Unit 3 - Practice Quiz

Correct Answer: Integrity

Explanation: Integrity ensures that information remains accurate and complete over its entire lifecycle and is not altered by unauthorized entities.

Correct Answer: Data is protected from unauthorized access or disclosure

Explanation: Confidentiality prevents sensitive information from reaching wrong people, while ensuring that the right people can in fact get it.

Correct Answer: A disgruntled employee stealing proprietary code before quitting

Explanation: An Insider Threat comes from people within the organization, such as employees, former employees, contractors, or business associates, who have inside information concerning the organization's security practices, data, and computer systems.

Correct Answer: A worm is a standalone program that replicates without a host file

Explanation: Unlike a virus, which attaches itself to a host file and requires human action to spread, a worm is a standalone malware that replicates itself to spread to other computers, often relying on security failures on the target computer.

Correct Answer: Phishing

Explanation: Phishing is a method of trying to gather personal information using deceptive e-mails and websites.

Correct Answer: By systematically checking all possible keys or passwords

Explanation: A Brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. Mathematically, if a password space is , the attacker tries elements until success.

Correct Answer: To make a machine or network resource unavailable to its intended users

Explanation: DoS attacks are designed to overwhelm a system's resources so that it cannot respond to service requests.

Correct Answer: An attack exploiting a vulnerability that is unknown to the vendor and has no patch

Explanation: A Zero-day attack occurs when hackers exploit a flaw before developers have a chance to address it (zero days of awareness).

Correct Answer: Nmap

Explanation: Nmap (Network Mapper) is a free and open-source utility for network discovery and security auditing, used to identify devices running on a system and discovering hosts and services.

Correct Answer: Packet analysis and network protocol capturing

Explanation: Wireshark is a network protocol analyzer that lets you see what's happening on your network at a microscopic level (packet level).

Correct Answer: Pretexting

Explanation: Pretexting is a form of social engineering where an attacker creates a fabricated scenario (a pretext) to manipulate a victim into providing information.

Correct Answer: Encrypts the victim's data and demands payment for the decryption key

Explanation: Ransomware restricts access to the computer system that it infects, usually by encryption, and demands a ransom paid to the creator of the malware for the restriction to be removed.

Correct Answer: The communication between the browser and the server is encrypted

Explanation: HTTPS stands for Hypertext Transfer Protocol Secure. It uses TLS/SSL to encrypt normal HTTP requests and responses.

Correct Answer: All of the above

Explanation: A Digital Footprint is the trail of data you create while using the Internet, including websites you visit, emails you send, and information you submit online.

Correct Answer: Systems and data are accessible to authorized users when needed

Explanation: Availability ensures that systems, applications, and data are up and running for authorized users when they require them.

Correct Answer: A brute-force method using a list of common words and passwords

Explanation: A Dictionary Attack attempts to defeat an authentication mechanism by trying to determine its decryption key or passphrase by trying hundreds or sometimes millions of likely possibilities, such as words in a dictionary.

Correct Answer: Ransomware

Explanation: WannaCry was a worldwide cyberattack by the WannaCry ransomware cryptoworm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in Bitcoin.

Correct Answer: Penetration Tester (Ethical Hacker)

Explanation: A Penetration Tester or Ethical Hacker simulates cyberattacks on a computer system, network, or web application to find security vulnerabilities that an attacker could exploit.

Correct Answer: To add a second layer of security beyond just a password

Explanation: 2FA provides an extra layer of security by requiring a user to provide two distinct forms of identification (e.g., a password and a code sent to a mobile device).

Correct Answer: Machine Learning algorithms

Explanation: AI-based systems use Machine Learning to analyze patterns and behaviors in network traffic to detect anomalies that deviate from the norm, indicating a potential threat.

Correct Answer: Following an authorized person into a secure area without consent

Explanation: Tailgating (or piggybacking) is a physical security breach where an unauthorized person follows an authorized individual to enter a secured premise.

Correct Answer: Using a mix of uppercase, lowercase, numbers, and symbols

Explanation: Strong passwords should be complex and unpredictable. Mathematically, increasing the character set size () and length () increases entropy ().

Correct Answer: A network of private computers infected with malicious software and controlled as a group

Explanation: A Botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks.

Correct Answer: GDPR

Explanation: GDPR (General Data Protection Regulation) is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area.

