(Midterms) Information Assurance and Security Mocktest BSIT 604

24回閲覧 • 90問 • 2ヶ月前

問題一覧

It is the potential occurrence of an undesirable event that can eventually damage and disrupt the operational and functional activities of an organization.

Threat

Attackers use this to infiltrate and steal data such as personal information, financial information, and login credentials.

Cyber Threats

Attackers can also use this to perform malicious activities and launch further attacks

Compromised System

"Natural factors such as fires, floods, power failures, lightning, meteors, and earthquakes are potential threats to the assets of an organization. For example, these may cause severe physical damage to computer systems." Which threat source is being described?

Natural Threats

"Examples of these threats include insider-originating security breaches, negligence, operator errors, unskilled administrators, lazy or untrained employees, and accidents." Which threat source is being described?

Unintentional Threats

"These threats are performed by insiders within the organization, such as disgruntled or negligent employees, and harm the organization intentionally or unintentionally. Most of these attacks are performed by privileged users of the network." Which threat source is being described?

Internal Threats

"These attacks are performed by exploiting vulnerabilities that already exist in a network, without the assistance of insider employees. For example, attacks can be performed with the objective of supporting a cause, by competitor companies for corporate espionage, and by countries for surveillance." Which threat source is being described?

External Threats

"These attacks are Implemented by technically skilled attackers, using various tools to gain access to a network to disrupt services. The motivation behind such attacks includes criminal bribes, racism, politics, terrorism, etc. Examples include distributed ICMP floods, spoofing, and simultaneously executing attacks from multiple sources." Which threat source is being described?

Structured External Threats

"Implemented by unskilled attackers, typically script kiddies who may be aspiring hackers, to access networks. Most of these attacks are performed primarily out of curiosity, rather than with criminal intentions. For example, untrained attackers use freely available online tools for attempting a network attack or for crashing a website or other public domains on the Internet." Which threat source is being described?

Unstructured External Threats

It is a piece of malicious software that is designed to perform activities as intended by the attacker, without user consent. This may be in the form of executable code, active content, scripts, or other kinds of software.

Malware

"A program in which malicious or harmful code is contained inside a harmless program or data, which can later gain control and cause damage, such as ruining the file allocation table on a hard disk." What type of Malware is being described?

Trojan

Select ALL TYPES of Trojan

Defacement Trojans, Remote Access Trojans, Backdoor Trojans, Rootkit Trojans, Botnet Trojans

Which statement BEST DESCRIBES how to prevent Trojans

Users should avoid untrusted files, block unused ports, apply system patches, and limit software installations through permission controls. Regular scanning, integrity checks, and the use of antivirus, firewalls, and intrusion detection systems enhance overall protection.

"A self-replicating program that produces its code by attaching copies of itself to other executable code and operates without the knowledge or consent of the user." What type of Malware is being described?

Virus

Select ALL Types of viruses

System or Boot Sector Virus, File Virus, Multipartite Virus, Macro Virus, Cluster Virus, Stealth Virus

"A Standalone malicious programs that replicate, execute, and spread across network connections independently without human intervention." What type of Malware is being described?

Computer Worms

Which statement BEST DESCRIBES how to counter Computer Worms?

Users should install and regularly update antivirus software, avoid suspicious files and email attachments, perform data backups, and scan drives frequently. Additional measures include using pop-up blockers and firewalls, checking media for infections, running weekly cleanups, and being cautious with file types and instant messages.

"A type of malware that restricts access to the infected computer system or critical files and documents stored on it, and then demands an online ransom payment to the malware creator(s) to remove user restrictions." What type of Malware is being described?

Ransomware

Select ALL Examples of Ransomware

Dharma, SamSam, GandCrab, Ryuk, WannaCry

"Software programs designed to gain access to a computer without being detected. They are malware that help attackers gain unauthorized access to a remote system and perform malicious activities. The goal of this is to gain root privileges on a system." What type of Malware is being described?

Rootkit

Which statement BEST DESCRIBES how to counter rootkits?

Users should back up data, reinstall software from trusted sources, patch systems regularly, and use up-to-date antivirus software with rootkit protection. Additional safeguards include enforcing the least privilege principle, disabling unused services, using firewalls and two-step authentication, scanning systems periodically, and avoiding risky online behavior during active sessions.

"A stealthy computer monitoring software that allows secret recording of all user activities on a target computer. It automatically delivers logs to the remote attacker using the Internet (via email, FTP, command and control through encrypted traffic, HTTP, DNS, etc.)" What type of Malware is being described?

