Get IT Security: Defense Against The Digital Dark Arts Graded Quiz Answers
Table of Contents
Q1. In the CIA triad, what does the letter ‘I’ stand for?
Answer: Integrity
Explanation: The CIA triad (Confidentiality, Integrity, Availability) represents the three primary goals of information security. Integrity ensures data accuracy and trustworthiness, preventing unauthorized modifications.
Q2. In information security, what is a vulnerability?
Answer: A flaw in hardware or software that can be exploited
Explanation: A vulnerability is a weakness in a system or application that can be exploited by attackers to compromise security.
Q3. After a user downloads a free software product, the computer’s browser automatically opens and jumps to random product pages. What kind of malicious software is this?
Answer: Adware
Explanation: Adware is a type of malware designed to display unwanted advertisements, often redirecting browsers to product pages or promotional sites.
Q4. An unhappy systems administrator installed malware that attacked after a timed event, rather than when it was installed. What type of malware does this describe?
Answer: A logic bomb
Explanation: A logic bomb is malicious code that executes under specific conditions, such as after a set time or event, making it difficult to detect beforehand.
Q5. An employee at a company plugs a router into the corporate network to make a simple wireless network. An attacker outside the building uses it to get access to the corporate network. What is the name of this type of attack?
Answer: A rogue AP (Access Point) attack
Explanation: A rogue access point attack occurs when an unauthorized wireless access point is added to a network, exposing it to potential attackers.
Q6. Which type of network-based attack prevents legitimate users from accessing a system by overwhelming the network?
Answer: A Denial of Service (DoS) attack
Explanation: A DoS attack floods a network or server with excessive requests, overwhelming its resources and preventing access for legitimate users.
Q7. An attacker sends a large number of SYN packets but does not send any ACK messages back. The connection stays open and uses up the source’s resources. What is this attack called?
Answer: A half-open attack
Explanation: A half-open attack, a form of SYN flood, exploits the handshake process by leaving connections incomplete, consuming system resources.
Q8. What type of attack involves injecting malicious code into a website to hijack a session cookie?
Answer: Cross-site scripting (XSS) attacks
Explanation: XSS attacks inject malicious scripts into websites to steal sensitive information, such as session cookies, from unsuspecting users.
Q9. Which of the following best helps you strengthen your password?
Answer: Incorporate symbols, numbers, and capital letters
Explanation: A strong password includes a combination of letters (upper and lowercase), numbers, and symbols, making it harder to crack.
Q10. Fill in the blank: Phishing, spoofing, and tailgating are examples of ________ attacks.
Answer: Social engineering
Explanation: Social engineering attacks manipulate human behavior to gain unauthorized access or steal information, using methods like phishing, spoofing, and tailgating.
Get IT Security: Defense Against The Digital Dark Arts Practice Quiz Answers >>
Get Module 01 Challenge: Understanding Security Threats Quiz Answers
