Chapter 3 Questions
1. The main goal of a hacker is to circumvent access controls and potentially steal data.
* True
2. Which of the following best describes intellectual property?
```css
A. The items a business has copyrighted
B. Patents owned by a business
C. Sales and marketing plans
D. Customer lists
E. All of the above
```
3. Which of the following terms best describes a person with very little hacking skills?
```
A. Hacker
B. Script kiddie
C. Cracker
D. Wannabe
E. All of the above
```
4. A(n) *packet sniffer* is a software tool that is used to capture packets from a network.
5. Which type of attack results in legitimate users not having access to a system resource?
```
A. Denial
B. Disclosure
C. Alteration
D. Spoofing
```
6. A qualitative risk assessment assigns a subjective risk rating to assess the risk.
* True
7. Which of the following is an example of social engineering?
```
A. SQL injection
B. XML injection
C. Security design
D. Impersonation
E. All of the above
```
8. Which of the following is an example of an administrative security control?
```
A. Antivirus/anti-malware protection
B. Data leakage prevention
C. Standardized workstation and laptop images
D. Security awareness training
E. All of the above
```
9. Vulnerability assessment scanners look for software vulnerabilities in IP host devices.
* True
10. Which of the following affects availability?
```
A. Cross-site scripting
B. SQL injection
C. Denial
D. Packet sniffing
E. None of the above
```
11. Which type of attack involves capturing data packets from a network and transmitting them later to produce an unauthorized effect?
```
A. Man in the middle
B. Denial
C. Replay
D. Phishing
E. SQL injection
```
12. The list of known software vulnerabilities maintained by MITRE is called:
```
A. National Vulnerability Database (NVD)
B. Common Vulnerabilities and Exposures (CVE)
C. Zero-Day List (ZDL)
D. Software Vulnerabilities List (SVL)
```
\
Knowt
Note
Studied by 5 people
