Preview

08 - Final Test

 1. What can viruses affect?

  All of the above

  Keyboard

  RAM

  Hard drive

 2. How do hackers use viruses?

  All of the above

  To find out card or bank detals

  To make a computer unusable

  To get someone's personal information

 3. Sending requests to a single server using hijacked machines is:

  a networked hack attack

  Phishing

  a worm attack

  a DDOS attack

 4. Social engineering, phishing and worms are examples of:

  Hardware scams

  Social engineering

  Viruses

  Data interception

 5. Data travels across networks in ….
(and it is these ___________ that are often under attack)

  text snippets

  packets

  blocks

  bits

 6. Organisations can protect themselves from SQL injections attacks by downloading and installing

  Software

  Bits

  Patches

  Matches

 7. A network of computers infected with malicious software and controlled as part of a group without the owner's knowledge is:

  VirusNet

  Snixnet

  BingNet

  Botnet

 8. Network forensics typically involves the examination of data sent across a network

  TRUE

  FALSE

 9. Packet sniffing' is an example of a network forensic technique

  TRUE

  FALSE

 10. Law enforcement agencies can intercept data under what law?

  Government can do whatever it likes act (GCDWILA)

  Computer misuse act (CMA)

  Data protection act (DPA)

  Regulation of investigatory powers act (RIPA)

 11. This is software that provides a 'barrier' between a potential hacker and the computer system

  malware

  malware

  firewall

  anti virus software

 12. These define access permissions for a user (pertaining to a network)

  User access levels

  Firewalls

  Use maintenance

  Group permissions

 13. Additional security requirements to use alongside passwords could include:

  All of the above

  limit the number of password guesses

  Use password complexity rules (e.g. length and special characters)

  Require two-factor authentication

 14. Encryption is a method of bypassing viruses and ensuring that code is stored as plain text securely.

  FALSE

  TRUE

 15. Typically, what level of access what a student have to the network, in a school?

  Access to own documents, certain shared documents and the internet

  Full Access

  Access to printers only

  Access to all folders on the network

 16. They are side effects of the freedom and ease of communicating online and therefore…

  it is unlikely cyber vulnerabilities will ever completely go away

  None of the above

  it is likely that cyber vulnerabilities will be eliminated in the next two years

  it is likely that the government will ban the internet from all homes and return it to government-only use

 17. An example of social engineering is:

  Worms

  Telephone IVR Phishing

  Viruses

  Trojan Horses

 18. A example of a network policy that may help with security is:

  Acceptable Use Policy

  Data Theft

  Virus

  Phishing

 19. Malware is a manufacturer of corrupt (but cheap) computer parts

  FALSE

  TRUE

 20. Viruses

  are transferred from monkeys and genetically engineered to make them harmful to computers

  are a type of social engineering

  Do not need to attach to a program

  need to attach to a program in order to operate

 21. Worms

  Do not need to attach to a program

  need to attach to a program in order to operate

  are transferred from monkeys and genetically engineered to make them harmful to computers

  are a type of social engineering

 22. Trojan Horses

  are a type of social engineering

  need to attach to a program in order to operate

  are transferred from monkeys and genetically engineered to make them harmful to computers

  are designed to access a system by misleading users of intent by hiding behind 'harmless' downloads

 23. Networks like the internet are wonderful inventions and they are risk-free and completely safe.
Note: The video provides an insight into cyber security

  TRUE

  FALSE

 24. The security that is associated with networks and particularly the internet is called:

  sentinel security

  cyber security or 'cybersecurity'

  cyber dangerauthority

  internet safehavenity

 25. One method of data interception is:

  breaking into a cable and physically peering through it

  logging in to an authorised web server

  listening to communications between users without their permission

  listening to radio waves with a thermometer

 26. There are typically two well known types of penetration test targets: What are they?

  Red and Yellow

  Fluid and Static

  Black and White

  Normal and Boundary

 27. Penetration testing can never be carried out manually by individuals who are capable of carrying out attacks.

  TRUE

  FALSE

 28. Hackers that carry out penetration testing are sometimes called:

  penepen testers

  ethical hackers or white-hat hackers

  Boundary testers

  There is no such thing - only computer systems can penetration test, not humans

 29. White box testing assumes knowledge of the internals of the systems.

  TRUE

  FALSE

 30. Pharming is terrifying because the email can be legitimate but clicking on the link takes you to a hacker's website. How?

  The hacker may be the owner of the internet so knows it all

  This cannot be done

  All of the above

  The hacker may modify certain files on your computer or hack the DNS server

 31. ____________ is when the perpetrator obtains information while watching you use the device they want access to.

  pharming

  shouldering

  phishing

  blagging

 32. Baiting is like the real-world Trojan horse that uses physical media and relies on the _____________ of the victim

  religion or ethnicity

  curiosity or greed

  wickedness and technological ability

  health and wealth

 33. Organisations can reduce their security risks by:

  Training employees in security protocols relevant to their position

  Performing unannounced periodic tests of the security framework

  All of the above

  Establishing clear company security protocols (rules) and procedures for handling sensitive data

 34. An example of blagging is a hacker calling a company and pretending to be their network manager.
Blagging is the art of convincing an individual you are someone else in order to obtain sensitive information

  TRUE

  FALSE

 35. The attacks used in social engineering can be used to steal employees' confidential information. One common type of social engineering …

  happens over the phone

  happens between machines

  happens via privately secured skype calls

  happens via the download of Microsoft products

 36. Another example of social engineering is a criminal posing as exterminators, fire marshals and technicians to go unnoticed and…

  steal engineering devices (e.g. cranes)

  steal company secrets

  steal nothing

  steal anti virus software

 37. Spyware are programs that inject adverts into pages and programs on your computer with the aim that the hacker gets advertising revenue

  TRUE

  FALSE

 38. Spyware gathers data about people without their knowledge, including sensitive data like passwords

  TRUE

  FALSE

 39. You can minimise the risk of malware by:

  avoiding going to unknown or 'dodgy' websites

  All of the above

  running regular system scans

  installing Anti Virus software

 40. Some spyware can even use your laptop or comptuer's webcam without your knowledge!

  FALSE

  TRUE

 41. The following list are methods that ….
Biometric Measures
Password Systems
CAPTCHA
Using email confirmations to confirm user identity
Automatic software updates

  are developed by hackers to attack a system

  would facilitate attacks and weaken a system or network

  would help prevent cyber security attacks if used correctly

  are developed by programmers to test a system

 42. Penetration testing can be carried out by people who simulate an attack on a system to expose …………..

  variations

  viruses

  redunduncies

  vulnerabilities

 43. A common form of biometric security scanning used in school canteens and mobile phones is:

  Automatic software updates

  fingerprint scanners

  the use of CAPTCHAs

  telephone virus installations

 44. One of the worst things you can do in terms of keeping passwords secure is to:
*What is known as a 'Hash' of the passwords is stored

  store numerical passwords which are encrypted on a system

  None of the above

  store plain text passwords on a system

  store encrypted passwords on a system

 45. A longer password is always better in terms of a hacker being able to brute force hack it.
a password that contains letters a - z and is 
seven characters long could take just 8 seconds to hack

On the other hand a password that contains letters a - z
and is fourteen characters long could take several million
hours to brute-force hack…

  FALSE

  TRUE