- Information
- AI Chat
Week3 MCQ Answers
Fundamentals of Computing Security (CSEC 101)
Rochester Institute of Technology
Related documents
Preview text
CSEC 102- Information Assurance and Security
Rochester Institute of Technology -RIT
Dubai Campus
FALL 2020
Week 3 : Discussion Questions (NOT GRADED)
Multiple-Choice Questions
- Maria's company recently experienced a major system outage due to the failure of a critical component. During that time period, the company did not register any sales through its online site. Which type of loss did the company experience as a result of lost sales?
A. Replacement cost B. Opportunity cost C. Manpower cost D. Cost of good sold
Answer: B Reference: Service Availability and Productivity
Explanation: Opportunity cost is the amount of money a company loses due to downtime. Downtime can be either intentional or unintentional, but either kind directly affects system availability.
- Yuri is a skilled computer security expert who attempts to break into the systems belonging to his clients. He has permission from the clients to perform this testing as part of a paid contract. What type of person is Yuri?
A. Cracker B. White-hat hacker C. Black-hat hacker D. Grey-hat hacker
Answer: B Reference: Whom Are You Trying to Catch?
Explanation: White-hat hackers are information security professionals who have authorization to identify vulnerabilities and perform penetration testing. The difference
between white-hat hackers and black-hat hackers is that white-hat hackers will identify weaknesses for the purpose of fixing them, and black-hat hackers find weaknesses just for the fun of it or to exploit them.
- Which tool can capture the packets transmitted between systems over a network?
A. Wardialer B. OS fingerprinter C. Port scanner D. Protocol analyzer
Answer: D Reference: Attack tools
Explanation: A protocol analyzer, or packet sniffer, is a software program that enables a computer to monitor and capture network traffic, whether on a LAN or a wireless network.
- Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service?
A. 21 B. 23 C. 80 D. 443
Answer: C Reference: Port Scanners
Explanation: The unencrypted HTTP protocol uses port 80 to support web traffic. Encrypted web traffic uses the HTTPS protocol over port 443.
- Which type of denial of service attack exploits the existence of software flaws to disrupt a service?
A. SYN flood attack B. Smurf attack
There is no indication in the scenario that the messages are trying to trick users, which would place them into the categories of phishing and/or social engineering.
- Which term describes an action that can damage or compromise an asset?
A. Risk B. Vulnerability C. Countermeasure D. Threat
Answer: D Reference: What Are Risks, Threats, and Vulnerabilities?
Explanation: A threat is any action that can damage or compromise an asset. Risk is the probability that something bad is going to happen. A vulnerability is a weakness, such as in the design of a system or in software code. A countermeasure is an action or control that detects vulnerabilities, prevents attacks, and responds to the effects of successful attacks.
- Which one of the following is an example of a disclosure threat?
A. Espionage B. Alteration C. Denial D. Destruction
Answer: A Reference: Disclosure Threats
Explanation: Espionage is an example of a disclosure threat. It is the act of spying to obtain secret information, typically to aid another nation state. Terrorists and enemy agents might well be involved in activities to obtain sensitive government information that they can use to perpetuate future attacks.
- Which type of attack involves the creation of some deception in order to trick unsuspecting users?
A. Interception
B. Interruption C. Fabrication D. Modification
Answer: C Reference: What Is a Malicious Attack?
Explanation: The four general categories of attack are fabrications, interceptions, interruptions, and modifications. Fabrications involve the creation of some deception in order to trick unsuspecting users.
- Which password attack is typically used specifically against password files that contain cryptographic hashes?
A. Brute-force attacks B. Dictionary attacks C. Birthday attacks D. Social engineering attacks
Answer: C Reference: Birthday Attacks
Explanation: While all of the attack types mentioned may be used against passwords, only the birthday attack specifically targets the cryptographic hashes stored in a system's password file.
- Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?
A. Address Resolution Protocol (ARP) poisoning B. Internet Protocol (IP) spoofing C. URL hijacking D. Christmas attack
Answer: A Reference: IP Address Spoofing
Explanation: ARP poisoning is an example of a spoofing attack. In this attack, the attacker spoofs the MAC address of a targeted device, such as a server, by sending false
Answer: C Reference: What Is Malicious Software?
