Module 07 Digital Security Computer Concepts for End Users test bank
Download file with the answers
Module 07 Digital Security
1 file(s) 339.65 KB
If you are not a member register here to download this file
1. This type of security transforms a message or data file in such a way that its contents are hidden from unauthorized readers.
a. Authentication
b. Encryption
c. Ciphertext
d. Decryption
2. An original message or file that has not yet been encrypted is referred to as ciphertext.
a. True
b. False
3. A cryptographic ________ is a word, number, or phrase that must be known to encrypt or decrypt data.
ANSWER: key
4. There are various encryption methods, but __________ is the encryption standard currently used worldwide.
a. AES (Advanced Encryption Standard)
b. DDoS (distributed denial of service attacks)
c. IMSI (International Mobile Subscriber Identity)
d. TLS (Transport Layer Security)
5. A cryptographic __________ is a procedure for encryption or decryption.
a. firewall
b. ciphertext
c. key
d. algorithm
6. Which of the following is not an example of user authentication?
a. Password
b. PINs
c. Fingerprint scanner
d. URLs (Uniform Resource Locators)
7. The single most effective security measure for digital devices is to require a login password.
a. True
b. False
8. Passwords used as encryption ________ help to make hijacked data unusable.
ANSWER: keys
9. All Android devices automatically encrypt data stored on the device when a user activates the login password.
a. True
b. False
10. It is not possible to encrypt a Windows hard drive volume.
a. True
b. False
11. FileVault is a MacOS utility included on by default on Macintosh computers that automatically encrypts data stored locally.
a. True
b. False
12. A(n) _______ password is difficult to hack.
ANSWER: strong
13. Conventional wisdom tells us that strong passwords are at least _____ characters in length and include one or more uppercase letters, numbers, and symbols.
ANSWER: eight, 8
14. Which of the following attacks uses password-cracking software to generate every possible combination of letters, numerals, and symbols?
a. Entropy
b. Massive
c. Dictionary
d. Brute force
15. Which of the following is not a characteristic of a weak password?
a. Eight characters in length and include one or more uppercase letters, numbers, and symbols
b. Uses default passwords such as password, admin, system, and guest
c. Any sequence that includes a user name
d. Use of a word from a dictionary
16. Brute force attacks methodically try every possible password until the correct one is found.
a. True
b. False
17. Password _________ is a measure in bits of a password’s unpredictability.
ANSWER: entropy
18. Password entropy is a measure in _____ of a password’s unpredictability.
ANSWER: bits
19. If you want to store passwords on a digital device, make sure to _________ the file in which they are stored.
ANSWER: encrypt
20. If you feel more secure with a totally random and unique password for each of your logins, then a(n) _______________ is an excellent option.
a. keylogger
b. encryption key
c. password manager
d. personal firewall
21. The core function of a password manager is to store user IDs with their corresponding ________.
ANSWER: passwords
22. Password managers can generate unique passwords that have very good entropy.
a. True
b. False
23. Password managers store passwords in a(n) _________ file.
ANSWER: encrypted
24. If you use a password manager, what do you as the user need to remember?
a. Your passwords for individual sites
b. The master password
c. Form data including credit card numbers
d. All of the above
25. A password manager can store passwords in an encrypted file located at which of the following storage locations?
a. Local storage
b. Cloud storage
c. USB storage
d. All of the above
26. ________ refers to any computer program designed to surreptitiously enter a digital device.
ANSWER: Malware
27. The action carried out by malware code is referred to as a(n) _______.
ANSWER: exploit
28. Common classifications of _________ include viruses, worms, and trojans.
ANSWER: malware
29. A computer _________ is a set of self-replicating program instructions that surreptitiously attaches itself to a legitimate executable file on a host device.
a. trojan
b. virus
c. worm
d. all of the above
30. In addition to replicating itself, a virus is self-distributing.
a. True
b. False
31. Viruses spread themselves from one device to another.
a. True
b. False
32. __________ is the process of modifying an executable file or data stream by adding additional commands.
a. Keylogging
b. Pharming
c. Brute force attack
d. Code injection
33. What is the process called when an app from a source other than an official app store is installed on a device?
a. Side-loading
b. Rootkit
c. Code injection
d. Dropper
34. Any code that is designed to hide the existence of processes and privileges is referred to as a(n) _______.
ANSWER: rootkit
35. A key characteristic of viruses is their ability to lurk in a device for days or months, quietly replicating themselves.
a. True
b. False
36. A computer _______ is a self-replicating, self-distributing program designed to carry out unauthorized activity on a victim’s device.
ANSWER: worm
37. Which of the following is not a characteristic of a computer worm?
a. Self-replicating
b. Usually standalone executable programs
c. Self-distributing
d. Spread through a process called side-loading
38. Stuxnet is a notorious computer _______.
ANSWER: worm
39. Similar to a worm, a trojan is not designed to spread itself to other devices.
a. True
b. False
40. Most trojans are not designed to replicate themselves.
a. True
b. False
41. A(n) __________ is a computer program that seems to perform one function while actually doing something else.
ANSWER: trojan
42. __________ are standalone programs that masquerade as useful utilities or applications.
ANSWER: Trojans
43. Trojans depend on ________ to spread.
a. self-replication
b. social engineering
c. rootkits
d. code injection
44. A(n) _________ is designed to deliver malicious code into a device.
ANSWER: dropper
45. Any data entering a digital device could be malware.
a. True
b. False
46. The best defense against malware is _____________.
a. encryption
b. entropy
c. antivirus software
d. all of the above
47. A virus __________ is a section of program code that contains a unique series of instructions known to be part of a malware exploit.
ANSWER: signature
48. Antivirus software can use techniques called__________ to detect malware by analyzing the characteristics and behavior of suspicious files.
a. heuristic analysis
b. virus signature
c. side-loading
d. port scan
49. One method of heuristic analysis allows the suspicious file to run in a guarded environment called a(n) ___________.
ANSWER: sandbox
50. Heuristics may produce false positives that mistakenly identify a legitimate file as malware.
a. True
b. False
51. When antivirus software detects malware, which of the following would not be a course of action you could take?
a. Conduct a heuristic analysis.
b. Repair the infection.
c. Put the infected file into quarantine.
d. Delete the infected file.
52. Once you have installed antivirus software, you don’t typically need to keep it running full time in the background.
a. True
b. False
53. A virus __________ usually arrives as an email message that contains warnings about a fake virus.
a. payload
b. signature
c. hoax
d. dropper
54. A(n) ________________ takes place when an unauthorized person gains access to a digital device by using an Internet connection and exploiting vulnerabilities in hardware or software.
a. address spoofing exploit
b. online intrusion
c. brute force attack
d. rogue antivirus
55. Which of the following sequence of events best describes an online intrusion?
a. Malware enters the device, and then opens a backdoor, which opens a communications link on the device that a hacker can exploit.
b. A backdoor is opened on the device locally, which allows malware to be loaded onto the device by a hacker.
c. A USB drive containing a trojan is inserted into a device, which opens a backdoor allowing a hacker access to the device.
d. None of the above.
56. A(n) ___________ is malware that arrives in a trojan disguised as legitimate software and sets up a secret communication link to a hacker.
a. DDoS
b. TLS
c. PUP
d. RAT
57. A(n) __________ is an undocumented method of accessing a digital device.
ANSWER: backdoor
58. RATs can be used to create a backdoor to a victim’s device that takes control of the device’s camera.
a. True
b. False
59. If you are traveling and expect to access files on a computer that you’ve left at home, make sure the remote access utility is turned off.
a. True
b. False
60. ___________ locks a device and then requests payment for an unlocking code.
ANSWER: Ransomware
61. Hackers who gain control over several computers can organize them into a client-server network known as a(n) _______.
ANSWER: botnet
62. A botnet has a server that is controlled by hackers.
a. True
b. False
63. _______ can be used to flood a Web site with so much traffic that it can no longer provide its intended service.
a. DDoS
b. An AES service attack
c. A Floodping attack
d. All of the above
64. Correctly installed antivirus software will prevent all intrusions.
a. True
b. False
65. Antivirus software cannot be expected to block threats that do not arrive in the form of malware.
a. True
b. False
66. A(n) ______________ attack exploits previously unknown vulnerabilities in software applications, hardware, and operating system program code.
a. zero-day
b. rootkit
c. brute force
d. dictionary
67. _____________ software shields certain applications against behaviors commonly exhibited by intrusions.
a. Malware
b. Rootkit
c. Antivirus
d. Virus signature
68. If you suspect that your computer might be infected by a zero-day exploit, launching a(n) _______________ with a product such as Malwarebytes might identify the infection.
a. on-demand scan
b. rootkit
c. botnet
d. DDoS
69. Hackers can use ports to communicate with devices in botnets.
a. True
b. False
70. A(n) __________ pings a packet of data to a port in order to see if that port is open or not.
a. rootkit
b. port scan
c. virus signature
d. heuristic analysis
71. A network utility called ______________ produces a detailed list of open ports on a device.
ANSWER: Netstat
72. A(n) __________ is a device or software that is designed to block unauthorized access while allowing authorized communications.
a. Netstat
b. firewall
c. Evil Twin
d. digital certificate
73. Which of the following can be used to block unauthorized access while allowing authorized communications on a device or network?
