Preview

07 - Practice Test

 1. They are side effects of the freedom and ease of communicating online and therefore…

  it is likely that the government will ban the internet from all homes and return it to government-only use

  it is unlikely cyber vulnerabilities will ever completely go away

  None of the above

  it is likely that cyber vulnerabilities will be eliminated in the next two years

 2. An example of social engineering is:

  Telephone IVR Phishing

  Worms

  Viruses

  Trojan Horses

 3. A example of a network policy that may help with security is:

  Virus

  Acceptable Use Policy

  Phishing

  Data Theft

 4. Malware is a manufacturer of corrupt (but cheap) computer parts

  FALSE

  TRUE

 5. Viruses

  are transferred from monkeys and genetically engineered to make them harmful to computers

  need to attach to a program in order to operate

  Do not need to attach to a program

  are a type of social engineering

 6. Worms

  need to attach to a program in order to operate

  Do not need to attach to a program

  are transferred from monkeys and genetically engineered to make them harmful to computers

  are a type of social engineering

 7. Trojan Horses

  are transferred from monkeys and genetically engineered to make them harmful to computers

  are designed to access a system by misleading users of intent by hiding behind 'harmless' downloads

  are a type of social engineering

  need to attach to a program in order to operate

 8. Networks like the internet are wonderful inventions and they are risk-free and completely safe.
Note: The video provides an insight into cyber security

  FALSE

  TRUE

 9. The security that is associated with networks and particularly the internet is called:

  cyber security or 'cybersecurity'

  internet safehavenity

  sentinel security

  cyber dangerauthority

 10. One method of data interception is:

  listening to radio waves with a thermometer

  breaking into a cable and physically peering through it

  listening to communications between users without their permission

  logging in to an authorised web server

 11. There are typically two well known types of penetration test targets: What are they?

  Red and Yellow

  Black and White

  Fluid and Static

  Normal and Boundary

 12. Penetration testing can never be carried out manually by individuals who are capable of carrying out attacks.

  TRUE

  FALSE

 13. Hackers that carry out penetration testing are sometimes called:

  Boundary testers

  There is no such thing - only computer systems can penetration test, not humans

  penepen testers

  ethical hackers or white-hat hackers

 14. White box testing assumes knowledge of the internals of the systems.

  FALSE

  TRUE

 15. Pharming is terrifying because the email can be legitimate but clicking on the link takes you to a hacker's website. How?

  All of the above

  The hacker may be the owner of the internet so knows it all

  The hacker may modify certain files on your computer or hack the DNS server

  This cannot be done

 16. ____________ is when the perpetrator obtains information while watching you use the device they want access to.

  blagging

  phishing

  pharming

  shouldering

 17. Baiting is like the real-world Trojan horse that uses physical media and relies on the _____________ of the victim

  religion or ethnicity

  health and wealth

  curiosity or greed

  wickedness and technological ability

 18. Organisations can reduce their security risks by:

  Establishing clear company security protocols (rules) and procedures for handling sensitive data

  Training employees in security protocols relevant to their position

  Performing unannounced periodic tests of the security framework

  All of the above

 19. An example of blagging is a hacker calling a company and pretending to be their network manager.
Blagging is the art of convincing an individual you are someone else in order to obtain sensitive information

  FALSE

  TRUE

 20. The attacks used in social engineering can be used to steal employees' confidential information. One common type of social engineering …

  happens via the download of Microsoft products

  happens via privately secured skype calls

  happens between machines

  happens over the phone

 21. Another example of social engineering is a criminal posing as exterminators, fire marshals and technicians to go unnoticed and…

  steal engineering devices (e.g. cranes)

  steal nothing

  steal anti virus software

  steal company secrets

 22. Spyware are programs that inject adverts into pages and programs on your computer with the aim that the hacker gets advertising revenue

  FALSE

  TRUE

 23. Spyware gathers data about people without their knowledge, including sensitive data like passwords

  FALSE

  TRUE

 24. You can minimise the risk of malware by:

  avoiding going to unknown or 'dodgy' websites

  All of the above

  installing Anti Virus software

  running regular system scans

 25. Some spyware can even use your laptop or comptuer's webcam without your knowledge!

  FALSE

  TRUE

 26. The following list are methods that ….
Biometric Measures
Password Systems
CAPTCHA
Using email confirmations to confirm user identity
Automatic software updates

  would facilitate attacks and weaken a system or network

  are developed by hackers to attack a system

  are developed by programmers to test a system

  would help prevent cyber security attacks if used correctly

 27. Penetration testing can be carried out by people who simulate an attack on a system to expose …………..

  variations

  redunduncies

  viruses

  vulnerabilities

 28. A common form of biometric security scanning used in school canteens and mobile phones is:

  the use of CAPTCHAs

  telephone virus installations

  fingerprint scanners

  Automatic software updates

 29. One of the worst things you can do in terms of keeping passwords secure is to:
*What is known as a 'Hash' of the passwords is stored

  store plain text passwords on a system

  None of the above

  store encrypted passwords on a system

  store numerical passwords which are encrypted on a system

 30. A longer password is always better in terms of a hacker being able to brute force hack it.
a password that contains letters a - z and is 
seven characters long could take just 8 seconds to hack

On the other hand a password that contains letters a - z
and is fourteen characters long could take several million
hours to brute-force hack…

  FALSE

  TRUE