Explanation: A Trojan horse, also called a Trojan, is malware that masquerades as a useful program. Trojan horse programs use their outward appearance to trick users into running them. They look like programs that perform useful tasks, but actually, they hide malicious code.
- An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using?
A. Vishing B. Urgency C. Whaling D. Authority
Answer: B Reference: Social Engineering Attacks
Explanation: In an urgency attack, the attacker uses some sort of urgent or emergency situation to get someone to perform an action or divulge information.
- Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?
A. Evil twin B. Wardriving C. Bluesnarfing D. Replay attack
Answer: A Reference: Wireless Network Attacks
Explanation: In an evil twin attack, the attacker deploys a fake open or public wireless network to use a packet sniffer on any user who connects to it.
- Which type of attack against a web application uses a newly discovered vulnerability that is not patchable?
A. SQL injection B. Cross-site scripting C. Cross-site request forgery D. Zero-day attack
Answer: D Reference: Web Application Attacks
Explanation: Zero-day attacks exploit new vulnerabilities that have not yet been patched by the vendor, making them very difficult to defeat.
- Which control is not designed to combat malware?
A. Firewalls B. Antivirus software C. Awareness and education efforts D. Quarantine computers
Answer: A Reference: What Is a Countermeasure?
Explanation: Firewalls are designed to control connections between networks of differing trust levels and do not specifically target malware. Antivirus software, quarantine systems, and awareness/education efforts are all effective controls against malware.
- Florian recently purchased a set of domain names that are similar to those of legitimate websites and used the newly purchased sites to host malware. Which type of attack is Florian using?
A. Cross-site scripting B. Session hijacking C. SQL injection D. Typosquatting
- Failing to prevent an attack all but invites an attack.
A. True B. False
Answer: A Reference: Operation Get Rich or Die Tryin'
- A DoS attack is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks.
A. True B. False
Answer: A Reference: Denial-of-Service Attacks
- A rootkit uses a directed broadcast to create a flood of network traffic for the victim computer.
A. True B. False
Answer: B Reference: Denial-of-Service Attacks
Explanation: The smurf attack uses a directed broadcast to create a flood of network traffic for the victim computer.
- Denial of service (DoS) attacks are larger in scope than distributed denial of service (DDoS) attacks.
A. True B. False
Answer: B Reference: Distributed Denial-of-Service Attacks
Explanation: DDoS attacks are larger in scope than DoS attacks. In a DDoS attack, attackers hijack hundreds or even thousands of Internet computers, planting automated attack agents on those systems.
- A phishing email is a fake or bogus email intended to trick the recipient into clicking on an embedded URL link or opening an email attachment.
A. True B. False
Answer: A Reference: Spam and Spim
- Rootkits are malicious software programs designed to be hidden from normal methods of detection.
A. True B. False
Answer: A Reference: Backdoors
- The anti-malware utility is one of the most popular backdoor tools in use today.
A. True B. False
Answer: B Reference: Backdoors
Explanation: The netcat utility is one of the most popular backdoor tools in use today.
- Spam is some act intended to deceive or trick the receiver, normally in email messages.
A. True B. False
- A man-in-the-middle attack takes advantage of the multihop process used by many types of networks.
A. True B. False
Answer: A Reference: Man-in-the-Middle Attacks
- A phishing attack "poisons" a domain name on a domain name server.
A. True B. False
Answer: B Reference: Pharming
Explanation: Pharming "poisons" a domain name on a domain name server. Phishing attempts to scam people one at a time with an email or instant message.
- The main difference between a virus and a worm is that a virus does not need a host program to infect.
A. True B. False
Answer: B Reference: Worms
Explanation: The main difference between a virus and a worm is that a worm does not need a host program to infect. The worm is a standalone program.
- Spyware gathers information about a user through an Internet connection, without his or her knowledge.
A. True B. False
Answer: A Reference: Spyware
- Vishing is a type of wireless network attack.
A. True B. False
Answer: B Reference: What Are Common Types of Attacks?
Explanation: Vishing is a type of social engineering attack where a person performs a phishing attack by telephone in order to elicit personal information.
- Using a secure logon and authentication process is one of the six steps used to prevent malware.
A. True B. False
Answer: A Reference: Countering Malware
Week3 MCQ Answers
Course: Fundamentals of Computing Security (CSEC 101)
University: Rochester Institute of Technology
- Discover more from: