Chapter 6 Malware, Other Attacks, & Social Engineering

Which of the following types of malware is the MOST difficult to reverse engineer? A.Logic bomb B.Trojan virus C.Armored virus D.Ransomware

Recently, malware on a company computer destroyed several important files after it detected that Homer was no longer employed at the company. Which of the following BEST identifies this malware? A.Logic bomb B.Trojan virus C.Armored virus D.Ransomware

A recent antivirus scan on a server detected a Trojan. A technician removed the Trojan, but a security administrator expressed concern that unauthorized personnel might be able to access data on the server. The security administrator decided to check the server further. Of the following choices, what is the administrator MOST likely looking for on this server? A.Backdoor B.Logic bomb C.Rootkit D.Botnet

After Maggie turned on her computers, she saw a message indicating that unless she made a payment, her hard drive would be formatted. What does this indicate? A.Armored virus B.Ransomware C.Backdoor D.Trojan

A security administrator recently noticed abnormal activity on a workstation. It is connecting to computers outside the organization’s internal network, using uncommon ports. Using security toolkit, the administrator discovered the computer is also running several hidden processes. Which of the following choices BEST indicates what the administrator has found?? A.Rootkit B.Backdoor C.Spam D.Trojan

What type of malware sued marketing pop-us and does not attempt to hide itself? A.Blocker B.Rootkit C.Trojans D.Adware

Of the following malware types, which one is MOST likely to monitor a user’s computer? A.Trojan B.Spyware C.Adware D.Ransomware

Lisa a database administrator and received a phone call form someone identifying himself as a technician working with a known hardware vendor. The technician said he’s aware of a project with database servers they’ve sold, but it only affects certain operating system versions. He asks Lisa what operating system the company is running on its database servers. Which of the following choices is the BEST response from Lisa? A.Let the caller know hat operating system & version are running on the database servers to determine if any further action is needed B.Thank the caller & end the call, report the call to her supervisor, and independently check the vendor for issues C.Ask the caller for his phone number so that she can call him back after checking the servers. D.Contact law enforcement personnel.

A security administrator at a shopping mall discovered two wireless cameras pointing at an automatic teller machine. These cameras were not installed by mall personnel and are not authorized. What is the MOST likely goal of these cameras? A.Tailgating B.Dumpster diving C.Vishing D.Shoulder surfing

Bart is in a break area outside the office. He told Lisa that he forgot his badge inside and asked Lisa to let him follow her when she goes back inside. What does this describe? A.Spear phishing B.Whaling C.Mantrap D.Tailgating

An organization’s security policy requires employees to incinerate paper documents. Of the following choices, which type of attack is this MOST likely to prevent? A.Shoulder surfing B.Tailgating C.Vishing D.Dumpster diving

While cleaning out his desk, Bart threw several papers containing PII into the recycle bin. Which type of attack can exploit this action? A.Vishing B.Dumpster diving C.Shoulder surfing D.Tailgating

Marge reports that she keeps receiving unwanted s about personal loans. What does this describe? A.Phishing B.Sear phishing C.Spam D.Vishing

A recent spear phishing attack that appeared to come from your organization’s CEO resulted in several employees revealing their passwords to attackers. Management wants to implement a security control to provide assurances to employees that that appears to come from the CEO actually came from the CEO. Which of the following should be implemented? A.Phishing B.Sear phishing C.Spam D.Vishing

Attackers are targeting C-level executives in your organization. Which type of attack is this? A.Phishing B.Vishing C.Spam D.Whaling

You manage a group of computers in an isolated network without Internet access. You need to update the antivirus definitions manually on these computers. Which of the following choices is the MOST important concern? A.Running a full scan of the systems before installing the new definitions B.Running a full scan of the systems after installing he new definitions C.Ensuring the definition file hash is equal to the has on the antivirus vendor’s web site D.Ensuring the update includes all signature definitions

A user wants to reduce the threat of an attacker capturing her personal information while she surfs the Internet. Which of the following is the BEST choice? A.Antivirus software B.Anti-spyware software C.Pop-up blocker D.Whitelisting

Bart is complaining that new browser windows keep opening on his computer. Which of the following is the BEST choice to stop these in the future? A.Malware B.Adware C.Pop-up blocker D.Antivirus software

Your organization recently suffered a loss from malware that wasn’t previously known by any trusted sources. Which type of attack is this? A.Phishing attack B.Zero-day C.Buffer overflow D.Integer overflow

Homer received an advertising the newest version of a popular smartphone, which is not available elsewhere. It includes a malicious link. Which of the following principles is the author using? A.Authority B.Intimidation C.Scarcity D.Trust

Bart installed code designed to enable his account automatically, three days after anyone disables it. What does this describe? A.Logic bomb B.Rootkit C.Armored virus D.Ransomware

Marge reports that she keeps receiving unwanted s about personal loans. What does this describe? A.Phishing B.Spear phishing C.Spam D.Vishing

A user complains that his system is no longer able to access the blogs.getcertifiedahead.com site. Instead, his browser goes to a different site. After investigation, you notice the following entries in the user’s hosts file: localhost blogs.getcertifiedgetahead.com What is the BEST explanation for this entry? A.A pharming attack B.A whaling attack C.Session hijacking D.A phishing attack

A recent change in an organization’s security policy states that monitors need to be positioned so that they cannot be viewed from outside any windows. What is the purpose of this policy? A.Reduce success of phishing B.Reduce success of shoulder surfing C.Reduce success of dumpster diving D.Reduce success of impersonation

An attacker is able to access contact lists on your smartphone. What type of attack is this? A.Bluesnarfing B.War chalking C.War driving D.Bluejacking

You want to implement a security control that limits the amount of tailgating in a high-security environment. Which of the following protective controls would you use? A.Swipe cards B.Mantrap C.Locked door D.CMOS settings

