how many different microsoft windows file types can be infected with a virus?


S
Asked by 3 years ago
9.9k points
All In information security, what constitutes a loss?All of the above
A situation that involves exposure to dangerRisk
A premeditated, politically motivated attack against information, computer systems, computer programs, and data, which often results in violencecyberterrorism
A person or element that has the power to carry out a threatThreat agent
The means by which an attack could occurthreat vector
An item that has value.asset
Automated attack package that can be used without an advanced knowledge of computersexploit kit
A type of action that has the potential to cause harm.threat
A flaw or weakness that allows a threat agent to bypass securityvulnerability
Attacker who attacks for ideological reasons that are generally not as well defined as a cyberterrorist's motivationhactivist
Automated attack package that can be used without an advanced knowledge of computersexploit kit
A security administrator has both technical knowledge and managerial skills.True
What information security position reports to the CISO and supervises technicians, administrators, and security staff?Manager
Security is the goal to be free from danger as well as the process that achieves that freedom.True
The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.Gramm-Leach-Bliley
An _______________ is a type of threat that can come from employees, contractors, and business partners, such as a disgruntled worker.Insider
Which of the three protections ensures that only authorized parties can view information?Confidentiality
Today's software attack tools do not require any sophisticated knowledge on the part of the attacker.True
The security protection item that ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter is known as?Authentication
Select below the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.Integrity
Which term below is frequently used to describe the tasks of securing information that is in a digital format?information security
In what kind of attack can attackers make use of hundreds of thousands of computers under their control in an attack against a single server or network?distributed
What country is now the number one source of attack traffic?Indonesia
What term is used to describe a loose network of attackers, identity thieves, and financial fraudsters?Cybercriminals
The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.True
What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?Identity thef
Under which law are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?HIPAA
Which position below is considered an entry-level position for a person who has the necessary technical skills?security technician
According to the U.S. Bureau of Labor Statistics, what percentage of growth is the available job outlook supposed to reach by the end of the decade?22
To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack?Love Bug
What kind of server connects a remote system through the Internet to local serial ports using TCP/IP?Serial server
Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?$1,500,000
In information security, an example of a threat agent can be ____.All of the above
Proper ________________ involves identifying risks but making the decision to not engage in the activity.risk avoidance
Script kiddies acquire which item below from other attackers to easily craft an attack:Exploit kit
Select below the term that is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so:Script kiddies
The demand for certified IT professionals who know how to secure networks and computers is at an all-time low.False
Which of the following is not one of the four methods for classifying the various types of malware?Source
A virus that infects an executable program file is known asprogram virus
What kind of software program delivers advertising content in a manner that is unexpected and unwanted by the user, and is typically included in malware?Adware
A macro is a series of instructions that can be grouped together as a single command.True
Successful attacks on computers today consist of a single element, malicious software programs that are created to infiltrate computers with the intent to do harm.False
The two types of malware that require user intervention to spread are:Viruses and trojans
What type of undocumented yet benign hidden feature launches after a special set of commands, key combinations, or mouse clicks, and was no longer included in Microsoft software after the start of their Trustworthy Computing initiative?Easter egg
Because of how a rootkit replaces operating system files, it can be difficult to remove a rootkit from a system.True
A series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks are known as:macro
What type of attack is targeted against a smaller group of specific individuals, such as the major executives working for a manufacturing company?Watering Hole
The physical procedure whereby an unauthorized person gains access to a location by following an authorized user is known as?Tailgating
What is the term used to describe unsolicited messages received on instant messaging software?Spim
How many different Microsoft Windows file types can be infected with a virus?70
What term below is used to describe a means of gathering information for an attack by relying on the weaknesses of individuals?Social engineering
Software keyloggers are programs that silently capture all keystrokes, including passwords and sensitive information.True
What type of system security malware allows for access to a computer, program, or service without authorization?Backdoor
Select below the type of malware that appears to have a legitimate use, but actually contains or does something malicious:Trojan
