WCC CIS 110 Midterm Review

Attack all the things

Smells Phishy

Mixed Bag

Can't Trust Em

Risky Business

100

A fake computer that looks authentic is known as this

Honeypot

100

Sending out a fake email with a malicious payload.

Phishing

100

8 mod 6

2 6 goes into 8 once and leaves a remainder of 2.

100

You would use this process to only allow personnel access to information that they absolutely need in order to complete their job.

Limiting

100

In risk mitigation, we could purchase this for extended coverage on our assets

Insurance

200

Well known ports fall in this range.

0-1023

200

Only people in major businesses need to worry about social engineering attacks.

False

200

CIA stands for this.

Confidentiality, Integrity, Availability

200

It is important to have multiple types of defense in a network, it is also known as ________

layering

200

In risk mitigation, we can take this action if we no longer want the risk to be our problem.

Transfer the risk.

300

A common method for stopping SQL injections is to do this.

Input validation

300

Gathering personal information under false pretenses such as using a survey is known as this.

Pretexting

300

AAA stands for this

Authentication, Authorization, Accounting

300

Alice really likes using Google as her search engine of choice. Eve has decided to play a mean prank on Alice and has modified this record on Alice's computer. Now anytime Alice tries to go to Google it now opens Bing.

Host

300

In risk mitigation, we can take this action if the probability and cost is very low.

Accept the Risk

400

By manipulating javascript, HTML or flash we can execute these types of attacks.

XSS

400

Leaving your garbage on the side of the road and having someone go through it is known as this.

Dumpster Diving

400

What would be the output of the following? X Y X⊕Y 1 0 0 0 1 0 1 1 0 0 0 1 0 0

X⊕Y 1010010 The ⊕ represents the XOR logical operator, where if both values are false or both values are true, the output of the XOR function is false

400

Based off of the attacker methodology, once an attacker has scanned a network and gathered necessary information their next step is this.

Penetrate any defenses.

400

In risk mitigation, we can take this action if we want to reduce the probability that a loss will occur.

Diminish the risk

500

Significantly different from regular cookies. Can’t be deleted through the browsers normal settings. Larger than normal cookies, can reinstate regular cookies that a user has deleted or blocked

Flash Cookie

500

Gathering information from someone on an IRC or IM is known as this.

Chat Attack

500

A Bayesian filter is used by this.

Anti-Spam software.

500

This is known as an imaginary line of set standards which devices must meet before being allowed on the network.

Baseline

500

SSL and TLS grab this from a server in order to start the authentication process between a client and a server.

Web server's certificate which holds the server's public key.