Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 28: Threats

Full screen (f)
exit full mode
Question
David is concerned about the security of his organization's web server. He wants to find and block all open, vulnerable ports on his web server. Which of the following tools should he use to find all open ports on the network?

A)Firewall
B)Performance monitor
C)Network scanner
D)Protocol analyzer
Use Space or
up arrow
down arrow
to flip the card.
Question
Which of the following transmission media is least susceptible to a vampire tap placed on the line?

A)Fiber
B)Coaxial
C)UTP
D)STP
Question
John has detected a breach in security. A hacker is trying to access confidential data from the company's server. What should be done first?

A)Detach the server from the network and remove the network cable.
B)Look for the hacker and penalize him.
C)Restart the server.
D)Shut down the server.
Question
Which of the following logs should you look for if you want to find out when the workstation was last shutdown?

A)Hardware
B)Security
C)Access
D)System
Question
Which of the following is a server placed in a corporate network for the purpose of attracting a potential intruder's attention?

A)Scanner
B)NAT
C)Firewall
D)Honey pot
Question
Which of the following terms describes the process of improving security?

A)Patching
B)Compression
C)Encryption
D)Hardening
Question
John is a security advisor at his organization. A number of anonymous users are complaining about data being stolen from their computers. Which of the following should he enforce to avoid data theft?

A)Multi factor authentication
B)Token authentication
C)Smart card authentication
D)No removable-media drives or ports on the computers policy
Question
David has just switched on his system and opened a word document. Surprisingly, the dialer started dialing the internet. What kind of an attack has probably occurred?

A)ACK attack
B)Worm
C)Logic bomb
D)Virus
Question
John is investigating a situation where an internal user's PC has been hacked by another internal user in the organization. Which of the following locations should he check to determine the source of the attack?

A)The firewall's logs
B)Audit logs of the user who has attacked
C)Domain controller's logs
D)Audit logs of the user who has been attacked
Question
Which of the following password-guessing attacks continue attacking until a successful guess occurs?

A)Guess attack
B)Password guess attack
C)Dictionary attack
D)Brute force attack
Question
Which of the following is a Bluetooth-based attack that relates to gaining unauthorized access through a Bluetooth connection?

A)Blue-theft
B)Blue-access
C)Blue jacking
D)Bluesnarfing
Question
Which of the following best describes domain name kiting?

A)It is a practice of hacking domain names.
B)It is the practice of transferring domain names.
C)It is the process of erasing the DNS records of a domain name.
D)It is the practice of repeatedly registering and deleting a domain name so that in effect, the registrant can own the domain name without paying for it.
Question
Jack is investigating the cause of his company's failure in winning the bid for a project. He suspects that a hacker could have intervened in the communication session between his company's employees. Which of the following attack types is he investigating on?

A)Man-in-the-middle attack
B)TCP/IP hijacking
C)Back door attack
D)Worm
Question
John is a Security Administrator at his organization. He is observing repeated unsuccessful attempts from a hacker to submit a Kerberos certificate and have it be validated by the authentication system. What is this attack called?

A)Man-in-the-middle attack
B)Back door attack
C)Replay attack
D)TCP/IP hijacking
Question
David is the Security Administrator at his organization. He is investigating an issue where the corporate server will not accept any connections using the TCP protocol. On close inspection he sees that the server indicates that it has exceeded its session limit. Which type of attack is this?

A)TCP ACK attack
B)TCP/IP hijacking
C)Smurf attack
D)Virus attack
Question
Which protocol does the smurf attack use to attack a network or system?

A)TCP
B)IP
C)UDP
D)ICMP
Question
You are working as a Security Advisor at your organization. On observing an employee's system log files report, you notice unsuccessful ongoing attempts to gain access to a single user account on the computer. What is this attack called?

A)TCP/IP hijacking
B)Password guessing attack
C)Man-in-the-middle attack
D)Worm attack
Question
Which of the following attacks involves the attacker gaining access to a host on the network and logically disconnecting it?

A)TCP/IP Hijacking
B)UDP Attack
C)ICMP Attacks
D)Smurf Attacks
Question
Which of the following TCP attacks tweaks the TCP three-way handshake process in an attempt to overload network servers, resulting in authorized users being denied access to network resources?

A)Snooping
B)Smurf attack
C)SYN attack
D)Man in the middle
Question
Which of the following defines a condition that can occur when an application receives more data than it is programmed to accept?

A)Spoofing
B)Buffer Overflow
C)Spam
D)Back door entry
Question
David switched on his system and opened his messenger application. Surprisingly, a Word document opens up instead. What kind of an attack has probably occurred?

A)Sniffer attack
B)Worm
C)Virus
D)Logic bomb
Question
Which of the following is a term used to define a collection of software robots (bots) that run autonomously and automatically and may harm your computer?

A)Automizer
B)Botnet
C)Soft bots
D)Root kit
Question
Which of the following is a major difference between a Worm and a Trojan horse?

