(Prelims) Information Assurance and Security Mocktest BSIT 604

33 views • 92 questions • 20 d ago

Question list

It is the state of the well-being of information and infrastructure in which the possibility of theft, tampering, or disruption of information and services is kept low or tolerable. It is the protection or safeguarding of information systems that use, store, and transmit information from unauthorized access, disclosure, alteration, and destruction.

Information security

It is a specification of how objects in a security domain are allowed to interact.

Security policy

"It is the assurance that the information is accessible only to authorized people." What Element of Information Security is being described?

Confidentiality

"It is the trustworthiness of data or resources in the prevention of improper and unauthorized changes" What Element of Information Security is being described?

Integrity

"The characteristic of communication, documents, or any data that ensures the quality of being genuine or uncorrupted. The major role of authentication is to confirm that a user is authentic." What Element of Information Security is being described?

Authenticity

"A guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message" What Element of Information Security is being described?

Non-repudiation

What are the three (3) components that define the security of any System?

Functionality, Usability, Security

It originates from the notion that a target system stores or processes something valuable, which leads to the threat of an attack on the system

Motive

This is when the reason to attack may be to disrupt the target’s organization’s business operations, to steal valuable information for the sake of curiosity, or even to enact revenge

Goal

"The intercepting and monitoring of network traffic and data flow on the target network and not tampering with the data." What type of attack is being described?

Passive Attacks

Also called the initial phase where attackers gather information about a target system, network, or organization, on network activities using sniffers (tools to intercept and analyze data network traffic)

Reconnaissance

Which is NOT an example of Passive Attacks?

Denial-of-Service (DoS) attack

"The tampering of the data in transit or disrupting communication or services between the systems to bypass or break into secured systems." What type of attack is being described?

Active Attacks

Which is NOT an example of Active Attacks?

Social engineering

"These are performed when the attacker is in close physical proximity to the target system or network. The main goal of performing this type of attack is to gather or modify information or disrupt its access." What type of attack is being described?

Close-in Attacks

Which is the BEST EXAMPLE of Close-in Attacks?

Social engineering

"These are performed by trusted persons who have physical access to the critical assets of the target" What type of attack is being described?

Insider Attacks

Which is NOT an example of Insider Attack?

Denial-of-Service (DoS) attack

"Occur when attackers tamper with hardware or software before installation. They tamper with the hardware or software at its source or when it is in transit." What type of attack is being described?

Distribution Attacks

Which is the BEST EXAMPLE of a Distribution Attack?

Backdoors

"Clients can store sensitive information in the cloud. A flaw in one client’s application cloud could potentially allow attackers to access another client’s data." Which attack access method is being described?

Cloud computing threats

It refers to the on-demand delivery of IT capabilities in which IT infrastructure and applications are provided to subscribers as a metered service over a network

Cloud computing

"An attack that focuses on stealing information from the victim machine without its user being aware of it. These attacks are generally targeted at large companies and government networks." Which attack access method is being described?

Advanced Persistent Threats (APT)

"These are the most prevalent networking threats and are capable of infecting a network within seconds" Which attack access method is being described?

Viruses and Worms

"It is a self-replicating program that produces a copy of itself by attaching to another computer program, boot sector, or document." Which attack access method is being described?

Virus

"It is a malicious program that replicates, executes, and spreads across network connections." Which attack access method is being described?

Worm

"A malware that restricts access to the computer system’s files and folders and demands an online ransom payment to the malware creator(s) in order to remove the restrictions. It is generally spread via malicious attachments to email messages, infected software applications, infected disks, or compromised websites." Which attack access method is being described?

Ransomware

"Users may download malware-infested applications (APKs) onto their smartphones, which can damage other applications and data or reveal sensitive information to attackers." Which attack access method is being described?

Mobile Threats

"A huge network of compromised systems used by attackers to perform Denial-of-Service attacks. Bots perform tasks such as uploading viruses, sending emails with botnets attached to them, stealing data, and so on." Which attack access method is being described?

Botnet

"The practice of sending an illegitimate email falsely claiming to be from a legitimate site in an attempt to acquire a user’s personal or account information. This is done by distributing malicious links via some communication channel or email to obtain private information such as account numbers, credit card numbers, and mobile numbers from the victim." Which attack access method is being described?

Phishing

"Attacks such as SQL injection and cross-site scripting have made these applications a favorable target for attackers to steal credentials, set up phishing sites, or acquire private information.." Which attack access method is being described?

Web Application Threats

"Due to hardware constraints such as memory and battery, these applications do not include complex security mechanisms to protect the devices from attacks." Which attack access method is being described?

