Computer Science 110: Introduction to Cybersecurity

Which method works like an antivirus program?

Signature-based approach

Which is NOT a follow-up step once your business disaster recovery plan is created?

Distribute the plan to media, so they know how the company will handle disasters.

Which tool looks for abnormal activity?

Anomaly detection systems

Anti-virus software can find and remove _____ from your computer system.

Malware

After a catastrophe, _____ disaster plan(s) are often needed to recover.

multiple

Which of the following teams initiates, controls and ends a disaster recovery process in an organization?

The Disaster Management Team

When considering data recovery options, what is another factor organizations may have to consider?

Privacy and other laws that may affect the data

Social engineers use the same methods as _____, except they use technology.

Con men

Which of the following is NOT a threat/risk associated with social media?

Hardware failure

Which type of social engineering method might involve a college website that has been targeted and hacked, leaving behind malicious code that will execute when the page is loaded?

Watering Hole

When Angela buys a new smartphone that uses retina scanning instead of a password, the phone is using _____ security.

biometric

Which of these is a way to take a preventative measure against malware?

Keeping your operating system up to date

What is a computer virus?

It is malicious code that had been designed to replicate itself in its host causing system disruptions, instability, unauthorized modifications, or disability of core functions and processes.

The first computer virus developed was the _____.

Creeper Program

_____ is a type of malware that may cause pop-up advertisements to appear outside the web browser.

Adware

Which of the following might be a victim of a white collar crime?
I. Individuals
II. Corporations
III. Charities

I, II, and III

Which of the following activities is not common with hacking?

Sharing personal information with another person

On a website that calls for you to enter your financial information the URL should include what letter after the http?

s

Identity theft is a tactic used by cyber criminals for the purpose of gaining _____ information.

personal or sensitive

The TJ Maxx hack was due to:

an SQL injection that allowed theft of data following a WEP crack

Computer software is _____.

programming code executed on a computer processor

What is a failed test?

The actual results do not match the expected results

In programming, the requirements phase is:

the phase that highlights what the program should do.

In cryptography, checksums are used to _____.

verify the integrity of data

Encryption is based on _____.

Cryptography

An encryption key is similar to a:

password

Encryption strength is a measure of:

The encryption's ability to resist brute force attacks.

What is a limitation of EaseUS?

The free version of EaseUS data recovery tool only allows you to scan for lost and deleted files. In order to fully recover the data for use, you would need to purchase the full version.

Computer forensic experts work with two primary types of data. What are they?

Visible and latent.

Which of the following is not an EnCase certification track?

CFCE

Examples of digital forensic tools include _____.

Disk Investigator, Digital Detective, EnCase and ComputerCOP

Which of the following is NOT described by an information security model?

Processing Power

Requiring users to change their passwords is an example of a(n) _____ security policy?

Technological.

The main reason for using an information security framework are as follows _____

-Ensuring legal compliance with the country of operation's Data Protection Act
-Protect the entire firm from network security breaches and invariably, company's data breach
-Assure customers and clients of their personal data safety and privacy

The purpose of a Business Continuity Plan Policy is to _____

help ensure the company does not collapse due to loss of critical data or disaster

You can quickly access a program or storage location with which of the following?

A shortcut

Which software is used to process instructions and coordinate between devices?

Operating system

Computer security is:

the maintenance of system integrity, availability and confidentiality at all times

How has the Internet of Things prompted new concerns over security issues?

Devices are not compatible with traditional security measures.

Many businesses today have changed their approach to marketing in all of the following ways EXCEPT:

They rely on employees to drive sales.

Instant messaging platforms are common among cyber criminals for all of the following reasons EXCEPT which?

They are less secure.

Which of the following is TRUE about how flawed computer software aids the execution of a Cyber Attack?

Flawed software provides an entry point by which malware extracts information of interest to the attacker.

How is spam email used in cybercrimes?

By tricking recipients into download viruses onto their device.

_____ is anything that can negatively affect information.

An information security threat.

Which of the following best describes confidentiality as it relates to information security?

Preventing unauthorized users from accessing information

What is NOT an example of physical security?

Encrypting email messages

What are the three principles of the information security CIA triad?

Confidentiality, Integrity, Availability

What is an IDS?

An application that monitors a network for malicious activity

Which of the following is a strategy supported by vendors for data recovery?

Vendor provides support for replication and recovery testing

AES uses a blocking size of?

128 bits

Cryptography is used to conceal data in transmission by the use of _____.

encryption

What is a symmetric encryption?

There is only a shared key.

What was the name of the cryptographic rotor machine used by the Germans in World War II?

