Show:
Malware
Social Engineering
Common Vulnerabilities
Command-Line Utilities
Secure Network Protocols
100

Harmful programs designed to disrupt computer operation, gather sensitive information, or gain unauthorized access to computer systems are commonly referred to as:

A) Adware

B) Malware  

C) Ransomware

D) Spyware

B) Malware  

100

An email message containing warning related to a non-existent computer security threat, asking a user to delete system files falsely identified as malware, and/or prompting them to share the message with others is an example of:

A) Vishing

B) Impersonation

C) Virus hoax   

D) Phishing

C) Virus hoax  

100

A situation in which an application writes to or reads from an area of memory that it is not supposed to access is referred to as:

A) DLL injection

B) Buffer overflow  

C) Memory leak

D) Integer overflow

B) Buffer overflow  

100

A command-line tool that can be used for banner grabbing is called:

A) tcpdump

B) netcat    

C) Nmap

D) Wireshark

B) netcat    

100

Which of the answers listed below refers to a deprecated TLS-based method for securing SMTP?

A) PPTP

B) STARTTLS

C) L2TP

D) SMTPS

D) SMTPS

200

Which of the following answers refers to an undocumented (and often legitimate) way of gaining access to a program, online service, or an entire computer system?

A) Logic bomb

B) Trojan horse

C) Rootkit

D) Backdoor

D) Backdoor

200

Privacy filter (a.k.a. privacy screen) is a protective overlay placed on the computer screen that narrows the viewing angle, so the screen content is only visible directly in front of the monitor and cannot be seen by others nearby. Privacy filter is one of the countermeasures against shoulder surfing.

A) True  

B) False

A) True  

200

Which of the terms listed below describes a programming error where an application tries to store a numeric value in a variable that is too small to hold it?

A) Buffer overflow

B) Pointer dereference

C) Memory leak

D) Integer overflow    

D) Integer overflow    

200

Which of the command-line utilities listed below can be used to perform a port scan? (Select 2 answers)

A) Zenmap

B) Nmap    

C) tcpdump

D) netcat  

E) nslookup

B) Nmap  

D) netcat    

200

Which of the following answers refers to a secure implementation of a protocol used for synchronizing clocks over a computer network?

A) NTPsec  

B) SNMPv3

C) SRTP

D) IPsec

A) NTPsec  

300

 Malicious code activated by a specific event is called:

A) Backdoor

B) Logic bomb    

C) Dropper

D) Retrovirus

B) Logic bomb    

300

A situation in which an unauthorized person can view another user's display or keyboard to learn their password or other confidential information is referred to as:

A) Spear phishing

B) Tailgating

C) Shoulder surfing  

D) Spoofing

C) Shoulder surfing  

300

A situation in which an application fails to properly release memory allocated to it or continually requests more memory than it needs is called:

A) Memory leak    

B) Buffer overflow

C) DLL injection

D) Integer overflow

A) Memory leak    

300

Which of the following command-line tools is used for discovering hosts and services on a network?

A) Nmap  

B) netcat

C) Zenmap

D) tcpdump

A) Nmap

300

What are the characteristic features of the secure version of IMAP? (Select all that apply)

A) TCP port 143

B) Secure Sockets Layer (SSL)

C) TCP port 993   

D) Transport Layer Security (TLS)  

E) TCP port 995

B) Secure Sockets Layer (SSL)    
C) TCP port 993
D) Transport Layer Security (TLS)   


400

 Which type of Trojan enables unauthorized remote access to a compromised system?

A) pcap

B) RAT    

C) MaaS

D) pfSense

B) RAT  

400

In computer security, the term "Dumpster diving" is used to describe a practice of sifting through trash for discarded documents containing sensitive data. Found documents containing names and surnames of the employees along with the information about positions held in the company and other data can be used to facilitate social engineering attacks. Having the documents shredded or incinerated before disposal makes dumpster diving less effective and mitigates the risk of social engineering attacks.

A) True    

B) False

A) True  

400

The purpose of a downgrade attack is to make a computer system fall back to a weaker security mode which makes the system more vulnerable to attacks.

A) True  

B) False

A) True

400

Which of the answers listed below refers to a command-line packet capturing utility?

A) netcat

B) Zenmap

C) tcpdump   

D) Nmap

C) tcpdump

400

Which of the answers listed below refer(s) to POP3S encrypted communication? (Select all that apply)

A) TCP port 993

B) Secure Sockets Layer (SSL)  

C) TCP port 995  

D) Transport Layer Security (TLS)    

E) TCP port 110

B) Secure Sockets Layer (SSL)
C) TCP port 995  
D) Transport Layer Security (TLS) 

500

Which of the terms listed below applies to a collection of intermediary compromised systems that are used as a platform for a DDoS attack?

A) Honeynet

B) Botnet  

C) Quarantine network

D) Malware

B) Botnet  

500

Which social engineering attack relies on identity theft?

A) Impersonation    

B) Dumpster diving

C) Watering hole attack

D) Shoulder surfing

A) Impersonation    

500

A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:

A) DLL  

B) ISO

C) EXE

D) INI

A) DLL  

500

The ip command in Linux is the preferred replacement for:

A) netstat

B) ifconfig  

C) nslookup

D) ipconfig

B) ifconfig  

500

Which of the following protocols are used for securing HTTP connections? (Select 2 answers)

A) SCP

B) EFS

C) SSL    

D) TLS    

E) STP

C) SSL   

D) TLS