Cybersecurity Final Exam

Cybersecurity Final Exam

1 - What is cybersecurity?
the use of satellites to spy on malicious users
efforts to prevent people from becoming hackers
the act of securing the Internet
the protection of cyberspace

2 - What is the purpose of a reconnaissance attack on a computer network?

to steal data from the network servers
to redirect data traffic so that it can be monitored
to prevent users from accessing network resources
to gather information about the target network and system

3 - When an organization is developing cybersecurity procedures, what else, besides technology,

must be considered to ensure that the procedures are effective?
user authentication
closed circuit TVs
user behavior
more security personnel

4 - An attacker sends a piece of malware as an email attachment to employees in a company.

What is one probable purpose of the attack?
searching and obtaining trade secrets
cracking the administrator password for a critical server
probing open ports on the firewall on the border network
denying external access to a web server that is open to the public
5 - When describing malware, what is a difference between a virus and a worm?
A virus focuses on gaining privileged access to a device whereas a worm does not.
A virus can be used to deliver advertisements without user consent whereas a worm cannot.
A virus replicates itself by attaching to another file whereas a worm can replicate itself independently.
A virus can be used to launch a DoS attack (but not a DDoS), but a worm can be used to launch both
DoS and DDoS attacks.

6 - Which example illustrates how malware might be concealed?

A worm is launched with the objective of deleting key operating system files on company file and web
servers.
A virus spreads in an organization with the objective to obtain the email contacts from employee
workstations.
An attack is launched against a public website of an online retailer with the objective of blocking its
response to visitors.
An email is sent to the employees of an organization with an attachment that looks like an antivirus
update, but the attachment actually consists of spyware.

7 - Fill in the blank.

You need to put the word: Cybersecurity

8 - What type of attack uses multiple sources in an effort to render a target system unusable?
spam
phishing
DDoS
cyberfraud

9 - What type of software are Zeus and SpyEye classified as?

malware
DDoS launcher
antiphishing software
intrusion detection applications

10 - What was the first banking technology that used a PIN to authenticate customers?
Internet banking
Mobile banking
Computer banking
automatic teller machines

11 - True or False? Phone phreaking was the start of what is known as hacking.
true
false
12 - What is an example of cyber kill chain?
a group of botnets
a planned process of cyberattack
a series of worms based on the same core code
a combination of virus, worm, and Trojan Horse

13 - True or False? Losing data to an attacker can cause more damage to a company than losing
money can.
true
false

14 - What device passively monitors network traffic for anomalies that can indicate an attack?
switch
IDS
bridge
web proxy

15 - What is cyberwarfare?
It is an attack only on military targets.
It is an attack designed to disrupt, corrupt, or exploit national interests.
It is an attack on a major corporation.
It is an attack that only involves robots and bots.

16 - True or False? In wartime, cyberattacks are considered a criminal act, not an act of war.
true
false
17 - What is the best method of information gathering and analysis when tracking a global
security threat?
using historical data
using real-time data
using tracking reports
using a honeynet or honeypot

18 - What term is used to describe a single threat that represents multiple types of attack?
vector attack
blended threat
virus attack
diversified threat

19 - True or False? Security conscious organizations are safe from cyberattacks.

true
false

20

The Correct Answer: Architecture

21 - Who is responsible for enabling and maintaining a secure environment within a large
organization?
only the IT department
all of the customers and clients of the organization
Only the Chief Security Officer
employees at all levels within the organization
only the Chief Operations Officer

22 - What are two reasons that medical devices are easily compromised and hacked? (Choose
two.)
Many medical devices have plastic covers that make them more susceptible to wireless hacking.
Medical devices do not require passwords so that they are easier for the patients to operate.
Up to now, security has not been the main concern of the medical industry.
Data retrieved from the medical devices is stored in the cloud.
Many medical devices rely on wireless technology and they are not all capable of supporting strong
encryption.
Most medical devices use low power CPU that cannot handle data encryption.
23 - What is a concern when a company has a cloud-based infrastructure as part of its IT
infrastructure?
Email becomes more prone to attack.
Software as a service (SaaS) is not easy to implement.
The company shares the security footprint with other companies.
More downtime is possible as a result of the borderless infrastructure.

24 - A company uses a cloud-based payroll system. Which cloud computing technology is this
company using?
browser as a service (BaaS)
infrastructure as a service (IaaS)
software as a service (SaaS)
wireless as a service (WaaS)

25 - What was used as a cyberwarfare weapon to attack a uranium enrichment facility in Iran?
DDoS
PSYOPS
Stuxnet
SQL injection