The Enigma machine

Encrypt the following message using a Caesar cipher with a shift of 7: ET TU BRUTE

LA AB IYBAL

What is a one-way function in cryptography?

A mathematical combination of keys that is easy to create, but difficult to undo.

Fire is an example of a _____ information security threat.

Physical.

What type of testing is performed immediately before deployment?

Formal Acceptance Testing

When working to find secure programming methodologies, programmers should:

use a knowledge management base to avoid known pitfalls and have appropriate libraries against improper coding practices.

The _____ development process demonstrates the relationship between each early phase of development and the associated testing phase.

V-model

What is the purpose of the Internet of Things?

To create connections between devices, human and data.

Which policy informs users on how to handle an organization's confidential or sensitive information?

Information Security Policy

Which policy includes both the incident response policy and the disaster recovery plan?

Business Continuity Plan

The rise in the use of cell phones to commit cybercrimes could be attributed to all of these factors EXCEPT which?

They are more secure than other devices.

Eric has received a Facebook message from someone he recognizes as a friend, asking him to click a link to view a video. What should Eric do?

Verify the origins.

How do cyber criminals often make emails look more legitimate to trick their recipients?

By slightly changing the email address.

Which of these is NOT text-based?

Video conferencing

What is perhaps the most essential strategy in IT disaster recovery plans?

having data backups

Maintaining IT disaster recovery master copies, offsite copies and plans are the responsibilities of the _____.

Recovery Coordinators

What is a business disaster recovery plan?

A document that specifies exactly what should happen to minimize the impact and return the company to working order as quickly as possible after a disaster occurs that impacts the company

What is the cloud in the context of the internet and data?

series of offsite servers

Cybercriminals tend to share some similar characteristics. Which of these could that be?

They are tech savvy.

Investigators of cybercrimes must possess objectivity, inquisitiveness and knowledge of _____.

Digital security issues.

This role on a cybersecurity team is tasked with thinking like a hacker to help thwart cybercrimes before they happen.

Threat Intelligence Specialist

The latest password security standards call for at least how many characters in a password?

Eight

Which of the following is a characteristic of cyber crime?

-Is an offense
-Affects a computer (or more than one)
-A computer is the primary instrument of the offense

Piracy committed by technocriminals using satellite dish equipment involves which of the following?

Illegally accessing radio or television signals

Which of the following terms describes the practice of attempting to acquire sensitive information with deceptive emails?

Phishing

What is the first step described in this lesson that you can take to remove a computer virus?

Boot into Safe Mode

Which of the following makes a virus different from a worm?

A virus requires human intervention to spread.

What is one of the differences between a virus and a worm?

A worm is self-replicating.

Which of these is an indication of slow performance that may signal that a phone is infected with malware?

A phone crashing frequently

Which of the following is NOT determined by information security model governance?

The layout of the technologies

Set of framework policy documents created to guide the enforcement of measures protecting information and data of an organization from unauthorized access, sharing, loss or damage is called _____

Information Security Policy Document

What is phishing?

Attempting to get users to visit a fake website that masks itself as the real one.

An example of an information security policy document consists of the following components

Policy Name
Purpose
Policy ID

Which of the following attacks involves cyber criminals exploiting vulnerabilities that are not yet known to the general public and which do not have any defenses implemented yet?

Zero-Day

E-Mail spoofing is defined as _____

the process of manipulating the contents of an email in a way that makes the email appear to originate from a source other than the actual sender

Which of the following approach refers to the method of handling the occurrence of a digital crime after it has already happened?

Reactive approach

The main difference between the POP and IMAP e-mail protocols is that _____.

with POP emails are only accessed from the download device while with IMAP emails can be accessed from any device anywhere

What does anti-ransomware software protect your system from?

Your computer or network from being hijacked.

_____ can affect both individuals and companies regardless of size, industry, or value for the purpose of performing malicious acts.

Cybercrime

_____ is a tool used for examining the contents of a device in a secure manner?

Forensics Tool Kit (FTK)

Which phase below describes the process of ensuring operations have returned to a secure normal state?

Recovery

What kind of keys are there in an asymmetric encryption?

Public and Private

Information security must _____, and protect against, all threats.

Recognize.

Digital Detective tool offers experts _____.

no certification track

Which of the following best describes a proactive approach to digital crime?

It refers to actively searching for the clues that typically precede an attack in an effort to prevent the crime from taking place.

From the given options, which is the cause of the renewed challenges facing security practitioners today?

Earth's population growth and rise in the number of people using digital devices

Which of the following best defines what a cipher is?

It is the secret code used to encrypt data.

Information security policy documents include _____

Business Continuity Plan Policy
Remote Access Policy
Disaster Recovery Plan Policy