Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Cybersecurity Best Practices for Businesses, Exams of Computer Security

A practical guide to cybersecurity for businesses, covering topics such as the different types of hackers, common cyber attacks, and effective security measures. It includes a series of quizzes that test the reader's understanding of cybersecurity concepts and principles. The guide aims to help businesses protect their clients and their own sensitive information from cyber threats by implementing robust security protocols and educating employees on cybersecurity best practices. A wide range of topics, including password security, social engineering attacks, data mapping, and incident response, making it a valuable resource for businesses of all sizes looking to enhance their cybersecurity posture.

Typology: Exams

2024/2025

Available from 10/15/2024

Holygrams
Holygrams ๐Ÿ‡บ๐Ÿ‡ธ

3

(2)

1.6K documents

1 / 35

Toggle sidebar

Partial preview of the text

Download Cybersecurity Best Practices for Businesses and more Exams Computer Security in PDF only on Docsity!

Protect Your Clients - A Practical Guide to Cybersecurity (Oregon) โœ”โœ” Quiz 1: Reasons for Cybersecurity โœ”โœ” A hacker who can be hired to assist your company with identifying weaknesses in the cybersecurity protections is known as a: A) Grey Hat Hacker. B) White Hat Hacker. C) Hacktivist. D) Black Hat Hacker. โœ”โœ”B) White Hat Hacker. White hat hackers are hackers who sell their services and skills to "test" the firewalls and security methods your company has put in place. White hat hackers will not invade your company's security mechanisms without approval; while grey hat hackers will breach systems without permission before informing your company.

Protect Your Clients - A Practical Guide to

Cybersecurity (Oregon) EXAM with

Actual Questions & Answers: Latest

Update 2025 (graded A+)

According to the National Cyber Security Alliance, what percentage of small or midsized companies go out of business within six months of being hacked? A) 30% B) 50% C) 60% D) 90% โœ”โœ”C) 60% The NCSA estimates that some 60% of small and midsize companies go bankrupt within a half year of being hacked. This is typically because the companies must pay for the forensics and insurance. Modern technology has begun to link digital consumer goods, such as cell phones, smart printers, and computers, allowing machines to learn your patterns or otherwise connect all devices together for ease of use. What is the term we use for this network? A) The Internet of Things B) The Smart Connect C) The device-web D) The Digital Network โœ”โœ”A) The Internet of Things

The Internet of Things refers to the connected web of consumer digital devices. While the Internet of Things can be convenient and assist a company's efficiency, it also opens up different avenues for hackers to exploit vulnerabilities within that digital network. All of the following are broad descriptions of cyber-attacks EXCEPT A) attacks on integrity. B) attacks on confidentiality. C) attacks on availability. D) attacks on personnel. โœ”โœ”D) attacks on personnel. Attacks on availability, confidentiality, and integrity are the broad descriptions of cyberattacks. Attacks on availability limit access to networks, attacks on integrity limits the credibility of your systems;,and attacks on confidentiality are violations of your company's privacy. A real estate agent's email account was compromised. The hacker was able to send an email to a client explaining that "last-minute closing changes" required a "correction" to a bank account number being used to hold closing cost funds. The client followed the email's instructions and transferred the money to pay for closing costs to the updated bank account.

When the client was contacted by the real estate agent and learned that the earlier email was a spoof, they soon discovered that the transferred money had been removed from the account and was unrecoverable. What would this sort of attack be considered? A) Attack on availability B) Attack on confidentiality C) Advanced persistent threat D) Attack on integrity โœ”โœ”D) Attack on integrity This would be an example of an attack on integrity because it uses the credibility of the real estate agent's email account to convince the client to change closing information. Quiz 2: Cyber Threats โœ”โœ” Which of the following best describes baiting? A) Directing a client to transfer their closing funds to an escrow company B) Sending an email with the subject line, "YOU ARE A WINNER!" C) Intentionally leaving a trojan-infected USB device on the sidewalk D) Searching for unsecured wifi networks to use as the source for an attack โœ”โœ”C) Intentionally leaving a trojan-infected USB device on the sidewalk

Baiting is oftentimes a very simple form of social engineering where a cd, laptop, or USB stick is left in the open to tempt the victim into using the device. Brute-force password attacks can break through a password by randomly guessing the codes. Which of the following measures would best prevent a successful password attack? A) Making the password longer than 10 characters B) Using words that are commonly found in a dictionary C) Using a combination of uppercase and lowercase letters D) Adding a letter to the end of a 4 - digit numeric password โœ”โœ”A) Making the password longer than 10 characters Longer passwords are more difficult to crack with brute force password programs. In general, a longer password will be harder to crack than a password with symbols or upper case/lower case letters. A Distributed Denial of Services (DDoS) attack oftentimes involves simultaneously using a large number of computers and digital devices to send an unsustainable amount of traffic to a single website. Those computers are controlled with assorted malwares that are controlled from a host computer. What do we call the collection of computers that performs the DDoS?

