Preview

07 - Practice Test

 1. They are side effects of the freedom and ease of communicating online and therefore…

  it is unlikely cyber vulnerabilities will ever completely go away

  it is likely that the government will ban the internet from all homes and return it to government-only use

  None of the above

  it is likely that cyber vulnerabilities will be eliminated in the next two years

 2. An example of social engineering is:

  Trojan Horses

  Telephone IVR Phishing

  Viruses

  Worms

 3. A example of a network policy that may help with security is:

  Acceptable Use Policy

  Phishing

  Data Theft

  Virus

 4. Malware is a manufacturer of corrupt (but cheap) computer parts

  FALSE

  TRUE

 5. Viruses

  need to attach to a program in order to operate

  Do not need to attach to a program

  are a type of social engineering

  are transferred from monkeys and genetically engineered to make them harmful to computers

 6. Worms

  are transferred from monkeys and genetically engineered to make them harmful to computers

  Do not need to attach to a program

  need to attach to a program in order to operate

  are a type of social engineering

 7. Trojan Horses

  are designed to access a system by misleading users of intent by hiding behind 'harmless' downloads

  are a type of social engineering

  need to attach to a program in order to operate

  are transferred from monkeys and genetically engineered to make them harmful to computers

 8. Networks like the internet are wonderful inventions and they are risk-free and completely safe.
Note: The video provides an insight into cyber security

  FALSE

  TRUE

 9. The security that is associated with networks and particularly the internet is called:

  sentinel security

  cyber dangerauthority

  internet safehavenity

  cyber security or 'cybersecurity'

 10. One method of data interception is:

  breaking into a cable and physically peering through it

  listening to radio waves with a thermometer

  listening to communications between users without their permission

  logging in to an authorised web server

 11. There are typically two well known types of penetration test targets: What are they?

  Normal and Boundary

  Fluid and Static

  Red and Yellow

  Black and White

 12. Penetration testing can never be carried out manually by individuals who are capable of carrying out attacks.

  TRUE

  FALSE

 13. Hackers that carry out penetration testing are sometimes called:

  There is no such thing - only computer systems can penetration test, not humans

  penepen testers

  ethical hackers or white-hat hackers

  Boundary testers

 14. White box testing assumes knowledge of the internals of the systems.

  FALSE

  TRUE

 15. Pharming is terrifying because the email can be legitimate but clicking on the link takes you to a hacker's website. How?

  The hacker may modify certain files on your computer or hack the DNS server

  The hacker may be the owner of the internet so knows it all

  This cannot be done

  All of the above

 16. ____________ is when the perpetrator obtains information while watching you use the device they want access to.

  phishing

  shouldering

  blagging

  pharming

 17. Baiting is like the real-world Trojan horse that uses physical media and relies on the _____________ of the victim

  health and wealth

  curiosity or greed

  wickedness and technological ability

  religion or ethnicity

 18. Organisations can reduce their security risks by:

  Training employees in security protocols relevant to their position

  All of the above

  Performing unannounced periodic tests of the security framework

  Establishing clear company security protocols (rules) and procedures for handling sensitive data

 19. An example of blagging is a hacker calling a company and pretending to be their network manager.
Blagging is the art of convincing an individual you are someone else in order to obtain sensitive information

  TRUE

  FALSE

 20. The attacks used in social engineering can be used to steal employees' confidential information. One common type of social engineering …

  happens between machines

  happens over the phone

  happens via privately secured skype calls

  happens via the download of Microsoft products

 21. Another example of social engineering is a criminal posing as exterminators, fire marshals and technicians to go unnoticed and…

  steal anti virus software

  steal nothing

  steal engineering devices (e.g. cranes)

  steal company secrets

 22. Spyware are programs that inject adverts into pages and programs on your computer with the aim that the hacker gets advertising revenue

  TRUE

  FALSE

 23. Spyware gathers data about people without their knowledge, including sensitive data like passwords

  FALSE

  TRUE

 24. You can minimise the risk of malware by:

  running regular system scans

  installing Anti Virus software

  All of the above

  avoiding going to unknown or 'dodgy' websites

 25. Some spyware can even use your laptop or comptuer's webcam without your knowledge!

  FALSE

  TRUE

 26. The following list are methods that ….
Biometric Measures
Password Systems
CAPTCHA
Using email confirmations to confirm user identity
Automatic software updates

  would facilitate attacks and weaken a system or network

  would help prevent cyber security attacks if used correctly

  are developed by hackers to attack a system

  are developed by programmers to test a system

 27. Penetration testing can be carried out by people who simulate an attack on a system to expose …………..

  redunduncies

  vulnerabilities

  viruses

  variations

 28. A common form of biometric security scanning used in school canteens and mobile phones is:

  telephone virus installations

  Automatic software updates

  the use of CAPTCHAs

  fingerprint scanners

 29. One of the worst things you can do in terms of keeping passwords secure is to:
*What is known as a 'Hash' of the passwords is stored

  None of the above

  store plain text passwords on a system

  store encrypted passwords on a system

  store numerical passwords which are encrypted on a system

 30. A longer password is always better in terms of a hacker being able to brute force hack it.
a password that contains letters a - z and is 
seven characters long could take just 8 seconds to hack

On the other hand a password that contains letters a - z
and is fourteen characters long could take several million
hours to brute-force hack…

  TRUE

  FALSE