A)Worms spread via e-mail, while Trojan horses don't.
B)Worms are a form of malicious code, whereas Trojan horses are not.
C)They are the same.
D)Worms self replicate, while Trojan horses don't.
Question
Which of the following viruses could attach itself to the boot sector of your disk to avoid detection and report false information about file sizes?

A)Trojan Horse
B)Stealth virus
C)Polymorphic virus
D)Worm
Question
What stealth software gives privileged rights to a machine without alerting Users or Administrators?

A)Root kit
B)Virus
C)Botnets
D)Spyware
Question
What software displays itself as a useful or helpful program and turns out to be malicious instead of or in addition to the previous assumption?

A)Worm
B)Trojan
C)Logic Bomb
D)Adware
Question
What is the type of attack that gives the attacker the ability to see messages from both sides of the communication and can also interject other messages into the conversation as well?

A)Spoofing
B)DDoS
C)Replay
D)Man-in-the-Middle
Question
What is a way for a hacker to redirect someone to a bogus website by exploiting DNS server vulnerabilities?

A)Pharming
B)Phishing
C)Spam
D)Vishing
Question
What is a type of attack that uses social engineering and exploits a user's trust in telephone systems by spoofing caller ID and other telco tools?

A)Phishing
B)Pharming
C)Vishing
D)Packet sniffing
Question
What is intercepting data packets transmitted over wireless connections called?

A)Whaling
B)Packet Sniffing
C)Packet corralling
D)Shoulder Surfing
Question
What is a way of compromising the original software or application that can alter the logic of a XML Web page?

A)SQL Injection
B)LDAP Injection
C)XML Injection
D)Cross-site Scripting
Question
What is a system that is intentionally set up with vulnerabilities to trap attackers?

A)Honey pot
B)Virtual Environment
C)DMZ
D)IDS
Question
What are the terms used to describe when someone who is unauthorized sneaks past a security point by closely following the person in front of them without consent of the person in front of them?

A)Tailgating
B)Piggybacking
C)Leapfrogging
D)Donkey Riding
Question
What are Zero-Day Exploits?

A)Software that hasn't come out yet
B)Software used to exploit holes in targeted software before the developer is aware of the holes
C)Vulnerability that no one has a change to exploit
D)Software provided the day after the vulnerability is discovered to stop attack
Question
An email that seems to come from the IT department requesting usernames and passwords is an example of what?

A)A Phishing Attack
B)A Questioning Attack
C)A Cloaking Attack
D)A Exploit Attack
Question
Which of the following defines a condition that can occur when an application receives more data than it's programmed to accept?

A)Spoofing
B)Buffer Overflow
C)Spam
D)Back door entry
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/36
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 28: Threats
1
David is concerned about the security of his organization's web server. He wants to find and block all open, vulnerable ports on his web server. Which of the following tools should he use to find all open ports on the network?

A)Firewall
B)Performance monitor
C)Network scanner
D)Protocol analyzer
Network scanner
2
Which of the following transmission media is least susceptible to a vampire tap placed on the line?

A)Fiber
B)Coaxial
C)UTP
D)STP
Fiber
3
John has detected a breach in security. A hacker is trying to access confidential data from the company's server. What should be done first?

A)Detach the server from the network and remove the network cable.
B)Look for the hacker and penalize him.
C)Restart the server.
D)Shut down the server.
Detach the server from the network and remove the network cable.
4
Which of the following logs should you look for if you want to find out when the workstation was last shutdown?

A)Hardware
B)Security
C)Access
D)System
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
5
Which of the following is a server placed in a corporate network for the purpose of attracting a potential intruder's attention?

A)Scanner
B)NAT
C)Firewall
D)Honey pot
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following terms describes the process of improving security?

A)Patching
B)Compression
C)Encryption
D)Hardening
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
7
John is a security advisor at his organization. A number of anonymous users are complaining about data being stolen from their computers. Which of the following should he enforce to avoid data theft?

A)Multi factor authentication
B)Token authentication
C)Smart card authentication
D)No removable-media drives or ports on the computers policy
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
8
David has just switched on his system and opened a word document. Surprisingly, the dialer started dialing the internet. What kind of an attack has probably occurred?

A)ACK attack
B)Worm
C)Logic bomb
D)Virus
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
9
John is investigating a situation where an internal user's PC has been hacked by another internal user in the organization. Which of the following locations should he check to determine the source of the attack?

A)The firewall's logs
B)Audit logs of the user who has attacked
C)Domain controller's logs
D)Audit logs of the user who has been attacked
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
10
Which of the following password-guessing attacks continue attacking until a successful guess occurs?

A)Guess attack
B)Password guess attack
C)Dictionary attack
D)Brute force attack
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
11
Which of the following is a Bluetooth-based attack that relates to gaining unauthorized access through a Bluetooth connection?

A)Blue-theft
B)Blue-access
C)Blue jacking
D)Bluesnarfing
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
12
Which of the following best describes domain name kiting?

A)It is a practice of hacking domain names.
B)It is the practice of transferring domain names.
C)It is the process of erasing the DNS records of a domain name.
D)It is the practice of repeatedly registering and deleting a domain name so that in effect, the registrant can own the domain name without paying for it.
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
13
Jack is investigating the cause of his company's failure in winning the bid for a project. He suspects that a hacker could have intervened in the communication session between his company's employees. Which of the following attack types is he investigating on?

A)Man-in-the-middle attack
B)TCP/IP hijacking
C)Back door attack
D)Worm
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
14
John is a Security Administrator at his organization. He is observing repeated unsuccessful attempts from a hacker to submit a Kerberos certificate and have it be validated by the authentication system. What is this attack called?

A)Man-in-the-middle attack
B)Back door attack
C)Replay attack
D)TCP/IP hijacking
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
15
David is the Security Administrator at his organization. He is investigating an issue where the corporate server will not accept any connections using the TCP protocol. On close inspection he sees that the server indicates that it has exceeded its session limit. Which type of attack is this?

A)TCP ACK attack
B)TCP/IP hijacking
C)Smurf attack
D)Virus attack
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
16
Which protocol does the smurf attack use to attack a network or system?

A)TCP
B)IP
C)UDP
D)ICMP
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
17
You are working as a Security Advisor at your organization. On observing an employee's system log files report, you notice unsuccessful ongoing attempts to gain access to a single user account on the computer. What is this attack called?

A)TCP/IP hijacking
B)Password guessing attack
C)Man-in-the-middle attack
D)Worm attack
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
18
Which of the following attacks involves the attacker gaining access to a host on the network and logically disconnecting it?

A)TCP/IP Hijacking
B)UDP Attack
C)ICMP Attacks
D)Smurf Attacks
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
19
Which of the following TCP attacks tweaks the TCP three-way handshake process in an attempt to overload network servers, resulting in authorized users being denied access to network resources?

A)Snooping
B)Smurf attack
C)SYN attack
D)Man in the middle
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
20
Which of the following defines a condition that can occur when an application receives more data than it is programmed to accept?

A)Spoofing
B)Buffer Overflow
C)Spam
D)Back door entry
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
21
David switched on his system and opened his messenger application. Surprisingly, a Word document opens up instead. What kind of an attack has probably occurred?

A)Sniffer attack
B)Worm
C)Virus
D)Logic bomb
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
22
Which of the following is a term used to define a collection of software robots (bots) that run autonomously and automatically and may harm your computer?

A)Automizer
B)Botnet
C)Soft bots
D)Root kit
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
23
Which of the following is a major difference between a Worm and a Trojan horse?

A)Worms spread via e-mail, while Trojan horses don't.
B)Worms are a form of malicious code, whereas Trojan horses are not.
C)They are the same.
D)Worms self replicate, while Trojan horses don't.
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
24
Which of the following viruses could attach itself to the boot sector of your disk to avoid detection and report false information about file sizes?

A)Trojan Horse
B)Stealth virus
C)Polymorphic virus
D)Worm
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
25
What stealth software gives privileged rights to a machine without alerting Users or Administrators?

A)Root kit
B)Virus
C)Botnets
D)Spyware
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
26
What software displays itself as a useful or helpful program and turns out to be malicious instead of or in addition to the previous assumption?

A)Worm
B)Trojan
C)Logic Bomb
D)Adware
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
27
What is the type of attack that gives the attacker the ability to see messages from both sides of the communication and can also interject other messages into the conversation as well?

A)Spoofing
B)DDoS
C)Replay
D)Man-in-the-Middle
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
28
What is a way for a hacker to redirect someone to a bogus website by exploiting DNS server vulnerabilities?

A)Pharming
B)Phishing
C)Spam
D)Vishing
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
29
What is a type of attack that uses social engineering and exploits a user's trust in telephone systems by spoofing caller ID and other telco tools?

A)Phishing
B)Pharming
C)Vishing
D)Packet sniffing
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
30
What is intercepting data packets transmitted over wireless connections called?

A)Whaling
B)Packet Sniffing
C)Packet corralling
D)Shoulder Surfing
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
31
What is a way of compromising the original software or application that can alter the logic of a XML Web page?

A)SQL Injection
B)LDAP Injection
C)XML Injection
D)Cross-site Scripting
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
32
What is a system that is intentionally set up with vulnerabilities to trap attackers?

A)Honey pot
B)Virtual Environment
C)DMZ
D)IDS
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
33
What are the terms used to describe when someone who is unauthorized sneaks past a security point by closely following the person in front of them without consent of the person in front of them?

A)Tailgating
B)Piggybacking
C)Leapfrogging
D)Donkey Riding
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
34
What are Zero-Day Exploits?

A)Software that hasn't come out yet
B)Software used to exploit holes in targeted software before the developer is aware of the holes
C)Vulnerability that no one has a change to exploit
D)Software provided the day after the vulnerability is discovered to stop attack
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
35
An email that seems to come from the IT department requesting usernames and passwords is an example of what?

A)A Phishing Attack
B)A Questioning Attack
C)A Cloaking Attack
D)A Exploit Attack
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
36
Which of the following defines a condition that can occur when an application receives more data than it's programmed to accept?

A)Spoofing
B)Buffer Overflow
C)Spam
D)Back door entry
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 36 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree