Question 1

A network attack in which an intruder gains access to a network and stays there, undetected, with the intention of stealing data over a long period of time is known as which of the following?
A)DDoS
B)APT
C)rootkit
D)trojan horse

Accepted Answer

The scenario described is a perfect example of an APT, which stands for Advanced Persistent Threat. APT attackers gain unauthorized access to a network and remain undetected, often for months or even years, in order to gather valuable information or perform malicious actions. DDoS attacks are typically focused on causing disruption by overwhelming a targeted network or website with traffic, while rootkits and Trojan horses are specific types of malicious software that can be used in a variety of attacks.

Question 2

Installation of a corporate firewall is the least common security precaution taken by businesses as it does not provide sufficient security.

Accepted Answer

This statement is false. Installation of a corporate firewall is one of the most common security precautions taken by businesses as it offers a basic level of protection against unauthorized access to the organization's network. However, it is not sufficient on its own and should be complemented with other security measures.

Question 3

In computing, a term for any sort of general attack on an information system that takes advantage of a particular system vulnerability is known as which of the following?
A)exploit
B)patch
C)firewall
D)security audit

Accepted Answer

An exploit is a type of attack that takes advantage of a vulnerability in a system. It can be used to gain unauthorized access, execute malicious code or steal sensitive data. A patch is a software update that fixes a vulnerability, a firewall is a security measure used to control network traffic and a security audit is a review of an organization's security measures to identify potential weaknesses. Therefore, the best choice is A, as it specifically refers to an attack that takes advantage of a vulnerability.

Question 4

Which of the following is a form of Trojan horse which executes when it is triggered by a specific event such as a change in a particular file, by typing a specific series of keystrokes, or by a specific time or date?
A)denial-of-service attack
B)logic bomb
C)botnet
D)rootkit

Accepted Answer

The given description matches with the characteristics of a logic bomb. It is a type of Trojan horse that is designed to execute a malicious code when a specific trigger event occurs, such as a change in a particular file, a specific set of keystrokes, or a specific time or date. Denial-of-service attack, botnet, and rootkit do not match with the given description.

Question 5

Which of the following is a federal law that provides a definition of the term cyberterrorism and under which young people primarily involved in what they consider to be minor computer pranks have been tried as cyberterrorist?
A)USA Patriot Act
B)Computer Fraud and Abuse Act
C)Stored Wire and Electronic Communications and Transactional Records Access Statutes
D)Identity Theft and Assumption Deterrence Act

Accepted Answer

The USA Patriot Act provides a definition of the term cyberterrorism and has been used to prosecute individuals involved in activities that they might consider minor computer pranks as acts of cyberterrorism. This legislation expanded the ability of law enforcement to conduct surveillance and investigate suspected acts of terrorism, including cyberterrorism.

Question 6

Which of the following is a partnership between the Department of Homeland Security and the public and private sectors, established in 2003 to protect the nation's Internet infrastructure against cyberattacks?
A)Carnegie Mellon's Computer Response Team
B)U.S.Computer Emergency Readiness Team
C)The National Institute of Standards and Technology
D)The Science and Technology Directorate of Homeland Security

Accepted Answer

The U.S. Computer Emergency Readiness Team (US-CERT) was established in 2003 as a partnership between the Department of Homeland Security and the public and private sectors to protect the nation's Internet infrastructure against cyberattacks. Carnegie Mellon's Computer Response Team (CERT), the National Institute of Standards and Technology (NIST), and the Science and Technology Directorate of Homeland Security all play roles in cybersecurity, but they are not specifically described as partnerships aimed at protecting the nation's Internet infrastructure against cyberattacks.

Question 7

Which of the following concepts recognizes that managers must use their judgment to ensure that the cost of control does not exceed the system's benefits or the risks involved?
A)competitive intelligence
B)reasonable assurance
C)separation of duties
D)risk assessment

Accepted Answer

Reasonable assurance recognizes that managers must use their judgment to balance the cost of implementing internal control measures with the benefits gained from those measures and the risks involved. While risk assessment is important in determining the extent of internal controls needed, it is only one part of the overall decision-making process regarding internal control implementation. Competitive intelligence and separation of duties are also important internal control concepts, but do not directly relate to the balancing of costs and benefits.

