Ethical Hacking Chapter 3

Card Set Information

Ethical Hacking Chapter 3
2015-03-23 05:19:09

Show Answers:

  1. What is the main purpose of malware?
    Doing harm to a computer system
  2. A computer _____ relies on a host to propagate
    throughout a network.
  3. An exploit that attacks computer systems
    by inserting executable code in areas of memory not protected because of poorly written code is called which of the following?
    Buffer overflow
  4. Which of the following exploits might hide its destructive payload in a legitimate application or game?
    Trojan program
  5. Antivirus software should be updated annually. True or False?
  6. Which of the following doesn’t attach itself to
    a host but can replicate itself?
  7. Which of the following is an example of a macro programming language?
    Visual Basic for Applications
  8. One purpose of adware is to determine users’ purchasing habits. True or False?
  9. List three types of malware.
    • Answers can include viruses, worms, Trojan
    • programs, adware, and spyware.
  10. A software or hardware component that records each keystroke a user enters is called which of the following?
  11. List three worms or viruses that use e-mail as a form of attack.
    • Answers can include Waledec, Nimda,
    • Melissa, and W32/Sobig.F.
  12. The Ping of Death is an exploit that sends multiple ICMP packets to a host faster than the host can handle. True or False?
  13. What type of network attack relies on multiple servers participating in an attack on one host system?
    Distributed denial-of-service attack
  14. What exploit is used to elevate an attacker’s permissions by inserting executable code in the computer’s memory?
    Buffer overflow
  15. What component can be used to reduce the risk of a Trojan program or rootkit sending information from an attacked computer to a remote host?
  16. To reduce the risk of a virus attack on a network, you should do which of the following?
    All of the above
  17. The base 64 numbering system uses ____ bits to represent a character.
  18. An exploit that leaves an attacker with another way to compromise a network later is called which of the following? (2)
    a. Rootkit

    d. Backdoor
  19. Which of the following is a good place to begin your search for vulnerabilities of Microsoft products?
    Microsoft Security Bulletins
  20. An exploit discovered for one OS might also be effective on a different OS. True or False?
  21. ____________________ is malicious software, such as a virus, worm, or Trojan program, introduced to a network to prevent a business from operating.

    A. adware
    B. worm
    C. rootkit
    D. malware
    D. malware
    (this multiple choice question has been scrambled)
  22. The three components of the CIA triad are:

    A. classification, integrity, accreditation
    B. competency, information, authentication
    C. integrity, confidentiality, availability
    D. certification, approval, integrity
    C. integrity, confidentiality, availability
    (this multiple choice question has been scrambled)
  23. Of the three components of the CIA triad, which is the most important?

    A. ItDepends
    B. A
    C. C
    D. I
    A. ItDepends
    (this multiple choice question has been scrambled)
  24. A worm is a computer program that replicates and propagates itself by attaching itself to a host.
  25. What is a program created after an attack for later use by the attacker; it's usually hidden in the OS tools and is difficult to detect.

    A. botnet
    B. rootkit
    C. zombie
    D. malware
    E. toolkit
    B. rootkit
    (this multiple choice question has been scrambled)
  26. Which product is affected by CVE-2013-5324?(Internet access required to answer this question)

    A. Adobe Flash Player
    B. Adobe Reader
    C. Adobe Shockwave Player
    D. Adobe Acrobat
    A. Adobe Flash Player
    (this multiple choice question has been scrambled)
  27. A(n) ____________________ attack is an attack on a host from multiple servers or workstations.

    A. Zombie
    B. Denial-of-Service
    C. Distributed Denial-of-Service
    D. Botnet
    C. Distributed Denial-of-Service
    (this multiple choice question has been scrambled)
  28. There have been several reports from hotel guests that the username &passwords to their accounts were stolen after using a hotel provided computer. Ascan of the computer using antivirus software did not reveal any malware. How do you think the user information might have been compromised?

    A. backdoor
    B. botnet
    C. zombie
    D. rootkit
    E. hardware keylogger
    E. hardware keylogger
    (this multiple choice question has been scrambled)
  29. Which type of attack exploits a previously unknown vulnerability in a computer application?

    A. Patch Tuesday
    B. Distributed Denial-of-Service
    C. Zero-Day Exploit
    D. Ping of Death
    C. Zero-Day Exploit
    (this multiple choice question has been scrambled)
  30. As a practitioner of ethical hacking, you will not need to be concerned with physical security considerations such as ensuring network assets are protected by a secure locking mechanism.