|
Which of the following terms would best match this definition: Transforms a message or data file in such a way that |
encryption |
|
An original message or file that has not yet been encrypted is referred to as ciphertext. |
false |
|
A cryptographic ________ is a word, number, or phrase that must be known to encrypt or decrypt data. |
key |
|
There are various encryption methods, but __________ is the encryption standard currently used worldwide. |
AES |
|
A cryptographic __________ is a procedure for encryption or decryption. |
algorithm |
|
Which of the following is not an example of an authentication protocol? |
password, PINs, fingerprint scanner |
|
The single most effective security measure for digital devices is to password protect access to them. |
true |
|
Passwords used as encryption ________ help to make hijacked data unusable. |
keys |
|
Android devices automatically encrypt data stored on the device when a user activates the login password. |
false |
|
It is not possible to encrypt a Windows hard drive volume. |
false |
|
OS X devices include a utility that automatically encrypts data stored locally. |
true |
|
A(n) _______ password is difficult to hack. |
strong |
|
Conventional wisdom tells us that strong passwords are at least _____ characters in length and include one or |
eight |
|
Which of the following type of attack uses passwordcracking software to generate every possible combination of |
brute force |
|
Which of the following is not a characteristic of a weak password? |
eight characters in length and include one or more uppercase letters, numbers and symbols |
|
Brute force attacks methodically try every possible password until the correct one is found |
true |
|
Password _________ is a measure in bits of a password’s unpredictability. |
entropy |
|
Password entropy is a measure in _____ of a password’s unpredictability |
bits |
|
If you want to store passwords on your digital device, make sure to _________ the file in which they are stored. |
encrypt |
|
If you feel more secure with a totally random and unique password for each of your logins, then a(n) |
password manager |
|
The core function of a password manager is to store user IDs with their corresponding ________. |
passwords |
|
Password managers can generate unique passwords that have very good entropy |
true |
|
Password managers store passwords in a(n) _________ file |
enrypted |
|
If you use a password manager, what do you as the user need to remember? |
the master password |
|
A password manager can store passwords in an encrypted file located at which of the following storage locations? |
local storage, cloud storage, USB storage |
|
________ refers to any computer program designed to surreptitiously enter a digital device. |
malware |
|
The action carried out by malware code is referred to as a(n) _______. |
payload |
|
Common classifications of _________ include viruses, worms, and trojans. |
malware |
|
A computer _________ is a set of selfreplicating program instructions that surreptitiously attaches itself to a |
virus |
|
n addition to replicating itself, a virus selfdistributing. |
false |
|
Viruses spread themselves from one device to another |
false |
|
__________ is the process of modifying an executable file or data stream by adding additional commands |
code injection |
|
What is the process called when an app from a source other than an official app store is installed on a device? |
side-loading |
|
any code that is designed to hide the existence of processes and privileges is referred to as a(n) _______. |
rootkit |
|
A key characteristic of viruses is their ability to lurk in a device for days or months, quietly replicating themselves. |
true |
|
A computer _______ is a selfreplicating, selfdistributing program designed to carry out unauthorized activity on a |
worm |
|
. Which of the following is not a characteristic of a computer worm? |
spread through a process called side-loading |
|
Stuxnet is a notorious computer _______. |
worm |
|
Similar to a worm, a trojan is not designed to spread itself to other devices. |
false |
|
Most trojans are not designed to replicate themselves |
true |
|
A(n) __________ is a computer program that seems to perform one function while actually doing something else. |
trojan |
|
_________ are standalone programs that masquerade as useful utilities or applications |
trojan |
|
Trojans depend on ________ to spread. |
social engineering |
|
A(n) _________ is designed to deliver malicious code into a device. |
dropper |
|
Any data entering a digital device could be malware. |
true |
|
The best defense against malware is _____________ |
antivirus software |
|
A virus __________ is a section of program code that contains a unique series of instructions known to be part of |
signature |
|
Antivirus software can use techniques called__________ to detect malware by analyzing the characteristics and |
heuristic analysis |
|
One method of heuristic analysis allows the suspicious file to run in a guarded environment called a(n) |
sandbox |
|
Heuristics may produce false positives that mistakenly identify a legitimate file as malware |
true |
|
When antivirus software detects malware, which of the following would not be a course of action you could take? |
conduct a heuristic analysis |
|
Once you have installed antivirus software, you don’t typically need to keep it running full time in the background |
false |
|
A virus __________ usually arrives as an email message that contains warnings about a supposedly new virus. |
hoax |
|
A(n) ________________ takes place when an unauthorized person gains access to a digital device by using an |