Spyware

"Known as junkware, these are potentially harmful applications that may pose severe risks to the security and privacy of data stored in the system where they are installed" What type of Malware is being described?

PUAs or Grayware: Potentially unwanted applications or programs

Select all the Types of PUAs

Adware, Torrent, Marketing, Cryptomining, Dialer

Which statement BEST DESCRIBES how to counter PUAs?

Users should download only from trusted sources, enable detection features in the OS or antivirus software, choose custom installation, and avoid express setup options. Regular updates, firewalls, cautious browsing habits, reading license agreements, and using reliable security tools help block unauthorized installations and prevent phishing-based downloads.

"A software programs or hardware device that record the keys struck on the computer keyboard (also called keystroke logging) of an individual computer user or a network of computers." What type of Malware is being described?

Keylogger

Which statement BEST DESCRIBES how to Defend against Keyloggers?

Users should use anti-spyware, firewalls, updated security software, pop-up blockers, and avoid clicking suspicious links or emails. Additional measures include using on- screen keyboards or password managers, hardware checks, process-monitoring tools, input obfuscation, OTP authentication, encryption, and maintaining updated systems and drivers.

"A collection of compromised computers connected to the Internet to perform a distributed task." What type of Malware is being described?

Botnets

It refers to a program or an infected system that performs repetitive work or acts as an agent or as a user interface to control other programs

Bot

Cyber-criminals who control bots are called

Botmaster

"Also called non-malware, It infects legitimate software, applications, and other protocols existing in the system to perform various malicious activities. This type of malware leverages existing vulnerabilities to infect the system. It generally resides in the system’s RAM. It injects malicious code into running processes." What type of Malware is being described?

Fileless Malware

Which statement BEST DESCRIBES how to counter Fileless Malware?

Users should turn off unused tools like PowerShell, macros, and scripting in browsers, implement whitelisting and two-factor authentication, and monitor systems with User Behavior Analytics (UBA) and endpoint security. Regular system updates, antivirus scans, restricted privileges, behavioral baselining, and the use of AI-powered security tools or managed detection services further strengthen protection against memory-resident and script-based threats.

It refers to a weakness in the design or implementation of a system that can be exploited to compromise the security of the system. It is frequently a security loophole that enables an attacker to enter the system by bypassing user authentication.

Vulnerability

This is the most common vulnerability and is mainly caused by human error, which allows attackers to gain unauthorized access to the system. It may happen intentionally or unintentionally and affect web servers, application platforms, databases, and networks.

Misconfiguration

These are usually user-friendly, especially when the device is being used for the first time, when the primary concern is the usability of the device rather than the device’s security.

Default Installations

These are common software vulnerabilities that happen due to coding errors that allow attackers to gain access to the target system.

Buffer Overflows

An essential component of the infrastructure of any organization. There are several cases where organizations run unpatched and misconfigured servers that compromise the security and integrity of the data in their systems.

Unpatched Servers

Vulnerabilities such as incorrect encryption or poor validation of data, are logical flaws in the functionality of the system that attackers exploit to bypass the detection mechanism and acquire access to a secure system

Design Flaws

Due to vulnerabilities in the operating systems, applications such as trojans, worms, and viruses pose threats. These attacks use malicious code, script, or unwanted software, which results in the loss of sensitive information and control of computer operations.

Operating System Flaws

These should be secured using the validation and authorization of the user. These have security threats such as data tampering and unauthorized access to configuration stores.

Application Flaws

This may lead to the loss of data or DoS attacks and allow attackers to perform further attacks on other connected devices. Administrators must continuously check for unnecessary or insecure ports and services to reduce the risk to the network.

Open Services

When users forget to update their passwords and continue using the default passwords, they make devices and systems vulnerable to various attacks, such as brute force and dictionary attacks. Attackers exploit this vulnerability to obtain access to the system.

Default Passwords

Unknown vulnerabilities in software/hardware that are exposed but not yet patched. The attackers exploit these before being acknowledged and patched by the software developers or security analysts. These vulnerabilities are one of the major cyber threats that continuously expose vulnerable systems until they are repaired.

Zero-Day Vulnerabilities

These are exposed from old or familiar code. However, they could cause costly data breaches for organizations. Using these outdated codes, attackers can easily discover these vulnerabilities in the system or software that are not yet patched.

Legacy Platform Vulnerabilities

This plays a major role in providing security to any organization’s resources and infrastructure from various internal and external threats.

