Cybersecurity Final Exam
1 - What is cybersecurity?
the use of
satellites to spy on malicious users
efforts to
prevent people from becoming hackers
the act of
securing the Internet
the protection of cyberspace
2 - What is the purpose of a
reconnaissance attack on a computer network?
to steal
data from the network servers
to redirect
data traffic so that it can be monitored
to prevent
users from accessing network resources
to gather information about the target network and system
3 - When an organization is developing
cybersecurity procedures, what else, besides technology, must be considered to
ensure that the procedures are effective?
user
authentication
closed
circuit TVs
user behavior
more
security personnel
4 - An attacker sends a piece of malware as an
email attachment to employees in a company. What is one probable purpose of the
attack?
searching and obtaining trade secrets
cracking
the administrator password for a critical server
probing
open ports on the firewall on the border network
denying
external access to a web server that is open to the public
5 - When describing malware, what is a difference
between a virus and a worm?
A virus
focuses on gaining privileged access to a device whereas a worm does not.
A virus can
be used to deliver advertisements without user consent whereas a worm cannot.
A virus replicates itself by attaching to another file whereas a worm
can replicate itself independently.
A virus can
be used to launch a DoS attack (but not a DDoS), but a worm can be used to launch
both DoS and DDoS attacks.
6 - Which example illustrates how malware might
be concealed?
A worm is
launched with the objective of deleting key operating system files on company
file and web servers.
A virus
spreads in an organization with the objective to obtain the email contacts from
employee workstations.
An attack
is launched against a public website of an online retailer with the objective
of blocking its response to visitors.
An email is sent to the employees of an organization with an attachment
that looks like an antivirus update, but the attachment actually consists of
spyware.
7 - Fill in the blank.
You need to
put the word: Cybersecurity
8 - What type of attack uses multiple sources
in an effort to render a target system unusable?
spam
phishing
DDoS
cyberfraud
9 - What type of software are Zeus and SpyEye
classified as?
malware
DDoS
launcher
antiphishing
software
intrusion
detection applications
10 - What was the first banking technology that
used a PIN to authenticate customers?
Internet
banking
Mobile
banking
Computer
banking
automatic teller machines
11 - True or False? Phone phreaking was the
start of what is known as hacking.
true
false
12 - What is an example of cyber kill chain?
a group of
botnets
a planned process of cyberattack
a series of
worms based on the same core code
a
combination of virus, worm, and Trojan Horse
13 - True or False? Losing data to an
attacker can cause more damage to a company than losing money can.
true
false
14 - What device passively monitors network
traffic for anomalies that can indicate an attack?
switch
IDS
bridge
web proxy
15 - What is cyberwarfare?
It is an
attack only on military targets.
It is an attack designed to disrupt, corrupt, or exploit national
interests.
It is an
attack on a major corporation.
It is an
attack that only involves robots and bots.
16 - True or False? In wartime, cyberattacks are considered a criminal
act, not an act of war.
true
false
17 - What is the best method of information
gathering and analysis when tracking a global security threat?
using
historical data
using real-time data
using
tracking reports
using a
honeynet or honeypot
18 - What term is used to describe a single
threat that represents multiple types of attack?
vector
attack
blended threat
virus
attack
diversified
threat
19 - True or False? Security conscious organizations
are safe from cyberattacks.
true
false
20
The Correct Answer: Architecture
21 - Who is responsible for enabling and
maintaining a secure environment within a large organization?
only the IT
department
all of the
customers and clients of the organization
Only the
Chief Security Officer
employees at all levels within the organization
only the
Chief Operations Officer
22 - What are two reasons that medical devices
are easily compromised and hacked? (Choose two.)
Many
medical devices have plastic covers that make them more susceptible to wireless
hacking.
Medical
devices do not require passwords so that they are easier for the patients to
operate.
Up to now, security has not been the main concern of the medical
industry.
Data
retrieved from the medical devices is stored in the cloud.
Many medical devices rely on wireless technology and they are not all
capable of supporting strong encryption.
Most
medical devices use low power CPU that cannot handle data encryption.
23 - What is a concern when a company has a
cloud-based infrastructure as part of its IT infrastructure?
Email
becomes more prone to attack.
Software as
a service (SaaS) is not easy to implement.
The company shares the security footprint with other companies.
More
downtime is possible as a result of the borderless infrastructure.
24 - A company uses a cloud-based payroll
system. Which cloud computing technology is this company using?
browser as a service (BaaS)
infrastructure as a service (IaaS)
software as a service (SaaS)
wireless as
a service (WaaS)
25 - What was used as a cyberwarfare weapon to
attack a uranium enrichment facility in Iran?
DDoS
PSYOPS
Stuxnet
SQL
injection