What type of malware is heavily dependent on a user in order to spread?virus
Computer code that is typically added to a legitimate program but lies dormant until it is triggered by a specific logical event is known as a?logic bomb
Spreading similarly to a virus, a worm inserts malicious code into a program or data file.false
What type of malware consists of a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms?rootkitv
One of the armored virus infection techniques utilizes encryption to make virus code more difficult to detect, in addition to separating virus code into different pieces and inject these pieces throughout the infected program code. What is the name for this technique?Swiss cheese
Malware that locks or prevents a device from functioning properly until a fee has been paid is known as:Ransomware
A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.Adware
Computer code that lies dormant until it is triggered by a specific logical eventLogic bomb
A logical computer network of zombies under the control of an attacker.Botnet
A false warning designed to trick users into changing security settings on their computerHoax
A phishing attack that uses telephone calls instead of e-mails.Vishing
Software code that gives access to a program or a service that circumvents normal security protections.Backdoor
A computer virus that is written in a script known as a macroMacro virus
Software or a hardware device that captures and stores each keystroke that a user types on the computer's keyboard.Keylogger
A phishing attack that targets only specific usersSpear phishing
Malicious computer code that, like its biological counterpart, reproduces itself on the same computer.Computer virus
Which of the following is malicious computer code that reproduces itself on the same computer?virus
How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?DNS poisoning
Which type of attack below is similar to a passive man-in-the-middle attack?replay
Which SQL injection statement example below could be used to discover the name of the table?whatever' AND 1=(SELECT COUNT(*) FROM tabname); -
Select below the string of characters that can be used to traverse up one directory level from the root directory:../`
On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?Privilege escalation
Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?whatever' AND email IS NULL; --
What language below is designed to display data, with a primary focus on how the data looks?HTML
To what specific directory are users generally restricted to on a web server?root
Attacks that take place against web based services are considered to be what type of attack?server-side
Which SQL injection statement can be used to erase an entire database table?whatever'; DROP TABLE members; --
Because of the minor role it plays, DNS is never the focus of attacks.False
What portion of the HTTP packet consists of fields that contain information about the characteristics of the data being transmitted?HTTP header
Although traditional network security devices can block traditional network attacks, they cannot always block Web application attacks.True
Choose the SQL injection statement example below that could be used to find specific users:whatever' OR full_name LIKE '%Mia%'
What language below is used to view and manipulate data that is stored in a relational database?SQL
XSS attacks occur when an attacker takes advantage of web applications that accept user input without validating it and then present it back to the user.True
When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:DNS
A user has become compromised as a result of visiting a specific web page, without clicking on any kind of content. What type of attack has occurred?drive-by-download
ARP poisoning is successful because there are few authentication procedures to verify ARP requests and replies.False
The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?C:\Inetpub\ wwwroot
An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets.Ping flood
Injecting and executing commands to execute on a serverCommand injection
An attack that corrupts the ARP cacheARP Poisoning
A form of verification used when accessing a secure web applicationSession token
An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage bufferBuffer overflow attack
An attack that broadcasts a ping request to computers yet changes the address so that all responses are sent to the victim.Smurf attack
nother name for locally shared object (LSO).Flash cookie
Part of the TCP/IP protocol for determining the MAC address based on the IP address.Address Resolution Protocol (ARP)
An attack that substitutes DNS addresses so that the computer is automatically redirected to an attacker's device.DNS poisoning
An attack that injects scripts into a web application server to direct attacks at clients.Cross-site scripting (XSS)
An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:Session hijacking
What language below is for the transport and storage of data, with the focus on what the data is?XML
The exchange of information among DNS servers regarding configured zones is known as:zone transfer
HTML uses which option below within embedded brackets (< >) causing a web browser to display text in a specific format?tags
Because the XSS is a widely known attack, the number of Web sites that are vulnerable is very small.False
how many
studybud

Your Answer

Surround your text in *italics* or **bold**, to write a math equation use, for example, $x^2+2x+1=0$ or $$\beta^2-1=0$$

Use LaTeX to type formulas and markdown to format text. See example.

Sign up or Log in

  • Answer the question above my logging into the following networks
Sign in
Sign in
Sign in

Post as a guest

  • Your email will not be shared or posted anywhere on our site
  •  

Stats
Views: 46
Asked: 3 years ago

Related