Vulnerability Assessment

Which statement is NOT TRUE about Vulnerability Assessment

It refers to a weakness in the design or implementation of a system that can be exploited to compromise the security of the system

"The attacker interacts directly with the target network to find vulnerabilities. This helps in simulating an attack on the target network to uncover vulnerabilities that the attacker can exploit." Which Vulnerability Assessment Approach is being described?

Active Scanning

"The attacker tries to find vulnerabilities without directly interacting with the target network. The attacker identifies vulnerabilities via information exposed by systems during normal communication" Which Vulnerability Assessment Approach is being described?

Passive Scanning

"A type of vulnerability assessment that uses network scanners to identify the hosts, services, and vulnerabilities present in a network. Active network scanners can reduce the intrusiveness of the checks they perform." Which Type of Vulnerability Assessment is being described?

Active Assessment

"This assessment sniff the traffic present on the network to identify the active systems, network services, applications, and vulnerabilities. This assessments also provide a list of the users who are currently accessing the network." Which Type of Vulnerability Assessment is being described?

Passive Assessment

"This assessment examines the network from a hacker’s point of view to identify exploits and vulnerabilities accessible to the outside world." Which Type of Vulnerability Assessment is being described?

External Assessment

"This involves scrutinizing the internal network to find exploits and vulnerabilities." Which Type of Vulnerability Assessment is being described?

Internal Assessment

"A type of security check that involves conducting a configuration-level check to identify system configurations, user directories, file systems, registry settings, and other parameters to evaluate the possibility of compromise." Which Type of Vulnerability Assessment is being described?

Host-based Assessment

"This determines the possible network security attacks that may occur on an organization’s system. These assessments discover network resources and map the ports and services running to various areas of the network." Which Type of Vulnerability Assessment is being described?

Network-based Assessment

"Focuses on transactional web applications, traditional client-server applications, and hybrid systems. It analyzes all elements of an application infrastructure, including deployment and communication with the client and server." Which Type of Vulnerability Assessment is being described?

Application Assessment

"This is any assessment focused on testing the databases for the presence of any misconfiguration or known vulnerabilities. These assessments mainly concentrate on testing various database technologies like MYSQL, MSSQL, ORACLE, and POSTGRESQL to identify data exposure or injection-type vulnerabilities." Which Type of Vulnerability Assessment is being described?

Database Assessment

"Determines the vulnerabilities in an organization’s wireless networks" Which Type of Vulnerability Assessment is being described?

Wireless Network Assessment

"This type of assessment, employed by organizations that possess assets like servers and clients at different locations, involves simultaneously assessing the distributed organization assets, such as client and server applications, using appropriate synchronization techniques." Which Type of Vulnerability Assessment is being described?

Distributed Assessment

"also known as authenticated assessment, wherein the security professional possesses the credentials of all machines present in the assessed network." Which Type of Vulnerability Assessment is being described?

Credentialed Assessment

"provides a quick overview of weaknesses by analyzing the network services that the host exposes. A security professional does not require any credentials for the assets to perform their assessments. This type of assessment generates a brief report regarding vulnerabilities; however, it is not reliable because it does not provide deeper insight into the OS and application vulnerabilities that the host does not expose to the network." Which Type of Vulnerability Assessment is being described?

Non-credentialed Assessment

"After performing footprinting and network scanning and obtaining crucial information, if the security professional performs manual research for exploring the vulnerabilities or weaknesses, they manually rank the vulnerabilities and score them by referring to vulnerability scoring standards like CVSS (Common Vulnerability Scoring System) and vulnerability databases like CVE (Common Vulnerabilities and Exposures) and CWE (Common Weakness Enumeration)." Which Type of Vulnerability Assessment is being described?

Manual Assessment

"An assessment where a security professional uses vulnerability assessment tools such as Nessus, Qualys, or GFI LanGuard to perform a vulnerability assessment of the target." Which Type of Vulnerability Assessment is being described?

Automated Assessment

What does CVSS Stand for?

Common Vulnerability Scoring System

What does CVE Stand for?

Common Vulnerabilities and Exposures

What does CWE Stand for?

Common Weakness Enumeration

It is an important process that helps identify and remediate security weaknesses before they can be exploited. The implementation of a vulnerability management lifecycle helps gain a strategic perspective regarding possible cybersecurity threats and renders insecure computing environments more resilient to attacks.

Vulnerability-Management Cycle

"This phase identifies critical assets and prioritizes them to define the risk based on the criticality and value of each system." Which phase in vulnerability management is being described?

Identify Assets and Create a Baseline

"This phase is very crucial in vulnerability management. In this step, the security analyst performs a vulnerability scan on the network to identify the known vulnerabilities in the organization’s infrastructure." Which phase in vulnerability management is being described?

