| A | B |
|---|
| Does malware usually enter a computer system with the user's knowledge? | No. Malware is software that enters a computer system without the user's knowledge or consent and then performs an unwanted and usually harmful action. |
| What are the three types of malware that have the primary traits of circulation and/or infection? | Viruses, worms, trojans |
| Which type of malware will hide or remove all traces of evidence that may reveal malware, such as log entries? | Rootkits |
| The type of malware that exploits a vulnerability on one system and then immediately searches for another computer on the network that has the same vulnerability? | Worm |
| What is the name for a program that is advertised as performing one activity but actually does something else? | Trojan Horse. They are an executable program that masquerades as performing a benign activity but actually but actually does something malicious. |
| What type of spyware silently captures and stores each keystroke that a user types on the computer's keyboard? | Keylogger |
| What type of malware can lock up a user's computer and then display a message that purports to come from a law enforcement agency that states the user must pay a fine for illegal activity? | Ransomeware |
| An infected robot computer is known as a _________? | Zombie |
| Botnets can flood a web server with thousands of requests and overwhelm it to the point that it cannot respond to legitimate requests. What is this called? | Denying services |
| Antivirus (AV) software on a computer must have its _________ files regularly updated by downloads from the internet. | Signature |
| Which windows feature provides information to users and obtains their approval before a program can make a change to the computer's settings? | User Account Control (UAC) |
| Is it recommended that a copy of data backup be stored at an off-site location? | Yes |
| The _______ is a worldwide set of interconnected computers, servers, and networks. | World wide web |
| Web servers distribute HTML documents based on a set of standards, or protocols, known as the ___________. | Hypertext Transfer Protocol (HTTP) |
| HTTP is based on which larger set of standards for internet communication? | Transmission Control Protocol/Internet Protocol (TCP/IP) |
| Using what email protocol can mail be organized into folders on the mail server and read from any device? | Internet Mail Access Protocol (IMAP) |
| What can be used to run JavaScript in a restricted environment and limit what resources it can access? | Sandboxing |
| Which of the following expands the normal capabilities of a web browser for a specific webpage? | Extensions |
| Which type of web browser enhancement can change browser menus or create additional toolbars? | Add-ons |
| What standardizes sounds and video formal so plug-ins like Flash are no longer needed? | HTML5 |
| What is it called when unsuspecting users visit an infected website and their browsers download code that targets a vulnerability in the user's browser? | Drive by downloads |
| A(n) _____ is also called a Flash cookie, named after Adobe Flash. | locally shared object (LSO) |
| What do web servers use to track whether a user has previously visited a web site? | Cookies |
| What are the risks of first-party cookies vs. third-party cookies? | Cookies pose security and privacy risks. First-party cookies can be stolen and used to impersonate the user, while third-party cookies can be used to track the browsing or buying habits of a user. When multiple websites are serviced by a single marketing organization, cookies can be used to track browsing habits on all the clients sites. |
| Using which internet security best practice is information not saved by the browser, such as pages that are visited will not be recorded to history or the address bar? | Private browsing |
| A(n) ____ requires a user to transport it from one computer to another. | Virus |
| Which of these is NOT an action that a virus can take? | transport itself through the network to another device. |
| Which malware locks up a user's computer and then displays a message that purports to come from a law enforcement agency? | ransomeware |
| Which of the following is not a type of malware that has as its primary trait circulation and/or infection? | botnet |
| A user who installs a program that prints out coupons but in the background silently collects passwords has installed a _____________. | Trojan |
| Malware payload allows an attacker to execute virtually any command on the victim's computer; this is called ___________. | arbitrary code execution |
| Which of these could NOT be defined as a logic bomb? A. programmer may hide a piece of code that starts deleting files (such as a salary database trigger), should they ever be terminated from the company. B. Send spam email to all users in the company C. Launching the "I Love You" virus on February 14 | Send spam email to all users in the company |
