Chapter 01 Quiz (ITN260) - Introduction and Security Trends

How did the Slammer worm infect computer systems?

It exploited a buffer-overflow vulnerability in computers running Microsoft SQL Server or SQL Server Desktop Engine.

Which attack is an example of an advanced persistent threat (APT) first reported by Google that also targeted Adobe, Yahoo!, Juniper Networks, Rackspace, Symantec, and several major U.S. financial and industrial firms?

Operation Aurora

Which statement applies to viruses?

They typically are highly visible once released.

What name was given to the advanced persistent threat (APT)-style spy network responsible for bugging the Dalai Lama's office?

GhostNet

Which Internet worm created infected systems that were part of what is known as a bot network (or botnet) and could be used to cause a DoS attack on a target or to forward spam e-mail to millions of users?

Conficker (a.k.a Downadup worm)

Which Internet worm, released in 1988, is considered to be one of the first real Internet crime cases?

The Morris worm

Which term refers to an attack conducted against a site with software that is vulnerable to a specific exploit?

Target of opportunity attack

True zero-day vulnerabilities are used often and quickly because once used, they will be patched. (T/F)

False

Which attacks represent examples of state-sponsored malware?

Stuxnet, Duqu, and Flame

What was the primary lesson learned from the Slammer worm?

It drove home the point that the Internet could be adversely impacted in a matter of minutes.

Which brand-name attack group consists of Russian hackers who have brought major issues to Ukraine via numerous attacks over the past couple of years?

Sandworm

Because of malware's nefarious purpose, there is no criminal distinction between the writers of malware and those who release malware. (T/F)

False

Melissa is the best known of the early macro-type viruses that attach themselves to documents for programs that have limited macro programming capability. (T/F)

True

In the early days of computers, security was considered to be a binary condition in which your system was either secure or not secure. (T/F)

True

Into which threat category does information warfare fall?

highly structured

What target did the teenage hacker who went by the name "Jester" attack in March 1997?

He cut off telephone services to the FAA control tower as well as the emergency services at the Worcester Airport and the community of Rutland, Massachusetts.

What name was given to an intellectual property attack executed against oil, gas, and petrochemical companies in the United States?

Operation Night Dragon

Most current ransomware attacks use a hybrid encrypting scheme, locking the files on a victim's computer until a ransom is paid. (T/F)

True

Criminal activity on the Internet, at its most basic, is quite different from criminal activity in the physical world. (T/F)

False

When internal threat actors pursue their attacks, they have an additional step to take: the establishment of access to the system under attack. (T/F)

False

Which term describes a category of attacks that generally are conducted over short periods of time (lasting at most a few months), involve a relatively small number of individuals, have little financial backing, and are accomplished by insiders or outsiders who do not seek collusion with insiders?

unstructured threat category

One of the hardest threats that security professionals will have to address is that of the insider. (T/F)

True

Which Internet criminal is famous for conducting his attacks using a number of different "tools" and techniques, including social engineering, sniffers, and cloned cellular telephones?

Kevin Mitnick

In many early cases of computer crime, the perpetrator of the crime intended to cause damage to the computer. (T/F)

False

How did the Code Red worm spread?

It made use of a buffer-overflow condition in Microsoft's IIS web servers that had been known for a month.

Today, the data stored and processed by computers is almost always more valuable than the hardware. (T/F)

True

Who is considered to be the ultimate insider, with his name being synonymous with the insider threat issue?

Edward Snowden