A) A distributed strike B) A digital horde C) A remote swarm D) A botnet โœ”โœ”D) A botnet The collection of computers and devices like phones and tablets is known as a botnet. It is usually a remotely controlled network of slave devices that can be sent en masse to a target site. Tyrone received an email that read, "You are included in a settlement for overcharging at Local Gas Station." The email explained that the local gas station had lost a lawsuit for overcharging customers. Anyone who lived around Local Gas Station was to receive a $150 check, so long as they could prove they bought gasoline there in the past four months. The email asked for proof of address and a credit card number that investigators could cross-check with Local Gas Station purchase records. When Tyrone Googled "Local Gas Station lawsuit" there were no articles or information about any lawsuit. What is this email likely an example of? A) A phishing scheme B) A Quid Pro Quo arrangement C) A contact spamming scheme D) A doxing attack โœ”โœ”A) A phishing scheme

An email claiming to provide money in exchange for personal or financial information is often a clear example of a phishing scheme. By investigating the information a little, Tyrone was able to discover that the information in the email was not real. Which of the following would be an example of a Quid Pro Quo attack? A) A hacker buys an old, decommissioned work laptop from a company and locates a draft document hidden deep in the laptop's archives that has a current server password. The hacker uses that password to break into the company's servers. B) A hacker calls every business in the area pretending to be tech support. When one company responds that they were waiting to hear back from tech support, the hacker proceeds to assist the company with the problem, but requests passwords and account information in order to "fix the problem." C) A hacker puts on a maintenance crew uniform and slips into the company's server room without being stopped. The hacker then uses a USB drive to copy all the documents on the servers and walks out without being noticed. D) An employee accidentally clicks on a link and allows a hacker to install a backdoor into his computer. The hacker uses the backdoor to copy valuable data. โœ”โœ”B) A hacker calls every business in the area pretending to be tech support. When one company responds that they were waiting to hear back from tech support, the hacker proceeds to assist the company with the problem, but requests passwords and account information in order to "fix the problem."

A Quid Pro Quo attack involves giving the victim something in exchange for valuable information that is then used to further breach the company's data. It requires that the employee or company intentionally give the hacker data in exchange for money or services, so simply buying a laptop or USB drive that accidentally has information still on it may not necessarily be a Quid Pro Quo breach. Misha works for a bank that recently extended a loan to an unpopular natural gas pipeline project. A hacktivist sent Misha an anonymous message explaining that she had broken into Misha's files and copied all her documents, including personal emails to Misha's sister complaining about her boss. The hacktivist threated to publicize the documents and to send her direct superiors the personal emails if Misha did not assist the hacktivist in taking down the bank. What has Misha become a victim of? A) A Quid Pro Quo attack B) A Drive-By attack C) Doxing D) Baiting โœ”โœ”C) Doxing

Misha is potentially a victim of Doxing; the hacker is using the threat of public release of personal documents to harm Misha or to otherwise force her to act against her own interests. ABC Realty company received a strange email from their bank the week before that simply read, "Urgent!" All 15 of the ABC employees opened the email and found nothing in it but a strange file that did nothing when opened. All the computers were operating perfectly normal for a few weeks. Eventually the employees forgot about the strange email. When everyone returned after New Year's Day, every document on all the computers had been changed into a trojan virus file. What likely happened to ABC? A) The computers were subject to a zero-day infection at the same time. B) The original email contained a Logic Bomb that was set to go off on New Year's Day. C) The hacker installed backdoors on all the computers and waited until January 1 to damage the company. D) The original email contained a worm that was slowly replicating itself over months. โœ”โœ”B) The original email contained a Logic Bomb that was set to go off on New Year's Day. By nature of the sudden, coordinated attack on the computers, it is likely that ABC was hit with a Logic Bomb that was set to "explode" and replace all files at a specific date.