Internet of Things (IoT) Threats

These are a system of rules and guidelines that are enforced by a particular country or community to govern behavior.

Laws

This is a document established by consensus and approved by a recognized body that provides, for common and repeated use, rules, guidelines, or characteristics for activities or their results, aimed at the achievement of the optimum degree of order in a given context.

Standard

This is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards.

Payment Card Industry Data Security Standard (PCI DSS)

This specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of an organization. It includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.

ISO/IEC 27001:2013

Its Privacy Rule provides federal protections for the individually identifiable health information held by covered entities and their business associates and gives patients an array of rights to that information. At the same time, the Privacy Rule permits the disclosure of health information needed for patient care and other necessary purposes.

Health Insurance Portability and Accountability Act (HIPAA)

In HIPAA, This specifies a series of administrative, physical, and technical safeguards for covered entities and their business associates to use to ensure confidentiality, integrity, and availability of electronically protected health information.

Security Rule

Enacted in 2002, this act aims to protect the public and investors by increasing the accuracy and reliability of corporate disclosures. This act does not explain how an organization must store records but describes the records that organizations must store and the duration of their storage.

Sarbanes-Oxley (SOX) Act

An American copyright law that implements two (2) 1996 treaties from the World Intellectual Property Organization (WIPO): the WIPO Copyright Treaty and the WIPO Performances and Phonograms Treaty.

The Digital Millennium Copyright Act (DMCA)

It was enacted to produce several key security standards and guidelines required by Congressional legislation. This provides a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support federal operations and assets.

The Federal Information Security Management Act (FISMA):

It is one of the most stringent privacy and security laws globally. Though it was drafted and passed by the European Union (EU), it imposes obligations on organizations anywhere, so long as they target or collect data related to people in the EU

General Data Protection Regulation

This sets out the framework for data protection law in the UK. It updates and replaces the Data Protection Act 1998 and came into effect on 25 May 2018. This is an act to make provision for the regulation of the processing of information relating to individuals; to make provision in connection with the Information Commissioner’s functions under specific rules relating to information; to make provision for a direct marketing code of practice and connected purposes

Data Protection Act 2018 (DPA)

It refers to any laws that deal with protecting the Internet and other online communication technologies. This covers topics such as Internet access and usage, privacy, freedom of expression, and jurisdiction.

Cyberlaw or Internet law

It is an efficient and effective way of illustrating how an adversary can attack the target organization.

Cyber Kill Chain

"The adversary has to collect as much information about the target as possible to probe for weak points before actually attacking" What Cyber Kill Chain Phase is being described?

Reconnaissance

"The adversary analyzes the data collected in the previous stage to identify the vulnerabilities and techniques that can be exploited and gain unauthorized access to the target organization " What Cyber Kill Chain Phase is being described?

Weaponization

"The previous stage included creating a weapon. Its payload is transmitted to the intended victim(s) as an e-mail attachment, via a malicious link on websites, or through a vulnerable web application or USB drive" What Cyber Kill Chain Phase is being described?

Delivery

"After the weapon is transmitted to the intended victim, exploitation triggers the adversary’s malicious code to exploit a vulnerability in the operating system, application, or server on a target system." What Cyber Kill Chain Phase is being described?

Exploitation

"The adversary downloads and installs more malicious software on the target system to maintain access to the target network for an extended period. They may use the weapon to install a backdoor to gain remote access" What Cyber Kill Chain Phase is being described?

Installation

"The adversary establishes a two-way communication between the victim’s system and the adversary-controlled server to communicate and pass data back and forth." What Cyber Kill Chain Phase is being described?

Command and Control

"The adversary controls the victim’s system from a remote location and finally accomplishes their intended goals." What Cyber Kill Chain Phase is being described?

Actions on Objectives

Which best describes “tactics, techniques, and procedures” ?

It refer to the patterns of activities and methods associated with specific threat actors or groups of threat actors.

It is defined as a guideline that describes the way an attacker performs their attack from beginning to end.

Tactics

It is defined as the technical methods used by an attacker to achieve intermediate results during their attack

Techniques

It is defined as the organizational approach followed by the threat actors to launch their attack.

Procedures

"usually prefer these services to send malicious data to the target organization or individual. Such socially engineered and are preferred due to their ease of use and comparative anonymity. Examples of this include the sender’s e-mail address, e-mail subject, and attachments or links." What Indicators of Compromise is being described?

E-mail Indicators

"Useful for command and control, malware delivery, and identifying details about the operating system, browser type, and other computer-specific information." What Indicators of Compromise is being described?