Correct Answer: A targeted phishing attempt aimed at a specific individual or organization

Explanation: Spear Phishing is an email-spoofing attack that targets a specific organization or individual, seeking unauthorized access to confidential data.

Correct Answer: Trojan Horse

Explanation: A Trojan Horse is a type of malware that is often disguised as legitimate software. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate.

Correct Answer: Distributed Denial of Service

Explanation: DDoS stands for Distributed Denial of Service. It involves multiple compromised computer systems attacking a target, such as a server, website, or other network resource.

Correct Answer: Records every keystroke made by the user

Explanation: Keyloggers allow attackers to monitor the keys struck on a keyboard, usually in a covert manner, to steal passwords and other sensitive information.

Correct Answer: An attacker secretly intercepting and relaying messages between two parties

Explanation: In a MitM attack, the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.

Correct Answer: Supply Chain Attack

Explanation: The SolarWinds incident was a massive supply chain attack where hackers inserted malicious code into the Orion software updates, affecting thousands of organizations.

Correct Answer: Clicking on suspicious links or ads

Explanation: Clicking on suspicious links (Malvertising or Phishing links) is a primary vector for browser-based infections.

Correct Answer: To monitor and control incoming and outgoing network traffic based on security rules

Explanation: A Firewall acts as a barrier between a trusted internal network and untrusted external networks (like the Internet).

Correct Answer: Chief Information Security Officer (CISO)

Explanation: The CISO is a senior-level executive responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected.

Correct Answer: Inserting malicious SQL code into input fields to manipulate a database

Explanation: SQL Injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution.

Correct Answer: PCI-DSS

Explanation: PCI-DSS (Payment Card Industry Data Security Standard) is an information security standard for organizations that handle branded credit cards.

Correct Answer: Giving users only the access rights they need to perform their job

Explanation: The Principle of Least Privilege states that a subject should be given only those privileges needed for it to complete its task.

Correct Answer: Using email encryption (PGP/S/MIME) and verifying sender identity

Explanation: Encryption ensures message confidentiality, and sender verification prevents spoofing/phishing.

Correct Answer: The randomness or unpredictability of the password

Explanation: Entropy measures the unpredictability of a password. Higher entropy () means the password is harder to guess or brute-force.

Correct Answer: Malware that tricks users into visiting malware-infested sites by claiming their computer is infected

Explanation: Scareware is a form of malware which uses social engineering to cause shock, anxiety, or the perception of a threat in order to manipulate users into buying unwanted software.

Correct Answer: Packet sniffing and MitM attacks

Explanation: Public Wi-Fi networks are often unencrypted, allowing attackers on the same network to intercept data (Packet Sniffing) or position themselves between you and the router (MitM).

Correct Answer: Monitors and responds to security alerts and incidents

Explanation: A SOC Analyst is responsible for monitoring an organization's IT infrastructure to detect and respond to cybersecurity threats in real-time.

Correct Answer: Problem Solving and Communication

Explanation: While technical skills are vital, Soft Skills like communication, problem-solving, and adaptability are crucial for explaining threats to non-technical stakeholders.

Correct Answer: A collection of software tools that enables unauthorized access to a computer while hiding its presence

Explanation: A Rootkit is designed to provide continued privileged access to a computer while actively hiding its presence from administrators.

Correct Answer: To apply updates to software to correct security vulnerabilities and bugs

Explanation: Patch management is the process of distributing and applying updates to software to prevent vulnerabilities (like those used in Zero-day attacks) from being exploited.

Correct Answer: Sniffing

Explanation: Sniffing (or packet sniffing) involves capturing and analyzing data packets flowing through a network.

Correct Answer: Leaving a malware-infected physical device (like a USB) for a victim to find

Explanation: Baiting relies on the curiosity or greed of the victim. An example is leaving a USB drive labeled "Confidential" or "Payroll" in a parking lot.

Correct Answer: Retaliate

Explanation: The NIST Framework consists of Identify, Protect, Detect, Respond, and Recover. Retaliation (Hack Back) is generally illegal and not a standard framework component.

Correct Answer: Injecting malicious scripts into trusted websites viewed by other users

Explanation: XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.

Correct Answer: Protected Health Information (PHI)

Explanation: HIPAA (Health Insurance Portability and Accountability Act) sets the standard for protecting sensitive patient data.

Correct Answer:

Explanation: The formula for password combinations is , where is the number of possible characters and is the length. Here, .