Chat with AI
Deck 8: Communications and Operations Security
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/19
Play
Full screen (f)
Deck 8: Communications and Operations Security
1
Which of the following best describes the difference between a virus and a worm?
A) A virus is malicious software that requires a host file to spread itself, whereas a worm is malicious software that does not require a host file to spread itself.
B) A worm is malicious software that requires a host file to spread itself, whereas a virus is malicious software that does not require a host file to spread itself.
C) A virus is malicious software that attaches itself to executable files, whereas a worm is malicious software that attaches itself to an image file.
D) There is no difference between a virus and a worm.
A) A virus is malicious software that requires a host file to spread itself, whereas a worm is malicious software that does not require a host file to spread itself.
B) A worm is malicious software that requires a host file to spread itself, whereas a virus is malicious software that does not require a host file to spread itself.
C) A virus is malicious software that attaches itself to executable files, whereas a worm is malicious software that attaches itself to an image file.
D) There is no difference between a virus and a worm.
A virus is malicious software that requires a host file to spread itself, whereas a worm is malicious software that does not require a host file to spread itself.
2
Which of the following is an example of a malware prevention control?
A) Real-time firewall detection of suspicious file downloads
B) Review and analysis of log files
C) User awareness to recognize and report suspicious activity
D) Not allowing users to have administrative rights to their workstations
A) Real-time firewall detection of suspicious file downloads
B) Review and analysis of log files
C) User awareness to recognize and report suspicious activity
D) Not allowing users to have administrative rights to their workstations
Not allowing users to have administrative rights to their workstations
3
Which of the following statements best describes a Trojan?
A) Malicious software that hides into the lower levels of the operating system and opens a backdoor
B) Malicious software that records every key stroke and mouse movement
C) Malicious software that disguises itself as a legitimate program
D) Malicious software that takes the computer data hostage to extort money
A) Malicious software that hides into the lower levels of the operating system and opens a backdoor
B) Malicious software that records every key stroke and mouse movement
C) Malicious software that disguises itself as a legitimate program
D) Malicious software that takes the computer data hostage to extort money
Malicious software that disguises itself as a legitimate program
4
Which of the following statements about Trojans is true?
A) Trojans reproduce by infecting other files.
B) Trojans need user interaction to spread.
C) Trojans self-replicate.
D) Trojans are legitimate programs that enhance user experience.
A) Trojans reproduce by infecting other files.
B) Trojans need user interaction to spread.
C) Trojans self-replicate.
D) Trojans are legitimate programs that enhance user experience.
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
5
Which of the following statements best describes data replication?
A) The process of copying data to another drive weekly
B) The process of copying data to a second location that is available for immediate use
C) The process of copying and storing data that could be restored to its original location
D) The process of copying data to the cloud
A) The process of copying data to another drive weekly
B) The process of copying data to a second location that is available for immediate use
C) The process of copying and storing data that could be restored to its original location
D) The process of copying data to the cloud
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following statements about data backup is not true?
A) Backups can be stored in the cloud.
B) Backups can be conducted once a week.
C) Backups do not have to be restored as long as they are stored in the cloud.
D) Backups can be stored to a tape.
A) Backups can be stored in the cloud.
B) Backups can be conducted once a week.
C) Backups do not have to be restored as long as they are stored in the cloud.
D) Backups can be stored to a tape.
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
7
Which of the following statements about antivirus software is not true?
A) Antivirus software is 100 percent effective against malware intrusions.
B) Antivirus software uses signature-based recognition and behavior-based recognition to detect malware.
C) Antivirus software can detect various types of malware.
D) Antivirus software can detect, contain, or eliminate malware.
A) Antivirus software is 100 percent effective against malware intrusions.
B) Antivirus software uses signature-based recognition and behavior-based recognition to detect malware.
C) Antivirus software can detect various types of malware.
D) Antivirus software can detect, contain, or eliminate malware.
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
8
Which of the following malware takes advantage of a security vulnerability on the same day that the vulnerability becomes known to the public?
A) Ransomware
B) Screen scraper
C) Bot
D) Zero-day exploit
A) Ransomware
B) Screen scraper
C) Bot
D) Zero-day exploit
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
9
Which of the following is a snippet of code designed to automate tasks and often used by attackers to carry out denial-of-service attacks?
A) Ransomware
B) Screen scraper
C) Zero-day exploit
D) Bot
A) Ransomware
B) Screen scraper
C) Zero-day exploit
D) Bot
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
10
Which of the following is an example of ransomware that takes a computer or its data hostage in an effort to extort money from victims?
A) SpyEye
B) WannaCry
C) Sapphire
D) Slammer
A) SpyEye
B) WannaCry
C) Sapphire
D) Slammer
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
11
Which of the following was a worm that infected Microsoft SQL Server 2000 and Microsoft SQL Desktop Engine?
A) Zeus
B) SpyEye
C) Slammer
D) Nyetya
A) Zeus
B) SpyEye
C) Slammer
D) Nyetya
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
12
Which of the following is an SMB exploit affecting various Windows operating systems from XP to Windows 7 and various versions of Windows Server 2003 and 2008?
A) EternalBlue
B) SpyEye
C) Slammer
D) Zeus
A) EternalBlue
B) SpyEye
C) Slammer
D) Zeus
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
13
Which of the following best describes the log analysis technique called trend analysis?
A) Compares log data to known bad activity
B) Compares log data to known good activity
C) Identifies activity over time that in isolation might appear normal
D) Ties individual entries together based on related information
A) Compares log data to known bad activity
B) Compares log data to known good activity
C) Identifies activity over time that in isolation might appear normal
D) Ties individual entries together based on related information
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
14
Which of the following log analysis techniques compares the log entries against a set of known bad activity?
A) Trend analysis
B) Signature analysis
C) Correlation analysis
D) Sequencing analysis
A) Trend analysis
B) Signature analysis
C) Correlation analysis
D) Sequencing analysis
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
15
Which common standard operating procedure (SOP) format should be used for long procedures requiring many decisions?
A) Hierarchical
B) Simple step
C) Graphical
D) Flowchart
A) Hierarchical
B) Simple step
C) Graphical
D) Flowchart
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
16
Which of the following refers to an internal procedure by which authorized changes are made to software, hardware, network access privileges, or business processes?
A) Change control
B) NIST framework
C) Standard operating procedure
D) Patch management
A) Change control
B) NIST framework
C) Standard operating procedure
D) Patch management
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
17
Which of the following is a word, phrase, or image that is programmatically configured to connect to another document, bookmark, or location?
A) Hyperlink
B) Log
C) Relay
D) Metadata
A) Hyperlink
B) Log
C) Relay
D) Metadata
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
18
Which of the following describes the process or methodology used to assess the adequacy of a service provider?
A) Sequencing
B) Due care
C) Trend analysis
D) Due diligence
A) Sequencing
B) Due care
C) Trend analysis
D) Due diligence
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
19
Which federal regulation requires financial institutions to protect their customers' information against security threats?
A) HIPAA
B) GLBA
C) PCI DSS
D) FISMA
A) HIPAA
B) GLBA
C) PCI DSS
D) FISMA
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 19 flashcards in this deck.