Network Indicators

"Found by performing an analysis of the infected system within the organizational network. Examples of this include filenames, file hashes, registry keys, DLLs, and mutex." What Indicators of Compromise is being described?

Host-Based Indicators

"Are used to identify specific behavior related to malicious activities, such as code injection into the memory or running the scripts of an application." What Indicators of Compromise is being described?

Behavioral Indicators

It refers to exploiting system vulnerabilities and compromising security controls to gain unauthorized or inappropriate access to system resources.

Hacking

A person who breaks into a system or network without authorization to destroy, steal sensitive data, or perform malicious attacks.

Hacker

Individuals who use their extraordinary computing skills for illegal or malicious purposes. This category of hacker is often involved in criminal activities. They are also known as crackers.

Black Hats

These are individuals who use their hacking skills for defensive purposes.

White Hats, or penetration testers

Individuals who work both offensively and defensively at various times

Gray Hats

Individuals who aim to bring down critical infrastructure for a “cause” and are not worried about facing jail terms or any other kind of punishment.

Suicide Hackers

Unskilled hackers who compromise systems by running scripts, tools, and software developed by real hackers.

Script Kiddies

Individuals with a wide range of skills who are motivated by religious or political beliefs to create the fear of large-scale disruption of computer networks.

Cyber Terrorists

Skilled individuals having expertise in hacking and are employed by the government to penetrate, gain top-secret information from, and damage the information systems of other government or military organizations.

State-Sponsored Hackers

They use hacking to increase awareness of their social or political agendas, as well as to boost their reputations in both online and offline arenas. They promote a political agenda, especially by using hacking to deface or disable websites.

Hacktivist

It is a form of activism in which hackers break into government or corporate computer systems as an act of protest.

Hacktivism

A consortium of skilled hackers having their own resources and funding

Hacker Teams

Individuals who perform corporate espionage by illegally spying on competitor organizations. They focus on stealing critical information such as blueprints, formulas, product designs, and trade secrets

Industrial Spies

Any employee (trusted person) who has access to critical assets of an organization.

Insiders

Groups of individuals or communities that are involved in organized, planned, and prolonged criminal activities

Criminal Syndicates

A group of hackers working together in criminal activities

Organized Hackers

It is the preparatory phase in which an attacker gathers as much information as possible about the target prior to launching the attack. In this phase, the attacker draws on competitive intelligence to learn more about the target. What Hacking Phase is being described?

Reconnaissance

When an attacker is using these techniques, they do not interact with the target directly. Instead, the attacker relies on publicly available information, news releases, or other non-contact methods.

Passive Reconnaissance

When an attacker is using these on the other hand, involve direct interactions with the target system by using tools to detect open ports, accessible hosts, router locations, network mapping, details of operating systems, and applications.

Active Reconnaissance

This is the phase immediately preceding the attack. Here, the attacker uses the details gathered during reconnaissance to scan the network for specific information. What Hacking Phase is being described?

Scanning

This detect listening ports to find information about the nature of services running on the target machine

Port scanners

This is the phase in which real hacking occurs. Attackers use vulnerabilities identified during the reconnaissance and scanning phases to gain access to the target system and network. What Hacking Phase is being described?

Gaining Access

Using a technique called _____ to exploit the system by pretending to be a legitimate user or a different system, attackers can send a data packet containing a bug to the target system to exploit a vulnerability.

Spoofing

This attack attempt to cause users on a network to flood each other with data, making it appear as if everyone is attacking each other, and leaving the hacker anonymous.

Smurf attacks

is the phase when the attacker tries to retain their ownership of the system. What Hacking Phase is being described?

Maintaining Access

Attackers who choose to remain undetected remove evidence of their entry and install a ______ to gain repeat access.

Backdoor or a Trojan

This refers to the activities carried out by an attacker to hide malicious acts What Hacking Phase is being described?

Clearing Tracks

This is the process of hiding data in other data, for instance, in image and sound files.

Steganography

The practice of employing computer and network skills to assist organizations in testing their network security for possible loopholes and vulnerabilities

Ethical Hacking

This team works together to perform a full-scale test covering all aspects of the network, as well as physical and system intrusion.

Tiger Team

It is the use of advanced Google search operators for creating complex search queries to extract sensitive or hidden information.

Google hacking

It is the art of creating complex search engine queries. Queries can retrieve valuable data about a target company from Google search results.

Advanced Google hacking

The Contemporary World Mock test (Prelims)

Xai Alexandrei Delos Reyes · 58 questions · 2 y ago

The Contemporary World Mock test (Prelims)