Question 8

Discussing security attacks through public trials and the associated publicity has not only enormous potential costs in public relations but real monetary costs as well.

Accepted Answer

Publicity surrounding security attacks can lead to a loss in public trust and revenue, as well as potential legal and regulatory costs.

Question 9

Software and/or hardware that monitors system and network resources and activities, and notifies network security personnel when it identifies network traffic that attempts to circumvent the security measures of a networked computer environment is known as which of the following?
A)anti-virus device
B)intrusion prevention system
C)intrusion detection system
D)virtual private network

Accepted Answer

An intrusion detection system (IDS) is a software or hardware that monitors system and network resources and activities, and notifies network security personnel when it identifies network traffic that attempts to circumvent the security measures of a networked computer environment. An anti-virus device is used to detect and remove viruses from a computer system. An intrusion prevention system (IPS) goes one step further than an IDS by actively preventing unauthorized access attempts. A virtual private network (VPN) is used to provide a secure connection between two or more devices over the internet.

Question 10

A router is a hardware- or software-based network security system that is able to detect and block sophisticated attacks by filtering network traffic dependent on the packet contents.

Accepted Answer

A router primarily forwards data packets between computer networks, not specifically designed to detect and block sophisticated attacks based on packet contents. That function is more characteristic of a firewall or an intrusion detection/prevention system.

Question 11

What exploit is characterized as the abuse of email systems to send unsolicited email to large numbers of people?
A)A botnet
B)Spam
C)Logic bombing
D)A worm

Accepted Answer

Spam is the unsolicited email sent to large numbers of people for advertising, phishing or spreading malware. It is a common exploit of email systems and can be both annoying and dangerous for the recipients. A botnet, logic bombing, and worm are other types of exploits but they are not specifically characterized as the abuse of email systems for sending spam.

Question 12

Which type of attacker hacks computers or websites in an attempt to promote a political ideology?
A)Industrial spies
B)Hackers
C)Cyberterrorists
D)Hacktivists

Accepted Answer

Hacktivists are individuals or groups who use hacking or other forms of cyberattacks to promote a political or social cause. Their attacks can range from website defacement to stealing sensitive information and disrupting services. Examples of hacktivist groups include Anonymous and LulzSec.

Question 13

Often a successful attack on an information system is due to poor system design or implementation. Once such a vulnerability is discovered, software developers quickly create and issue which of the following, in order to eliminate the problem?
A)patch
B)bot
C)rootkit
D)Trojan horse

Accepted Answer

A patch is a piece of software created to fix a vulnerability or issue within a system. It is the most common and effective solution to address a vulnerability. Bot, rootkit, and Trojan horse are types of malware that are used to exploit vulnerabilities rather than fix them.

Question 14

What type of viruses have become a common and easily created form of malware that are created using applications such as Visual Basic or VBScript?
A)Macro viruses
B)Logic bombs
C)Trojan horses
D)Zombies

Accepted Answer

Macro viruses have become a common and easily created form of malware that are created using applications such as Visual Basic or VBScript. They infect documents such as Word or Excel files and can execute malicious code when the document is opened.

Question 15

It is not unusual for a security audit to reveal that too many people have access to critical data and that many people have capabilities beyond those needed to perform their jobs.

Accepted Answer

This is true because one of the common findings in a security audit is access control issues where too many people have access to critical data or have privileges beyond what is necessary for their job roles.

Question 16

The fundamental problem with trying to detect a rootkit is that the operating system cannot be trusted to provide which of the following?
A)valid test results
B)correct system login ids
C)the correct date and time
D)sufficient memory for operations

Accepted Answer

The operating system cannot be trusted to provide valid test results because a rootkit can manipulate the way that the operating system interacts with the hardware, making it appear as though everything is functioning normally even if the system has been compromised. This can result in false negatives during virus scans and detection tests. The other answer options are not related to the rootkit detection problem.