Your manager has ensure that a policy is implemented that requires all employees to shred sensitive documents. What type of attack is your manager hoping to prevent? A.Tailgating B.Denial of service C.Social engineering D.Dumpster diving

Which of the following best describes a zero-day attack? A.An attack that modifies the source address of the packet B.An attack that changes the computer’s system date to 00/00/00 C.An attack that never happens D.An attack that uses an exploit that the product vendor is not aware of yet

Which of the following best describes a zero-day attack? A.An attack that modifies the source address of the packet B.An attack that changes the computer’s system date to 00/00/00 C.An attack that never happens D.An attack that uses an exploit that the product vendor is not aware of yet

Three employees within the company have received phone calls from an individual asking about personal finance information. What type of attack is occurring? A.Phishing B.Whaling C.Tailgating D.Vishing

Tom was told to download a free tax program to complete his taxes this year. After downloading and installing the software, Tom notices that his system is running slowly and he is receiving notification from his antivirus software. What type of malware has he installed? A.Keylogger B.Trojan C.Worm D.Logic bomb

Jeff recently reports that he is receiving a large number of unsolicited text messages to his phone. What type of attack is occurring? A.Bluesnarfing B.Whaling C.Bluejacking D.Packet sniffing

You arrive at work today to find someone outsie the building digging through her purse. As you approach the door, the person says, “I forgot my pass at home. Can I go in with you?” What type of attack could be occurring? A.Tailgating B.Dumpster diving C.Brute force D.Whaling

Your manager has requested that the combo pad locks used to secure different areas of the company facility be replaced with electronic swipe cards. What type of social engineering attack is your manager hoping to avoid with this change? A.Hoaxes B.Tailgating C.Dumpster diving D.Shoulder surfing

Which of the following actions would not reduce the likelihood of malware infection (Choose all that apply.) A.Keeping virus definitions up to date B.Scanning removable media C.Encrypting hard disk contents D.Using NAT-capable routers

A user complains that his system has all of a sudden become unresponsive and ads for various products and services are popping up on the screen and cannot be closed. Which user actions could have led to this undesirable behavior? (Choose all that apply.) A.Clicking a web search result B.Viewing a web page C.Watching a movie in AVI file format D.Inserting a USB flash drive

What type of malware dynamically alters itself to avoid detection? A.Chameleon malware B.Polymorphic malware C.Changeling malware D.Armored virus

While attempting to access documents in a folder on your computer, you notice all of your files have been replaced with what appear to be random filenames. In addition, you notice a single text document containing payment instruction that will result in the decryption of your files. What type of malicious software is described in this scenario? A.Cryptoware B.Malware C.Criminalware D.Ransomware

While attempting to access documents in a folder on your computer, you notice all of your files have been replaced with what appear to be random filenames. In addition, you notice a single text document containing payment instruction that will result in the decryption of your files. What type of malicious software is described in this scenario? A.Cryptoware B.Malware C.Criminalware D.Ransomware

Which of the following is true regarding Trojan software? A.It secretly gathers user information B.It is self-replicating C.It can be propagated through peer- to-peer file sharing networks D.It automatically spreads through Windows file and print sharing networks

Juanita uses the Firefox web browser on her Linus workstation She reports that her browser home page keeps changing to web sites offering savings on consumer electronic products. Her virus scanner is running and is up to date. What is causing this problem? A.Firefox on Linux automatically changes the home page every two days B.Juanita is experiencing a denial-of-service attack C.Juanita’s user account has been compromised D.Juanita’s browser configuration is being changed by adware

Which of the following items are affected by spyware? (Choose two.) A.Memory B.IP address C.Computer name D.Network bandwidth

Windows 8 User Account Control (UAC) allows users to change Windows setting but displays prompts when applications attempt to configure the operating system. Which of the following is addressed by UAC? A.Privilege escalation B.Adware C.Spyware D.Worms

A piece of malicious code uses dictionary attacks against computers to gain access to administrative accounts. The code then links compromised computers together for the purpose of receiving remote commands. What term best applies to this malicious code? A.Exploit B.Botnet C.Logic bomb D.Backdoor

The Stuxnet attack was discovered in June Its primary function is to hide its presence while reprogramming industrial computer systems. The attack is believed to be spread through USB flash drives, where it transmits copies of itself to other hosts. To which of the following does Stuxnet apply? (Choose two.) A.Rootkit B.Spam C.Worm D.Adware

Discovered in 1991, the Michelangelo virus was said to be triggered to overwrite the first 100 hard disk sectors with null data each year on March 6, the date of the Italian artist’s birthday. What type of virus is Michelangelo? A.Zero day B.Worm C.Trojan D.Logic bomb

Botnets can be used to set what type of coordinated attack in motion? A.DDos B.Cross-site scripting C.Privilege escalation D.Rootkit

What is defined as the transmission of unwelcome bulk messages? A.Worm B.Ping of death C.Spam D.DOS

Which of the following are not considered serious cell phone threats? (Choose two.) A.Hackers with the right equipment posing as cell towers B.Having Bluetooth enabled C.Changing the boot order D.Spyware

An exploit connects to specific TCP port and presents the invoker with an administrative command prompt. What type of attack is this? A.Botnet B.Trojan C.Privilege escalation D.Logic bomb

Which type of threat is mitigated by shredding paper documents? A.Rootkit B.Spyware C.Shoulder surfing D.Physical

One of your users, Christine, reports that when she visits web sites, pop-up advertisements appear incessantly. After further investigation, you learn one of the web sites she had visited had infected Flash code. Christine asks what the problem was. What do you tell her caused the problem? A.Cross-site scripting B.Worm C.Adware D.Spyware