
Birthday Attacks
Users throughout Alison's organization have been receiving unwanted commercial messages over the organization's instant messaging program. What type of attack is taking place?
Spim
Which one of the following is an example of a disclosure threat?
Espionage
Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?
Port 80: Hypertext Transport Protocol (HTTP)
Port 21: FTP (File Transfer Protocol)
Port 443: HTTP over Secure Sockets Layer
(SSL)
Port 23: Telnet
Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using?
Typosquatting (URL Hijacking)
A DoS attack is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks.
True.
Failing to prevent an attack all but invites an attack.
True.
When servers need operating system upgrades or patches, administrators take them offline intentionally so they can perform the necessary work without risking malicious attacks.
True.
Rootkits are malicious software programs designed to be hidden from normal methods of detection.
True.
A phishing attack "poisons" a domain name on a domain name server.
False.
Pharming is another type of attack that seeks to obtain personal or private financial information through domain spoofing. A pharming attack doesn't use messages to trick victims
into visiting spoofed websites that appear legitimate, however. Instead, pharming "poisons" a domain name on the domain name server (DNS), a process known as DNS poisoning.
Using a secure logon and authentication process is one of the six steps used to prevent malware.
True.
•Create an education (information security awareness) program to keep your users from installing malware on your system.
• Post
regular bulletins about malware problems.
• Never transfer files from an unknown or untrusted source unless the computer has an anti-malware utility installed.
• Test new programs or open suspect files on a quarantine computer—one that is not connected to any part of your network—before introducing them to the production environment.
• Install anti-malware software, make sure the software and data are current, and schedule regular malware scans to prevent malicious users from
introducing malware and to detect any existing malware.
• Use a secure logon and authentication process.
Denial of service (DoS) attacks are larger in scope than distributed denial of service (DDoS) attacks.
False.
DDoS attacks are larger.
Spyware gathers information about a user through an Internet connection, without his or her knowledge.
True.
A rootkit uses a directed broadcast to create a flood of network traffic for the victim computer.
False.
Smurfing - A DoS attack that uses a directed broadcast to create a flood of network traffic for the victim computer.
The main difference between a virus and a worm is that a virus does not need a host program to infect.
False.
A worm does not need a host.
An attacker uses exploit software when wardialing.
False.
Wardialer - A computer program used to identify the
phone numbers that can successfully make a connection
with a computer modem.
The anti-malware utility is one of the most popular backdoor tools in use today.
False.
Anti-malware Utilities - Norton, Webroot, TrendMicro, Avast, AVG, Malwarebytes... etc
Wardialers are becoming more frequently used given the rise of Voice over IP (VoIP).
False.
Wardialers are becoming more archaic and less often used due to the rise of digital telephony, IP telephony, or Voice over IP (VoIP).
A man-in-the-middle attack takes advantage of the multihop process used by many types of networks.
True.
A man-in-the-middle attack takes advantage of the multihop process used by many types of networks. In this type of attack, an attacker intercepts messages between two parties before transferring them on to their intended destination.
An alteration threat violates information integrity.
True.
Spam is some act intended to deceive or trick the receiver, normally in email messages.
False.
Spam - Unwanted email or unsolicited messages.
A hoax is some act intended to deceive or trick the receiver.
A phishing email is a fake or bogus email intended to trick the recipient into clicking on an embedded URL link or opening an email attachment.
True.
Vishing is a type of wireless network attack.
False.
Vishing - The act of performing a phishing attack by
telephone in order to elicit personal information.
A birthday attack is a type of cryptographic attack that is used to make brute-force attack of one-way hashes easier.
True.
A dictionary password attack is a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource.
False.
Spoofing is a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource.
A dictionary password attack is a simple attack that relies on users making poor password choices.
Sets with similar termsChapter 4 - Threats & Vulnerabilities
20 terms
martincr2012
Security Chapter 2
20 terms
Barrieguy71
Network attack types
35 terms
Danny_Holford
Security+ Attack Types and Terms!!
73 terms
SeanCerts
Sets found in the same folderQuiz 1 - Information Systems Security
40 terms
Papuchongo
Quiz 4 - Drivers of the Information Security Busin…
40 terms
Papuchongo
Quiz 5 - Access Controls
40 terms
Papuchongo
Quiz 7 - Auditing, Testing and Monitoring
40 terms
Papuchongo
Other sets by this creatorUnit 2 - Milestone 2
14 terms
Papuchongo
Unit 2 - Challenge 3: Revising and Delivering Your…
12 terms
Papuchongo
Unit 2 - Challenge 1: Fundamentals of Professional…
29 terms
Papuchongo
Unit 2 - Challenge 2: Planning and Drafting Your P…
15 terms
Papuchongo
Verified questions
SOCIOLOGY
According to Hochschild’s second shift explanation, gender equity in the home does not exist. Why do men, on average, still do less housework than women? Do attitudes about masculinity have anything to do with this? Do women naturally feel inclined to do the housework, given their role as nurturers and caretakers? How might gender stereotypes contribute to inequality in the household?
Verified answer
SOCIOLOGY
Does the involvement of Native Americans in gaming operations today help or hurt the economy?
Verified answer
SOCIOLOGY
Discuss the cause-and-effect relationship between competition and monopolies and oligopolies.
Verified answer
SOCIOLOGY
Sociologists claim the average American watches television seven hours a day, yet some students say they never watch TV. How could you account for this fact? Remember to refer to what you learned in discussing this question.
Verified answer
Other Quizlet setsEarly Childhood Education OAE
118 terms
Mariabrewe
VOLCANOES
21 terms
preeves04
Public Speaking Final
47 terms
desirae_montes
14.1 & 14.2 Bio Homework Quiz
23 terms
Nicholas_Wilson_20
Related questionsQUESTION
The latest protocol that effectively protects 802.11 wireless traffic across a LAN is:
15 answers
QUESTION
What license is required in order to perform on-site sewage inspection in Texas?
15 answers
QUESTION
What is the best practice to protect data on your mobile computing device?
15 answers
QUESTION
The National Society Of Leadership and Success
2 answers