Types of Exploits
True or False?
Worms differ from viruses in that they require human intervention to propagate.
What is false?
True or False?
Hackers often test the limits of systems purely for intellectual curiosity or publicity.
What is true?
The process of assessing security related risks to an organization’s computer and networks from both internal and external threats.
What is risk assessment?
Multi Factor authentication schemes include? (Multiple correct answers.)
What are Biometrics? / What are one-time passwords?/ What are hardware tokens?
This security measure ensures that only authorized users can access a device or system by requiring a passcode or other verification method.
What is authentication?
Before starting eradication efforts, the IT security team must collect and log this type of evidence.
What is criminal evidence?
A __ is a piece of programming code, usually disguised as something else, that causes a computer to behave in an unexpected and usually undesirable manner.
What is a virus?
What motivates malicious insiders?
What is gaining financially or disrupting operations?
Business processes that are more pivotal to continued operations and goal attainment than others.
What is mission-critical processes?
A networking device that connects multiple networks amd transmits data packets between networks.
What is a router?
This encryption method protects stored data on hard drives and storage devices, preventing unauthorized access if removed.
What is full-disk encryption?
During eradication, backups must be checked for these three qualities to ensure safe restoration.
What are current, complete, and free of malware?
What is a common goal of phishing scams?
What is to convince the recipient to provide personal or financial information
True or False?
Cyberterrorists aim to achieve financial gain through network-based attacks.
What is false?
~Their goal is to intimidate for political or social objectives.
An audit that evaluates whether an organization has a well-considered security policy in place and if it is being followed.
What is a security audit?
The process of scrambling messages or data in such a way that only authorized parties can read it.
What is encryption?
This component of antivirus software helps identify previously known viruses by detecting a specific sequence of bytes.
What is a virus signature?
This phase of incident follow-up determines how an organization’s security was compromised to prevent future incidents.
What is analyzing the cause of the security breach?
Which of the following best describes vishing?
a) Fraudulent phone calls attempting to gather sensitive information
b) Text messages designed to install malware
c) Email messages sent to a large number of recipients
d) Automated CAPTCHA tests used on websites
What is fraudulent phone calls attempting to gather sensitive information
True or False?
Smart cards can reduce the likelihood of online credit card fraud because they contain a memory chip that updates encrypted data.
What is true?
Provides a comprehensive display of all key performance indicators related to an organization’s security defenses.
What are security dashboards?
Enables remote users to securely access an organization’s computing resources and share data by transmitting and receiving encrypted data over public networks, such as the Internet.
What is a VPN?
This cybersecurity measure educates users on the importance of security so they follow security policies.
What is security education?
A formal incident report includes a detailed chronology of events and this key factor.
What is the impact of the incident?
The term botnet, also called___ is used to describe a large group of such computers, which are controlled from one or more remote locations by hackers, without the knowledge or consent of their owners.
What is zombies?
Hint: Apocalypse
What is hacktivism?
What is hacking for political or social goals?
Requires financial institutions in the United States to assist U.S. government agencies in detection and preventing money laundering.
What is the Bank Secrecy Law of 1970?
What are the two approaches to intrusion detection?
What is knowledge and behavior based?
This combination of security education, authentication methods, antivirus software, and data encryption helps protect end users by preventing unauthorized access, detecting threats, and securing data.
What is a multi-layered cybersecurity approach?
Proper incident follow-up helps organizations avoid repeat security breaches by implementing these.
What are preventative measures and security improvements?