a. Network router
b. Personal firewall
c. Hardware that uses NAT (network address translation)
d. All of the above
74. Any software that secretly gathers personal information without the victim’s knowledge is classified as __________.
ANSWER: spyware
75. Which of the following would be considered spyware?
a. A keylogger
b. Firewall software
c. Antivirus software
d. All of the above
76. MITM (man-in-the-middle) attacks include which of the following?
a. Address spoofing
b. IMSI catchers
c. Evil Twins
d. All of the above
77. The objective of a MITM attack is for a third party to block communications between two entities.
a. True
b. False
78. A(n) _____________ is a hacker’s LAN server that is designed to look like a legitimate Wi-Fi hotspot.
ANSWER: Evil Twin
79. To establish a(n) ________, hackers set up an unsecured Wi-Fi hotspot complete with an Internet connection.
a. keylogger
b. Evil Twin
c. botnet
d. none of the above
80. __________ changes an originating address or a destination address to redirect the flow of data between two parties.
a. Social engineering
b. IMSI catching
c. Address spoofing
d. All of the above
81. If a hacker intercepts encrypted data by way of a MITM attack, the contents of that data is not always secure.
a. True
b. False
82. The current method of encrypting communication between a client and a server depends on a security protocol called _______.
a. RAT
b. TLS
c. PUP
d. AES
83. ________ is a 64-bit number that uniquely identifies a cellular device.
ANSWER: IMSI
84. ______________ is a deceptive practice that exploits human psychology by inducing victims to interact with a digital device in a way that is not in their best interest.
a. Evil Twin
b. Address spoofing
c. Social engineering
d. None of the above
85. ____________ is a term for a person who devises and carries out a scam in order to accomplish a goal.
a. Man-in-the-middle
b. RAT
c. Internet worm
d. None of the above
86. Social engineering attacks prey on human vulnerabilities.
a. True
b. False
87. A social engineering scam called ___________ is when a victim is promised a large sum of money in exchange for the temporary use of a bank account.
a. advance fee fraud
b. pharming
c. address spoofing
d. Evil Twin
88. __________ is defined as unsolicited messages that are usually sent in massive numbers using electronic mail systems.
ANSWER: Spam
89. Spam sent by scammers often uses spoofed email addresses.
a. True
b. False
90. Most mass-mailing databases are legitimately compiled from customer lists.
a. True
b. False
91. Spam accounts for approximately ______ of all email.
a. 40%
b. 50%
c. 60%
d. 70%
92. The CAN-SPAM Act is considered an effective means of controlling the volume of spam on the Internet.
a. True
b. False
93. ___________ is a term describing spam that uses a deceptive message to trick victims into participating.
ANSWER: Pretexting
94. Most ISPs and email services do not use filtering techniques to block spam.
a. True
b. False
95. A spam __________ uses a set of rules to examine email messages and determine which are spam.
ANSWER: filter
96. Which of the following is not a type of spam filter?
a. Content
b. Permission
c. Blacklist
d. Entropy
97. Blacklist and header filtering are usually performed by email clients and Webmail services.
a. True
b. False
98. ________ is a mass-mailing scam that masquerades as a message from a legitimate source.
ANSWER: Phishing
99. _____________ exploits send deceptive messages to targeted individuals in an attempt to get those individuals to click links to infected Websites.
a. Malware
b. Rootkit
c. Spear phishing
d. Keylogger
100. _________ redirects Web site traffic to fraudulent Web sites.
ANSWER: Pharming
101. Pharming attacks carried out by domain name system (DNS) spoofing can be detected by antivirus software or spyware removal software.
a. True
b. False
102. ____________ is a service offered by Google that checks URLs against a list of suspicious Web site URLs.
a. Personal firewall
b. Safe Browsing
c. Heuristic analysis
d. SmartScreen Filter
103. Microsoft uses a service called Safe Browsing to alert users about sites to avoid.
a. True
b. False
104. A ______________ exploit usually begins with a virus warning and an offer to disinfect the infected device.
a. rogue antivirus
b. virus hoax
c. RAT
d. backdoor
105. The most common types of PUPs and PUAs are toolbars and alternative browsers.
a. True
b. False
106. What is the term used to describe unwanted software that installs along with the application software that you originally downloaded and installed?
a. RAT
b. PUP
c. Evil Twin
d. Adware
107. ______________________ increases security by verifying identity based on more than just a password or PIN.
a. RAT
b. A hash value
c. Two-factor authentication
d. HTTPS
108. Antivirus software’s on-access scanning has a high probability of identifying zero-day exploits.
a. True
b. False
109. A dropper installs a malicious program on a device, and it works with an entire program. Code injection inserts a segment of malicious code into another program. It carries only a short segment of code rather than an entire program.
a. True
b. False
Leave a reply