Vulnerability Scan

"In this phase, all serious uncertainties that are associated with the system are assessed and prioritized, and remediation is planned to permanently eliminate system flaws. It summarizes the vulnerability and risk level identified for each of the selected assets. It determines whether the risk level for a particular asset is high, moderate, or low." Which phase in vulnerability management is being described?

Risk Assessment

"The process of applying fixes to vulnerable systems in order to reduce the impact and severity of vulnerabilities. This phase is initiated after the successful implementation of the baseline and assessment steps" Which phase in vulnerability management is being described?

Remediation

"In this phase, the security team performs a re-scan of systems to assess if the required remediation is complete and whether the individual fixes have been applied to the impacted assets." Which phase in vulnerability management is being described?

Verification

"Organizations need to perform regular monitoring to maintain system security. They use tools such as IDS/IPS and firewalls. Continuous monitoring identifies potential threats and any new vulnerabilities that have evolved. As per security best practices, all phases of vulnerability management must be performed regularly." Which phase in vulnerability management is being described?

Monitor

It is the process of recovering passwords from the data transmitted by a computer system or from the data stored in it.

Password Cracking

It plays a key role in improving security against attacks. It is the most important element that users should ensure while creating a password. The password should not be simple, as such passwords are prone to attacks.

Password Complexity

"This is, for most cases, the attacker’s first attempt at gaining target system passwords." Which type of Password Attack is being described?

Non-Electronic Attacks

"This is one of the easiest ways to gain unauthorized administrator-level system access." Which type of Password Attack is being described?

Active Online Attacks

"It is a type of system attack that does not lead to any changes in the system. In this attack, the attacker does not have to communicate with the system, but passively monitors or records the data passing over the communication channel, to and from the system. The data are then used to break into the system." Which type of Password Attack is being described?

Passive Online Attack

"They refer to password attacks in which an attacker tries to recover cleartext passwords from a password hash dump." Which type of Password Attack is being described?

Offline Attacks

"In this type of attack, a dictionary file is loaded into a cracking application that runs against user accounts. This dictionary is a text file that contains several dictionary words commonly used as passwords." Which type of Password Attack is being described?

Dictionary

"Attackers try every combination of characters until the password is broken. It is when someone tries to produce every single encryption key for data to detect the needed information." Which type of Password Attack is being described?

Brute Force

"It is a brute-force attack on encryption that employs a search of the keyspace. In other words, testing all possible keys is one of the attempts to recover the plaintext used to produce a particular ciphertext." Which type of Password Attack is being described?

Cryptanalysis

"Attackers use this type of attack when they obtain some information about the password. This is a more powerful attack than dictionary and brute-force attacks because the cracker knows the password type" Which type of Password Attack is being described?

Rule-based Attack

"This type of attack depends on the dictionary attack. Often, people change their passwords merely by adding some numbers to their old passwords." Which type of Password Attack is being described?

Hybrid Attack

"Hackers use this cracking technique when passwords are not known words. Attackers use the dictionary and other methods to crack them, as well as all possible combinations of them." Which type of Password Attack is being described?

Syllable Attack

"Packet sniffing is a form of wire sniffing or wiretapping in which hackers sniff credentials during transit by capturing Internet packets. Attackers rarely use sniffers to perform this type of attack." Which type of Password Attack is being described?

Wire Sniffing

"It is a password-cracking technique that involves attempting to log on to the target system with different passwords manually" Which type of Password Attack is being described?

Password Guessing

"It is a tool designed to audit passwords and recover applications. It recovers lost Microsoft Windows passwords with the help of a dictionary, hybrid, rainbow table, and brute-force attacks, and it also checks the strength of the password" Which Password cracking tool is being described?

L0phtCrack

"It is a Windows password-cracking tool that uses rainbow tables for cracking passwords. It comes with a graphical user interface (GUI) and runs on different OSs such as Windows, Linux/UNIX, etc." Which Password cracking tool is being described?

ophcrack

"It cracks hashes with rainbow tables, using a time–memory trade-off algorithm. A traditional brute-force cracker cracks a hash in a manner that is different from that followed by a time-memory-tradeoff hash cracker." Which Password cracking tool is being described?

RainbowCrack

Which is NOT considered a Password Cracking tool?

PassCrack

The Contemporary World Mock test (Prelims)

Xai Alexandrei Delos Reyes · 3回閲覧 · 58問 · 2年前

The Contemporary World Mock test (Prelims)