| What is access in a computer, program, or service that circumvents any normal security protections called? | backdoor |
| Which of these is a general term used for describing software that gathers information without the user's consent? | spyware |
| Which statement regarding a keylogger is NOT true? A. an attacker may trick the victim into clicking a malicious link which downloads the keylogger B. Software keyloggers are easy to detect C. Software keyloggers are not easy to detect | Software keyloggers are easy to detect. |
| Botnets are composed of __________. | zombies |
| Each of the following is a reason why adware is scorned except: A. it displays the attackers programming skills B. it can interfere with a user's productivity C. it displays objectionable content D. it can cause a computer to crash or slow down | it displays the attackers programming skills |
| Each of the following is a typical feature of fee-based internet backup service EXCEPT: A. delayed deletion B. file feedback information C. universal access D. backup to an external hard drive | backup to an external hard drive |
| How many carriers must a virus have to replicate the attack? | Two |
| Which level of UAC provides the lowest level of security? | Never notify |
| Which enhancements to software provides new or expanded functionality but does not address security vulnerabilities? A. B. C. D. | Feature update |
| Which type of firewall is an external hardware device? | Network firewall |
| The database that contains the sequence of characters of a virus is called the _____. | Signature file |
| A ____________ is a downloadable image that can be used to scan a computer for malware. | Rescue disc |
| What is the format used to write webpages? | Hypertext Markup Language (HTML) |
| Which of the following is the more recent and advanced electronic email system? A. Transmission Control Protocol (TCP) B. Post Office Protocol (POP) C. Simple Mail Transfer Protocol (SMTP) D. Internet Mail Access Protocol (IMAP) | Internet Mail Access Protocol (IMAP) |
| Which is the most popular scripting code used with webpages? | JavaScript |
| What technique do attackers use in order to circumvent text-based spam filters? | image spam |
| A reading pane allows the user to read an email message ___________. | without actually opening it |
| Bob's computer was infected from a driv-by download attack. What did Bob do to get infected? | He viewed a website. |
| A(n) _____ is a list of email addresses from senders from whom you do not want to receive messages: a. blacklist b. greenlist c. whitelist d. redlist | blacklist |
| What is the first step in defending against internet-based attacks? a. Ensure that the computer itself is properly secured. b. Do not open email attachments. c. Use a web browser that supports automatic downloads. d. Add security extensions to the web browser. | a. Ensure that the computer itself is properly secured. |
| Why should you not click on an embedded hyperlink? | They can take you to a different website other that what is advertised. |
| Which type of cookie is the most complex? a. extender cookie (CE) b. locally shared object (LSO) c. control cookie (CC) d. plug-in cookie | locally shared object (LSO) |
| The most secure option when configuring a web browser for security is _________. a. Accept first-party cookies. b. Accept first-party cookies but deny third party cookies. c. Deny first-party and third party cookies. d. Reject locally shared objects but accept second-party cookies. | Deny first-party and third-party cookies |
| Which of the following is not a web browser addition to enhance security? a. URL expander b website reputation c. plug-in validation d. local intranet flash signal | local intranet flash signal |
| Why would you want to block external content from downloading into your email client? a. To prevent spammers from knowing that your email address is valid. b. To take advantage of the remote reading pane. c. To prevent your computer's graphics processor utility buffer from filling too quickly. d. To slow down your email client so you can read the message. | a. To prevent spammers from knowing that your email address is valid |
| A cookie that was not created by the website that attempts to access it is called a(n) _____________. | third-party cookie |
| Which of the following web browser additions provides links to external programs? a. Java Applet b. extension c. plug-in d. add-on | plug-in |
| Which of the following is true about a cookie? a. It places a small file on the web server computer sent from the browser. b. It can pose a security and privacy risk. c. It acts like a worm. d. It can contain a virus. | b. It can pose a security and privacy risk. |
| Which of the following is NOT a secure Internet practice? a. Do not click on embedded links in an email. b. Run JavaScript code to prevent attacks. c. Restrick cookies in web browsers through browser settings. d. Double-check spelling on a typed web address before submitting. | b. Run JavaScript code to prevent attacks. |
