Assignemnt: Enterprise Architecture
Question 1
Which of the following is true of white hat hackers?
1) They are hired by an organization to test the security of its information systems.
2) They disrupt a company's information systems and business operations.
3) They capture trade secrets and attempt to gain an unfair competitive advantage in a company.
4) They destroy the infrastructure components of governments, financial institutions, and emergency response units.
Question 2
Which of the following exploits when downloaded onto a smartphone takes control of the device and its data until the owner agrees to pay a sum of money to the attacker?
1) Camware
2) Spyware
3) Scareware
4) Ransomware
Question 3
Which of the following best describes malicious insiders?
1) They hack computers in an attempt to promote a political ideology.
2) They disrupt a company's information systems and business operations.
3) They are hired by an organization to test the security of its information systems.
4) They are hired by an organization to test the security of another organization's information systems.
Question 4
Which of the following is a drawback of the bring your own device (BYOD) business policy?
1) It affects the productivity of the employees of a company.
2) It inhibits the privacy of the employees of a company.
3) It exposes a company's data to malware.
4) It creates the image of a company as not being flexible.
Question 5
Identify the primary security threat for mobile devices.
1) Distributed denial-of-service attack
2) Cyberterrorism
3) Cyberespionage
4) Theft of device
Question 6
Jack was shocked to witness the sudden drop in performance of his laptop. He also found that the screen saver constant changed and that the taskbar had disappeared. The given problems are symptoms of _____ infections.
1) rootkit
2) smishing
3) phishing
4) bootkit
Question 7
Which of the following statements is true about worms?
1) They abuse email systems to send unsolicited email to large numbers of people.
2) They allow hackers to destroy hard drives, corrupt files, and steal passwords by recording keystrokes and transmitting them to a server operated by a third party.
3) They insert unwanted words, numbers, or phrases into documents or alter command functions in an infected document.
4) They propagate without human intervention, often sending copies of themselves to other computers by email.
Question 8
Which of the following defines computer forensics?
1) It is a discipline that combines elements of law and computer science to identify, collect, examine, and preserve data from computer systems, networks, and storage devices.
2) It evaluates an organization's security policy.
3) It detects viruses in a computer system and quarantines them.
4) It is the software and/or hardware that monitors system and network resources and notifies network security personnel when it detects network traffic that attempts to circumvent the security measures of a networked computer environment.
Question 9
Which of the following is created and issued by software engineers to remove a system vulnerability?
1) A patch
2) A key
3) A license
4) A constraint
Question 10
Which phase of an advanced persistent threat enables an intruder to gain useful information about the target?
1) The discovery phase
2) The capture phase
3) The reconnaissance phase
4) The incursion phase
Question 11
_____ is the act of fraudulently using email to try to get the recipient to reveal personal data.
1) Spoofing
2) Vishing
3) Phishing
4) Smishing
Question 12
Identify a true statement about Trojan horses.
1) They lead consumers to counterfeit Web sites designed to trick them into divulging personal data.
2) They are used by organizations to test the security of information systems.
3) They involve the use of Short Message Service (SMS) texting for phishing.
4) They spy on users by recording keystrokes and transmitting them to a server operated by a third party.
Question 13
Identify the mode of message transmission used in smishing.
1) Multimedia Messaging Service
2) Short Message Service
3) Email
4) Voice mail
Question 14
Identify the mode of message transmission used in vishing.
1) Multimedia Messaging Service
2) Short Message Service
3) Email
4) Voice mail
Question 15
Which of the following statements is true of the discovery phase of an advanced persistent threat?
1) An intruder gains useful information about the target.
2) An intruder establishes a computer program that bypasses security mechanisms.
3) An intruder is ready to access compromised systems and capture information.
4) An intruder gathers valid user credentials and installs backdoors for distributing malware.
Question 16
Which of the following is true of spam?
1) Spam is a type of attack with which a hacker takes over computers via the Internet and causes them to flood a target site with demands for data and other small tasks.
2) Spam is a program in which malicious code is hidden inside a seemingly harmless program.
3) Spam is a set of programs that enables its user to gain administrator-level access to a computer without the end user's consent or knowledge.
4) Spam is an extremely inexpensive method of marketing used by many legitimate organizations.
Question 17
The _____ code of a rootkit gets the rootkit installation started and can be activated by clicking on a link to a malicious Web site in an email or opening an infected PDF file.
1) dropper
2) loader
3) linker
4) adapter
Question 18
In the context of an advanced persistent threat, identify the phase during which an intruder is ready to access unprotected or compromised systems.
1) The reconnaissance phase
2) The discovery phase
3) The capture phase
4) The export phase
Question 19
_____ is a three-digit number above the signature panel on the back of a credit card.
1) Personal identification number
2) Card verification value
3) Automated teller machine
4) Know your customer digits
Question 20
Which of the following best describes spear-phishing?
1) The phisher sends a survey to the employees of several organizations to obtain details of the configuration of their computing devices.
2) The phisher sends a voice mail message to a number of people to call a phone number or access a Web site.
3) The phisher sends legitimate-looking text messages through his or her phone to advertise a certain organization.
4) The phisher sends fraudulent emails to a certain organization's employees disguising them as mails from high-level executives from within the.