online intrusion |
|
Which of the following sequence of events best describes an online intrusion? |
malware enters the device, then opens a backdoor, leading to an open communication link on the device that a hacker can exploit |
|
A ___________ is malware that arrives in a trojan disguised as legitimate software and sets up a secret |
RAT |
|
A(n) __________ is an undocumented method of accessing a digital device. |
backdoor |
|
RATs can be used to create a backdoor to a victim’s device that takes control of the device’s camera. |
true |
|
If you are traveling and expect to access files on a computer that you’ve left at home, make sure the remote |
false |
|
Which type of device is the top target for ransomware? |
smartphones |
|
___________ locks a device and then requests payment for an unlocking code |
ransomware |
|
Hackers who gain control over several computers can organize them into a clientserver network known as a(n) |
botnet |
|
A botnet has a server that is controlled by hackers. |
true |
|
______ can be used to flood a Web site with so much traffic that it can no longer provide its intended service |
DDoS, botnets, and commands from a botmaster |
|
Correctly installed antivirus software will prevent all intrusions. |
false |
|
Antivirus software cannot be expected to block threats that do not arrive in the form of malware. |
true |
|
A(n) ______________ attack exploits previously unknown vulnerabilities in software applications, hardware, and |
zero-day |
|
_____________ software shields certain applications against behaviors commonly exhibited by intrusions |
anti-exploit |
|
Hackers can use ports to communicate with devices in botnets |
true |
|
A(n) __________ pings a packet of data to a port in order to see if that port is open or not. |
port scan |
|
. A network utility called ______________ produces a detailed list of open ports on a device. |
netstat |
|
A(n) __________ is a device or software that is designed to block unauthorized access while allowing authorized |
firewall |
|
Which of the following can be used to block unauthorized access while allowing authorized communications on a |
network router, personal firewall and hardware that uses a NAT |
|
Any software that secretly gathers personal information without the victim’s knowledge is classified as |
spyware |
|
Which of the following would be considered spyware? |
a keylogger |
|
MITM attacks include which of the following |
address spoofing, IMSI catchers, evil twins |
|
The objective of a MITM attack is for a third party to block communications between two entities. |
false |
|
A(n) _____________ is a LAN server that is designed to look like a legitimate WiFi hotspot |
evil twin |
|
To establish a(n) ________, hackers set up an unsecured WiFi hotspot complete with an Internet connection. |
evil twin |
|
__________ changes an originating address or a destination address to redirect the flow of data between two |
address spoofing |
|
If a hacker intercepts encrypted data by way of a MITM attack, the contents of that data is not always secure. |
true |
|
The current method of encrypting communication between a client and a server depends on a security protocol |
TLS |
|
_______ is a 64bit number that uniquely identifies a cellular device. |
IMSI |
|
IMSI catchers are operated by cellular service companies. |
false |
|
______________ is a deceptive practice that exploits human psychology by inducing victims to interact with a |
social engineering |
|
____________ is a term for a person who devises and carries out a scam in order to accomplish a goal. |
NOT main-in-the-middle, internet worm or RAT |
|
Social engineering attacks prey on human vulnerabilities |
true |
|
A social engineering scam called ___________ is when a victim is promised a large sum of money in exchange |
advance fee fraud |
|
__________ is defined as unsolicited messages that are usually sent in massive numbers using electronic mail |
spam |
|
Spam sent by scammers often uses spoofed email addresses. |
true |
|
Most massmailing databases are legitimately compiled from customer lists. |
false |
|
Spam accounts for approximately ______ of all email. |
70% |
|
The CANSPAM Act is considered an effective means of controlling the volume of spam on the Internet. |
false |
|
___________ is a term describing spam that uses a false pretext to trick victims into participating. |
pretexting |
|
Most ISPs and email services do not use filtering techniques to block spam. |
false |
|
A spam __________ uses a set of rules to examine email messages and determine which are spam. |
filter |
|
Which of the following is not a type of spam filter? |
entropy |
|
Blacklist and header filtering is usually performed by email clients and Webmail services. |
false |
|
. ________ is an email scam that masquerades as a message from a legitimate source. |
phishing |
|
_________ redirects Web site traffic to fraudulent Web sites |
pharming |
|
Pharming attacks carried out by DNS spoofing can be detected by antivirus software or spyware removal |
false |
|
____________ is a service offered by Google that checks URLs against a list of suspicious Web site URLs. |
safe browsing |
|
Microsoft uses a service called Safe Browsing to alert users about sites to avoid. |
false |
|
. A ______________ exploit usually begins with a virus warning and an offer to disinfect the infected device. |
rogue antivirus |
|
The most common types of PUPs and PUAs are toolbars and alternative browsers. |
true |
|
What is the term used to describe unwanted software that installs along with the application software that you |
PUP |
Share This
Flashcard