Business email compromise (BEC) is the term describing a large, organized effort to defraud and deceive CEOs and CFOs of large businesses. BEC typically involves spoofed emails and accounts to trick the CEO into responding with passwords or valuable information. BEC is a variation of which of the following? A) Spear phishing B) Baiting C) Pretexting D) Trojan Horse โœ”โœ”A) Spear phishing Business Email Compromises are a form of spear phishing, which is a form of social engineering phishing attack. BEC is a more targeted variation though, sometimes known as whaling, since it's a form of phishing for the largest targets. Alexa works for ABC brokerage. Alexa received an urgent email from the CFO that explained a recent cyberattack may have compromised some of their contact information and modified some of the direct deposit account information; the CFO requested that all employees email him photocopies of their driver's license and a bank statement so he could cross-reference all the information. What should Alexa do to make sure her information is safe? A) She should send the information to the CFO as he requested.

B) She should convince the company to update their antivirus software to prevent issues like this from happening again. C) She should wait until the next pay period to see if her information was compromised. D) She should call a secured number or attempt to directly speak with the CFO to see if the email was legitimate. โœ”โœ”D) She should call a secured number or attempt to directly speak with the CFO to see if the email was legitimate. When a financial employee requests copies of information like drivers' licenses or bank statements, it is oftentimes better to provide the information in person. Sending personally- identifying information by email is potentially risky. If the CFO's email account was compromised, then any messages sent to the email may be seen by a criminal party. Quiz 3: Cyber Responses โœ”โœ” Which of the following is NOT one of the four components of a valid electronic signature? A) The signing party has intent to sign the electronic document B) The electronically signed document is associated with the record C) Only one party needs to consent to doing business electronically D) There must be a record of the transaction that is retained โœ”โœ”C) Only one party needs to consent to doing business electronically

For a valid electronic signature, both parties must intend to use electronic records for the transaction throughout the process; withdrawing consent will prevent the parties from proceeding with electronic documentation. Marshawn has been tasked with improving the strength of his company's cybersecurity for as little money as possible. His boss has authorized him to make changes, but not to spend any money. What can Marshawn do without raising expenses? A) Move the main office to a more-secure location with restricted agent access B) Hire a white hat hacker to audit the company's security protocols C) Limit access to secure documents using existing password protocols and file permissions D) Purchase an external hard drive that is not connected to the network to store valuable documents โœ”โœ”C) Limit access to secure documents using existing password protocols and file permissions While many ways to improve cybersecurity are inexpensive, several can be quite costly. Hiring hackers to audit a firm, purchasing new computers and secured hard drives (prices of external hard drives vary depending on the type and quality; large solid-state drives can be several thousand dollars), or upgrading to higher security software can be an expense. On the other hand, being mindful about how data is stored and shared will go a long way towards reducing cyber breaches and is relatively inexpensive.

To prevent a cyber attack before it occurs, which of these preventative measures do you NOT need to take? A) Audit your security procedures B) Update antivirus software and patching computer systems C) Obtain a cyber insurance policy D) Use strong passwords and changing passwords periodically โœ”โœ”C) Obtain a cyber insurance policy To prevent a cyber attack, updating antivirus software, auditing security protocols, and using powerful passwords will help prevent attacks before they begin. Backing up systems and purchasing cyber insurance will mitigate damages, but they will not stop attacks from happening. Paula's computer has been infected with a malware virus that replicates itself in the background and slowly sends itself out to other devices through her email applications. Which of the following should Paula take as a sign that her computer may be infected? A) Her antivirus software is up-to-date, but the last patch was more than a week old B) Searches on the internet all result in a message reading "network connectivity error" C) She has been receiving significantly more spam emails than usual

D) Her computer takes significantly longer to turn on โœ”โœ”D) Her computer takes significantly longer to turn on If a computer is up-to-date on the patches, there is little reason to suspect that something has infiltrated your systems. Viruses that replicate themselves tend to slow the computer in a handful of ways by filling the memory or RAM. Checking your email outbox or trash bin (some viruses will automatically delete spam emails sent from your computer, but traces can sometimes be found in the trash bin) periodically will help locate possible infections. Liam's computer was struck with a ransomware virus. The computer locked up and displayed a message that reads, "Pay XYZ bank $10,000 by January 1, or the data will be deleted." Liam paid the money and the computer unlocked without any further complications. What should he do now? A) Nothing, Liam has paid the ransom, so the issue is resolved. B) Liam should look through his files to make sure none are missing C) Liam should treat every document on the computer as though they were compromised or copied. D) Liam should contact his clients and inform them that he was struck with ransomware, but that he paid the ransom and the documents are unharmed. โœ”โœ”C) Liam should treat every document on the computer as though they were compromised or copied.

