Download CYBER SECURITY OVERVIEW ASSESSMENT EXAM and more Exams Cybercrime, Cybersecurity and Data Privacy in PDF only on Docsity!
CYBER SECURITY OVERVIEW ASSESSMENT EXAM
Malware - CORRECT ANSWER >>> Software designed to spread and perform malicious activities Adware - CORRECT ANSWER >>> Displays pop-up ads based on user activities Virus - CORRECT ANSWER >>> Self-replicating program performing malicious activities Polymorphic Virus - CORRECT ANSWER >>> Alters code to evade antivirus detection Macro Virus - CORRECT ANSWER >>> Resides in documents/emails exploiting productivity software Stealth Virus - CORRECT ANSWER >>> Attempts to hide its activities to avoid detection Armored Virus - CORRECT ANSWER >>> Designed to be difficult to detect and remove Retrovirus - CORRECT ANSWER >>> Targets antivirus systems to render them useless Phage Virus - CORRECT ANSWER >>> Modifies/infects system aspects to generate itself Companion Virus - CORRECT ANSWER >>> Borrows root filename to launch itself Worm - CORRECT ANSWER >>> Malicious software traveling through networks independently
Spyware - CORRECT ANSWER >>> Installed without user consent to control and send information Trojan - CORRECT ANSWER >>> Disguised as useful software to gain access to a system Rootkit - CORRECT ANSWER >>> Programs hiding system infection by manipulating OS information Backdoors - CORRECT ANSWER >>> Access methods bypassing security restrictions Logic Bomb - CORRECT ANSWER >>> Malicious code activated by a specific event Botnets - CORRECT ANSWER >>> Network of malicious software controlled by a hacker DoS - CORRECT ANSWER >>> Attack making computer resources unavailable to users SYN Flood Attack - CORRECT ANSWER >>> Disrupts TCP initiation by withholding the third packet Smurf Attack - CORRECT ANSWER >>> Overloads victim with ICMP response using false IP addresses DDoS - CORRECT ANSWER >>> Attack involving multiple computers to make services unavailable Spoofing - CORRECT ANSWER >>> Impersonating another entity to modify source addresses
Code Red - CORRECT ANSWER >>> Exploited Microsoft IIS flaw, defaced websites Nimda - CORRECT ANSWER >>> Targeted Internet servers, caused DDoS attacks MYDoom - CORRECT ANSWER >>> Most destructive virus, spread rapidly through emails Sasser - CORRECT ANSWER >>> Used RPC exploit to infect Windows machines Storm Worm - CORRECT ANSWER >>> Trojan horse infecting computers with malware Grayware - CORRECT ANSWER >>> Includes spyware, adware, dialers, etc., harming computers Disaster Recovery - CORRECT ANSWER >>> Processes to minimize impact of system failures Business Continuity - CORRECT ANSWER >>> Ensuring business operations continue despite failures Business Continuity Planning (BCP) - CORRECT ANSWER >>> Implementing policies to counteract business process failures Business Impact Analysis (BIA) - CORRECT ANSWER >>> Identifying critical functions and estimating impacts Risk Assessment - CORRECT ANSWER >>> Measuring risks quantitatively or qualitatively
Single Point of Failure - CORRECT ANSWER >>> Component whose failure can cause system failure High Availability - CORRECT ANSWER >>> Keeping services operational during outages Redundancy - CORRECT ANSWER >>> Duplicated or failover systems to prevent malfunctions Fail-over - CORRECT ANSWER >>> Process of switching to backup systems upon failure. Fault Tolerance - CORRECT ANSWER >>> System's ability to operate after component failure. RAID - CORRECT ANSWER >>> Redundant Array of Independent Disks for fault tolerance. RAID- 0 - CORRECT ANSWER >>> Disk striping for increased performance. RAID- 1 - CORRECT ANSWER >>> Disk mirroring for 100% redundancy. RAID- 3 - CORRECT ANSWER >>> Disk striping with parity disk. RAID- 5 - CORRECT ANSWER >>> Disk striping with distributed parity. RAID- 10 - CORRECT ANSWER >>> Combines RAID-1 and RAID-0 for mirroring and striping. Hot Site - CORRECT ANSWER >>> Operational 24/7 to take over functions in minutes. Cold Site - CORRECT ANSWER >>> Minimal site needing equipment setup after failure.
Multifactor Authentication - CORRECT ANSWER >>> Using two or more access methods for authentication. Kerberos - CORRECT ANSWER >>> Authentication mechanism in domains and UNIX realms. Remote Access Authentication - CORRECT ANSWER >>> Authentication for accessing a private network externally, including PAP, CHAP, MS-CHAP, MS-CHAPv2, RADIUS, TACACS, and TACACS+ PAP - CORRECT ANSWER >>> Password Authentication Protocol used in PPP, sending passwords in clear text CHAP - CORRECT ANSWER >>> Challenge Handshake Authentication Protocol using nonces for client-server authentication MS-CHAPv2 - CORRECT ANSWER >>> Improved version of Microsoft's CHAP implementation, enabling mutual authentication RADIUS - CORRECT ANSWER >>> Decentralized authentication service forwarding requests to a central server TACACS/TACACS+ - CORRECT ANSWER >>> Cisco's alternatives to RADIUS using port 49 for access control Mandatory Access Control (MAC) - CORRECT ANSWER >>> Model using sensitivity labels with predefined access privileges Discretionary Access Control (DAC) - CORRECT ANSWER >>> Model where object owners control access and permissions dynamically
Role and Rule-Based Access Control (RBAC) - CORRECT ANSWER >>> Access control model assigning roles to users based on job functions Mantraps - CORRECT ANSWER >>> Physical security method creating buffer zones to secure areas Physical Security - CORRECT ANSWER >>> Securing building areas with access control, tokens, proximity cards, and hardware security measures Fire Suppression - CORRECT ANSWER >>> Methods like fire extinguishers, fixed systems, and fire retardants for different types of fires Surge Protectors - CORRECT ANSWER >>> Devices protecting electronics from power spikes Power Conditioners - CORRECT ANSWER >>> Devices isolating and regulating voltage in a building Backup Power - CORRECT ANSWER >>> UPS for short-term power and generators for long- term power backup Preservation of Evidence - CORRECT ANSWER >>> Ensuring data integrity during collection, often by creating disk bit copies Chain of Custody - CORRECT ANSWER >>> Documented process maintaining evidence integrity from collection to presentation in court Sanitizing Systems - CORRECT ANSWER >>> Methods to render drives with PII unreadable before disposal
