Chapter 13 TEST ANSWERS

1.) Spam is used only to deliver harmful worms and other malware.
-FALSE
2.) A zombie is a computer that has been taken over by a hacker.
-TRUE
3.) Which of the following is NOT one of the five phases of an advanced persistent threat
(ATP) attack?
-IMPORT
4.) Whenever there is a computer security incident, an organization should be forthcoming
and reveal all they know in public forums.
-FALSE
5.) In a security incident, the primary goal must be to regain control and limit damage, not to
attempt to monitor or catch the intruder.
-TRUE
6.) Recent studies show that spam makes up approximately half of all emails sent.
-TRUE
7.) Despite warnings, some computer users still share their login ID and password with
coworkers.
-TRUE
8.) A black hat hacker is someone who ____________.
-Violates computer or Internet security maliciously or for illegal personal gain
9.) A distributed denial-of-service attack is generated from __________.
-a network of computers that send out access requests to servers rapidly
10.) Justine has just received a new credit card. On the back she notices a code number
above the signature panel. What is its purpose?
-To verify the card is legitimate and not a stolen card number
11.) A botnet is an individual computer that can be controlled from a remote location
by a hacker.
-FALSE
12.) A firewall can be a combination of both software and hardware.
-TRUE
13.) A _______ is usually triggered by a specific event, such as a change in a
particular file or a specific time or date.
-Logic bomb
14.) A(n) __________ is software and/or hardware that monitors system and network
resources and activities and notifies network security personnel when it detects network
traffic that attempts to circumvent the security measures of a networked computer
environment.
-Intrusion Detection System
15.) A company's IT team is working through the 8-step risk assessment process. The
team is identifying the risks or threats that could occur. Which step is the IT team on?
-STEP 2
16.) When it comes to IT security, organizations should be most concerned about
________.
-organized groups that have ample resources, including money and sophisticated tools
17.) When you receive a text message that there is a problem with your bank account
and you are required to click on a link to submit some information, you are probably
seeing a spear-phishing attack.
-FALSE
18.) Which of the following defines cyberterrorism and associated penalties?
-USA Patriot Attack
19.) By adding more devices to a network, you decrease the possibility of a security
breach.
-FALSE
20.) As the new Information Security officer for a major automobile manufacturer,
which of these risky employee behaviors are you most concerned about?
-LEAVING LAPTOP COMPUTERS UNATTENDED IN PUBLIC SPACES
21.) Assume your organization has experienced a security breach. Which of the
following actions should be included in your response plan?
-ALL OF THESE ANSWERS
22.) Antivirus software scans for specific codes, known as viral codes.
-FALSE
23.) A ______ is a set of programs that enables its user to gain administrator-level
access to a computer without the user's consent or knowledge.
-ROOTKIT
24.) Hackers have gained access to a national department store chain's database of
customers, which includes sensitive data like credit card numbers. What has the company
been the victim of?
-A data breach
25.) After a security incident, a formal incident report should be written that includes
all of the following EXCEPT
-The name of the hacker:
26.) n the second phase of an APT attack, the attacker ____________.
-enters the network at a low level to avoid setting off any alarms or suspicions
27.) Macro viruses are called so because they can only infect entire systems, not
individual computers.
-FALSE
28.) A strong security program begins by assessing threats to the organization's
computers and networks.
-TRUE
29.) Knowingly transmitting a program that causes harm to a computer is a crime.
-TRUE
30.) Which of the following is the correct description of a firewall?
-It can be software, hardware, or a combination of both that limits the incoming and
outgoing Internet traffic.
31.) The US-CERT incident reporting system is operated by the U.S. ________.
-Department of Homeland Security
32.) Systems can be configured to enforce a written policy that states that passwords
must be changed at pre-determined intervals.
-TRUE
33.) An organization looking for a stronger, more protective firewall should invest in a
second-generation firewall.
-FALSE
34.) You see a deceptive pop-up that says your computer is infected and that you must
visit a compromised website where you pay them to clean your computer. You have just
become a victim of viralware
-FALSE.
35.) A piece of programming code that causes a computer to behave in an unexpected
and usually undesirable manner is called a _______.
--VIRUS
36.) The Computer Fraud and Abuse Act covers trafficking of computer passwords.
-TRUE
37.) Which of the following covers false claims regarding unauthorized use of credit
cards?
-Fraud and Related Activity in Connection with Access Devices Statute
38.) Someone who attempts to destroy the infrastructure components of governments,
financial institutions, and other organizations is a(n) _______.
-cyberterrorist
39.) Those convicted of cyberterrorism are subject to a minimum 10-year prison term.
-FALSE
40.) Organizations are required by law to inform the public about any customer-related
data loss, even if there is a fear of bad publicity and loss of business.
-FALSE
41.) When an organization is seeking guidelines on developing security policies,
which agency should it contact?
-SANS
42.) The most common computer exploits include viruses, worms, phishing, Trojan
horses, and ransomware.
-TRUE
43.) Financial institutions like Citibank, MasterCard, and Visa are among the Websites
most often spoofed by phishers.
-TRUE
44.) The discovery of a vulnerability in a software program can potentially lead to an
exploit.
-TRUE
45.) In a(n) _________ attack, the perpetrator instructs the zombie computers to send simple
access requests to target computers.
-distributed denial of service