Ransomware attacks potentially compromise every single document that was contained on the computer. There are no guarantees that the documents are unharmed and no proof that the client data is safe. What is data mapping? A) A form of cyber-attack that installs software capable of tracing data as it is moved from device to device B) Copying data onto many devices to ensure limited impact from ransomware attacks C) Tracking individual data and documents once they are taken to assist FBI investigations into the cyber-attack D) A map of data storage, explaining where documents are stored and what devices contain which forms of information โœ”โœ”D) A map of data storage, explaining where documents are stored and what devices contain which forms of information Data mapping involves knowing exactly where all a company's documents are held. Knowing where documents are kept will assist in rapid response to cyber attacks. Which of these is an example of privilege escalation? A) A hacker using a brute force program to crack a password, and using that password to steal documents.

B) A hacker installing a backdoor into the computer so they can control it remotely without needing to learn the password. C) A hacker using a compromised email account to receive their own private password and account from the IT people at the company. D) A hacker clearing logs and erasing files to delete any proof that they were there. โœ”โœ”C) A hacker using a compromised email account to receive their own private password and account from the IT people at the company. Escalation is the stage where a hacker exploits their present permissions to gain greater access to the documents and files. Asking for a password and account from an unsuspecting supervisor or IT department will allow the hacker to operate within the company as a "legitimate" employee. Essentially, they would be shielded from suspicions because their credentials would appear legitimate. A Practical Guide to Cybersecurity Final Exam โœ”โœ” Carol is a real estate agent who frequently uses her smartphone to send emails to her clients about their transactions. She decided to turn off all password and screen lock functions on her phone, as they got in her way when opening her phone. Which of the following security issues would be the most damaging to her brokerage and clients? A) Opening an email from someone she had not spoken to in several years.

B) Calling her clients to review their escrow instructions C) Using her phone to send both work and personal emails D) Leaving her unlocked phone on the subway โœ”โœ”D) Leaving her unlocked phone on the subway Forgetting a phone with access to clients' information will certainly be the most expensive and difficult to trace security breach. Make sure you know where your devices are because they contain most of your valuable information. Joon noticed that her office computer was responding much more slowly than usual. It had been acting sluggish since she had opened a strange attachment sent to her via email from her coworker. What is likely the cause of Joon's computer troubles? A) A worm virus B) A keylogger C) Spyware D) A logic bomb โœ”โœ”A) A worm virus Worms are the typical infection that comes from a suspect email. Spyware, stealth viruses, and logic bombs are designed to keep operating without slowing down the computer to stay out of notice.

Which of the following is TRUE about password protections on a smartphone? A) 123456 is a strong password because a six-character password has thousands of possibilities. B) Passwords that require a pattern to be swiped on the phone are the strongest. C) Password crackers do not exist for smartphones, so a smartphone password does not need to be as complicated. D) None of the above. โœ”โœ”D) None of the above. Mobile phones are just as susceptible to cyber invasions as laptops and computers. Password security should be taken seriously and the same principles that are applied to computers should also be applied to smartphones. Marty got access to a company's internal server after he sent a Trojan virus to one of the employees in an email. He has been using the server to compromise other devices in the network and create a botnet out of the server's assorted computers. What stage of the cyber chain is Marty in? A) Exfiltration B) Exploitation C) Lateral movement

D) Privilege escalation โœ”โœ”C) Lateral movement Marty is in the lateral movement step because he is using access to one device as a tool to compromise a range of other devices. Melissa read a newspaper article that the nearby local park was a notorious location for cyber eavesdropping. What does this mean? A) Hackers can steal anything on any digital device when it is within the park's boundaries B) Someone will be looking over Melissa's shoulder to watch whatever she is typing on her smartphone C) Talking on a mobile device while in the park can be heard by everyone else in the park D) Attackers are monitoring activity from devices that automatically connect to their unsecured wifi network โœ”โœ”D) Attackers are monitoring activity from devices that automatically connect to their unsecured wifi network Eavesdropping is the term for hackers setting up a public WiFi connection and monitoring any unsuspecting individual who connects to the WiFi. The hackers will not be able to access a phone in the park unless the phone connects to the public WiFi system.