Question 17

Which of the following gets a rootkit installation started and can be easily activated by clicking on a link to a malicious Web site in an email or opening an infected PDF file?
A)logic bomb
B)zombie
C)dropper code
D)loader

Accepted Answer

Dropper code is a type of malware that is designed to deliver other malicious software, including rootkits, onto a system. It is commonly spread through social engineering tactics, such as tricking a user into clicking on a link or downloading an infected file. Once activated, the dropper code will begin the installation process for the rootkit.

Question 18

Spammers can defeat the registration process of free email services by launching a coordinated attack that can sign up for thousands of untraceable email accounts. What is this type of attack known as?
A)distributed denial-of-service attack
B)bot attack
C)CAPTCHA attack
D)logic bomb

Accepted Answer

Bot attacks are automated attacks that use software to create multiple accounts or perform other malicious activities.

Question 19

A type of computer crime perpetrator whose primary motive is to achieve financial gain is known as which of the following?
A)industrial spy
B)hacktivist
C)black hat hacker
D)cybercriminal

Accepted Answer

A cybercriminal is generally motivated by financial gain and seeks to illegally obtain money or financial information. Industrial spies may also seek financial gain, but their primary motive is to retrieve sensitive information about a company's products, operations, or plans to sell to competitors. Hacktivists are politically or socially motivated and use hacking as a tool to promote their agenda. Black hat hackers engage in various malicious activities, but their motivations may vary and may not necessarily be related to financial gain.

Question 20

Even when preventive measures are implemented, no organization is completely secure from a determined computer attack.

Accepted Answer

No organization can guarantee 100% security from a determined computer attack, even with the implementation of preventive measures. Attackers are constantly evolving their tactics and finding new vulnerabilities to exploit. Therefore, organizations must remain vigilant and prepared to respond to any security incidents that may occur.

Quiz 3: Cyberattacks and Cybersecurity

A network attack in which an intruder gains access to a network and stays there, undetected, with the intention of stealing data over a long period of time is known as which of the following?

Installation of a corporate firewall is the least common security precaution taken by businesses as it does not provide sufficient security.

In computing, a term for any sort of general attack on an information system that takes advantage of a particular system vulnerability is known as which of the following?

Which of the following is a form of Trojan horse which executes when it is triggered by a specific event such as a change in a particular file, by typing a specific series of keystrokes, or by a specific time or date?

Which of the following is a federal law that provides a definition of the term cyberterrorism and under which young people primarily involved in what they consider to be minor computer pranks have been tried as cyberterrorist?

Which of the following is a partnership between the Department of Homeland Security and the public and private sectors, established in 2003 to protect the nation's Internet infrastructure against cyberattacks?

Which of the following concepts recognizes that managers must use their judgment to ensure that the cost of control does not exceed the system's benefits or the risks involved?

Discussing security attacks through public trials and the associated publicity has not only enormous potential costs in public relations but real monetary costs as well.

Software and/or hardware that monitors system and network resources and activities, and notifies network security personnel when it identifies network traffic that attempts to circumvent the security measures of a networked computer environment is known as which of the following?

A router is a hardware- or software-based network security system that is able to detect and block sophisticated attacks by filtering network traffic dependent on the packet contents.

What exploit is characterized as the abuse of email systems to send unsolicited email to large numbers of people?

Which type of attacker hacks computers or websites in an attempt to promote a political ideology?

Often a successful attack on an information system is due to poor system design or implementation. Once such a vulnerability is discovered, software developers quickly create and issue which of the following, in order to eliminate the problem?

What type of viruses have become a common and easily created form of malware that are created using applications such as Visual Basic or VBScript?

It is not unusual for a security audit to reveal that too many people have access to critical data and that many people have capabilities beyond those needed to perform their jobs.

The fundamental problem with trying to detect a rootkit is that the operating system cannot be trusted to provide which of the following?

Which of the following gets a rootkit installation started and can be easily activated by clicking on a link to a malicious Web site in an email or opening an infected PDF file?

Spammers can defeat the registration process of free email services by launching a coordinated attack that can sign up for thousands of untraceable email accounts. What is this type of attack known as?

A type of computer crime perpetrator whose primary motive is to achieve financial gain is known as which of the following?

Even when preventive measures are implemented, no organization is completely secure from a determined computer attack.