Preview

08 - Final Test

 1. What can viruses affect?

  All of the above

  Keyboard

  RAM

  Hard drive

 2. How do hackers use viruses?

  All of the above

  To find out card or bank detals

  To get someone's personal information

  To make a computer unusable

 3. Sending requests to a single server using hijacked machines is:

  a DDOS attack

  a networked hack attack

  a worm attack

  Phishing

 4. Social engineering, phishing and worms are examples of:

  Viruses

  Social engineering

  Hardware scams

  Data interception

 5. Data travels across networks in ….
(and it is these ___________ that are often under attack)

  bits

  text snippets

  blocks

  packets

 6. Organisations can protect themselves from SQL injections attacks by downloading and installing

  Software

  Bits

  Matches

  Patches

 7. A network of computers infected with malicious software and controlled as part of a group without the owner's knowledge is:

  Snixnet

  BingNet

  VirusNet

  Botnet

 8. Network forensics typically involves the examination of data sent across a network

  FALSE

  TRUE

 9. Packet sniffing' is an example of a network forensic technique

  FALSE

  TRUE

 10. Law enforcement agencies can intercept data under what law?

  Government can do whatever it likes act (GCDWILA)

  Computer misuse act (CMA)

  Data protection act (DPA)

  Regulation of investigatory powers act (RIPA)

 11. This is software that provides a 'barrier' between a potential hacker and the computer system

  malware

  malware

  firewall

  anti virus software

 12. These define access permissions for a user (pertaining to a network)

  Firewalls

  Use maintenance

  User access levels

  Group permissions

 13. Additional security requirements to use alongside passwords could include:

  limit the number of password guesses

  Require two-factor authentication

  Use password complexity rules (e.g. length and special characters)

  All of the above

 14. Encryption is a method of bypassing viruses and ensuring that code is stored as plain text securely.

  TRUE

  FALSE

 15. Typically, what level of access what a student have to the network, in a school?

  Access to own documents, certain shared documents and the internet

  Access to all folders on the network

  Full Access

  Access to printers only

 16. They are side effects of the freedom and ease of communicating online and therefore…

  it is likely that cyber vulnerabilities will be eliminated in the next two years

  it is likely that the government will ban the internet from all homes and return it to government-only use

  it is unlikely cyber vulnerabilities will ever completely go away

  None of the above

 17. An example of social engineering is:

  Telephone IVR Phishing

  Trojan Horses

  Viruses

  Worms

 18. A example of a network policy that may help with security is:

  Acceptable Use Policy

  Data Theft

  Phishing

  Virus

 19. Malware is a manufacturer of corrupt (but cheap) computer parts

  TRUE

  FALSE

 20. Viruses

  need to attach to a program in order to operate

  are transferred from monkeys and genetically engineered to make them harmful to computers

  are a type of social engineering

  Do not need to attach to a program

 21. Worms

  are a type of social engineering

  are transferred from monkeys and genetically engineered to make them harmful to computers

  Do not need to attach to a program

  need to attach to a program in order to operate

 22. Trojan Horses

  are designed to access a system by misleading users of intent by hiding behind 'harmless' downloads

  need to attach to a program in order to operate

  are transferred from monkeys and genetically engineered to make them harmful to computers

  are a type of social engineering

 23. Networks like the internet are wonderful inventions and they are risk-free and completely safe.
Note: The video provides an insight into cyber security

  TRUE

  FALSE

 24. The security that is associated with networks and particularly the internet is called:

  internet safehavenity

  cyber security or 'cybersecurity'

  sentinel security

  cyber dangerauthority

 25. One method of data interception is:

  listening to radio waves with a thermometer

  logging in to an authorised web server

  breaking into a cable and physically peering through it

  listening to communications between users without their permission

 26. There are typically two well known types of penetration test targets: What are they?

  Normal and Boundary

  Black and White

  Red and Yellow

  Fluid and Static

 27. Penetration testing can never be carried out manually by individuals who are capable of carrying out attacks.

  TRUE

  FALSE

 28. Hackers that carry out penetration testing are sometimes called:

  There is no such thing - only computer systems can penetration test, not humans

  penepen testers

  ethical hackers or white-hat hackers

  Boundary testers

 29. White box testing assumes knowledge of the internals of the systems.

  TRUE

  FALSE

 30. Pharming is terrifying because the email can be legitimate but clicking on the link takes you to a hacker's website. How?

  The hacker may modify certain files on your computer or hack the DNS server

  The hacker may be the owner of the internet so knows it all

  This cannot be done

  All of the above

 31. ____________ is when the perpetrator obtains information while watching you use the device they want access to.

  phishing

  shouldering

  pharming

  blagging

 32. Baiting is like the real-world Trojan horse that uses physical media and relies on the _____________ of the victim

  wickedness and technological ability

  health and wealth

  religion or ethnicity

  curiosity or greed

 33. Organisations can reduce their security risks by:

  Establishing clear company security protocols (rules) and procedures for handling sensitive data

  Performing unannounced periodic tests of the security framework

  Training employees in security protocols relevant to their position

  All of the above

 34. An example of blagging is a hacker calling a company and pretending to be their network manager.
Blagging is the art of convincing an individual you are someone else in order to obtain sensitive information

  TRUE

  FALSE

 35. The attacks used in social engineering can be used to steal employees' confidential information. One common type of social engineering …

  happens via privately secured skype calls

  happens over the phone

  happens between machines

  happens via the download of Microsoft products

 36. Another example of social engineering is a criminal posing as exterminators, fire marshals and technicians to go unnoticed and…

  steal nothing

  steal company secrets

  steal anti virus software

  steal engineering devices (e.g. cranes)

 37. Spyware are programs that inject adverts into pages and programs on your computer with the aim that the hacker gets advertising revenue

  TRUE

  FALSE

 38. Spyware gathers data about people without their knowledge, including sensitive data like passwords

  FALSE

  TRUE

 39. You can minimise the risk of malware by:

  All of the above

  avoiding going to unknown or 'dodgy' websites

  installing Anti Virus software

  running regular system scans

 40. Some spyware can even use your laptop or comptuer's webcam without your knowledge!

  FALSE

  TRUE

 41. The following list are methods that ….
Biometric Measures
Password Systems
CAPTCHA
Using email confirmations to confirm user identity
Automatic software updates

  are developed by programmers to test a system

  are developed by hackers to attack a system

  would help prevent cyber security attacks if used correctly

  would facilitate attacks and weaken a system or network

 42. Penetration testing can be carried out by people who simulate an attack on a system to expose …………..

  variations

  vulnerabilities

  viruses

  redunduncies

 43. A common form of biometric security scanning used in school canteens and mobile phones is:

  the use of CAPTCHAs

  fingerprint scanners

  Automatic software updates

  telephone virus installations

 44. One of the worst things you can do in terms of keeping passwords secure is to:
*What is known as a 'Hash' of the passwords is stored

  store plain text passwords on a system

  store numerical passwords which are encrypted on a system

  None of the above

  store encrypted passwords on a system

 45. A longer password is always better in terms of a hacker being able to brute force hack it.
a password that contains letters a - z and is 
seven characters long could take just 8 seconds to hack

On the other hand a password that contains letters a - z
and is fourteen characters long could take several million
hours to brute-force hack…

  FALSE

  TRUE