Marcus finds ways to exploit a company's weak security policies, then will send a message to the company president offering to help protect the company's network if they hire his security company. What is Marcus an example of? A) A grey hat hacker B) A white hat hacker C) A black hat hacker D) A hacktivist โœ”โœ”A) A grey hat hacker A grey hat hacker is one that hacks without asking permission first. Grey hat hackers tend to hack to prove that their services are required, rather than waiting for the company to ask first as is the case with white hat hackers. Julietta has a network of computer bots that she can remotely control. Recently she had a disagreement with an online retail company. As revenge, she directs her bot-net to flood the company's website with page requests, slowing their website to a crawl and costing the retailer several thousand dollars in potential lost internet sales. What is Julietta an example of? A) A white hat hacker B) A black hat hacker C) A grey hat hacker D) A hacktivist โœ”โœ”D) A hacktivist

Since she was not causing the DDoS for monetary gain, Julietta is a hacktivist. If she was trying to steal data to get money or trying to break into the account to show the company that there were weaknesses in the security systems, she may one of the assorted color-hat hackers. Which of the following is an example of a man-in-the-middle attack? A) A hacker pretends to be a delivery driver to get past the front-desk security guards B) A hacker threatens to release compromising documents if the victim does not provide passwords C) A hacker calls victims and impersonates legitimate businesses to coax valuable information out of the victims D) A hacker intercepts an email, produces a fake email in its place, and then sends the fake email to the original recipient โœ”โœ”D) A hacker intercepts an email, produces a fake email in its place, and then sends the fake email to the original recipient Man-in-the-Middle attacks involve intercepting messages in transit or otherwise redirecting a message while it was in transit. The classic example of these attacks would be an email hijacking.

A hacking attack that exploits weaknesses or vulnerabilities in the code of software or an update to software is called A) a zero-day attack. B) Man-in-the Middle Attack. C) a dropper. D) tailgating. โœ”โœ”A) a zero-day attack. Hackers who exploit a mistake or opening in the code of an application, software, or software update are performing what is known as a zero-day attack. These attacks are largely only successful within a few days of the initial release of the software or update because later patches will fill in the openings. The primary way to avoid a zero-day attack is to patch and update your computer as often as possible, and to avoid leaving the computer unprotected for any period of time. What is the name for malware programs that record anything typed into the victim's computer? A) Keylogger B) Spyware C) Ransomware D) Brute-Force Password Cracker โœ”โœ”A) Keylogger

The programs that record all keyboard strokes are called keyloggers. They allow a hacker to primarily gather information on passwords, but is also used to steal private information, and web browsing information for blackmail or phishing purposes. Which of the following types of malware will be the most difficult to remove from your system once it has been installed? A) Worms B) Polymorphic viruses C) Keyloggers D) Macro viruses โœ”โœ”B) Polymorphic viruses A polymorphic virus will be the most difficult to remove because it self-encrypts and copies itself specifically to avoid scanning and security measures. Professionals are typically required when a polymorphic virus infects your systems. Wendy is a broker who just had her email account compromised. She learned about the break-in after seeing a spam email sent from her account and assumed that the hacker had accessed every single document in her email folders. What should Wendy do next? A) Avoid telling the clients until she is certain that the hacker copied her clients' data.

B) Contact her clients through trusted numbers and explain that any information they have sent her may be compromised. C) Lie to her clients and tell them that the spam wasn't from her email address. D) Do nothing and act as though nothing has happened. โœ”โœ”B) Contact her clients through trusted numbers and explain that any information they have sent her may be compromised. Wendy should immediately contact her clients and inform them that there is a possibility that their data has been compromised. This will give her clients the most possible time to respond to potential identity theft or later spear-phishing attempts. Which of the following is NOT a form of malware (malicious software)? A) Trojans B) Worms C) Spyware D) SQL injection โœ”โœ”D) SQL injection An SQL injection is a way to modify a website using areas where text may be entered to reprogram the website externally. It is not a form of malicious software that installs or otherwise modifies a computer.

Harry Hacker was able to infect a computer in a business' Human Resources department with a virus and installed a backdoor into HR's compromised computer. Which of the following pieces of information would help Harry in later hacking attempts? A) A file with all the company's employee's Social Security Numbers B) An email to HR from an IT employee explaining how to reset a password C) All the above D) A spreadsheet containing employee passwords and profile names โœ”โœ”C) All the above Personally identifying information, passwords, account names, and procedures for password change will clearly be useful in a later hacking attempt. Calendars explaining upcoming meetings would be useful in social engineering attacks because the hacker would have access to private information that only the HR person should know, and an email from the CEO will give the hacker a template for spoofed emails and make it easier to commit a business email compromise. Mitchell lost his laptop at a convention. It was found by a criminal hacker who wanted to infiltrate Mitchell's brokerage. The hacker cracks Mitchell's password and gets access to his entire system. Which of the following would be an example of a social engineering attack the hacker could launch from Mitchell's lost laptop? A) The hacker copies all the documents from the laptop and blackmails Mitchell with them