Explore the Answers to Cybersecurity Essentials Module 1 Quiz
Discover the comprehensive answers to the Cybersecurity Threats Vulnerabilities and Attacks quiz. Enhance your understanding of crucial security concepts and test your knowledge in this informative guide. Stay ahead in cybersecurity education with accurate responses to Module 1’s essential quiz questions.
Contents
- 1 Cybersecurity Threats Vulnerabilities and Attacks Quiz Question Answers – Module 1
- 1.1 1. A cybercriminal sends a series of maliciously formatted packets to a database server, which causes the server to crash. What do you call this type of attack?
- 1.2 2. Employees in an organization report that the network access is slow. Further investigation reveals that one employee downloaded a third-party scanning program for the printer. What type of malware may have been introduced?
- 1.3 3. A penetration test carried out by an organization identified a backdoor on the network. What action should the organization take to find out if their systems have been compromised?
- 1.4 4. All employees in an organization receive an email stating that their account password will expire immediately and that they should reset their password within five minutes. Which of the following statements best describes this email?
- 1.5 5. What do you call an impersonation attack that takes advantage of a trusted relationship between two systems?
- 1.6 6. Which best practices can help defend against social engineering attacks? (Choose three.)
- 1.7 7. What non-technical method could a cybercriminal use to gather sensitive information from an organization?
- 1.8 8. Employees in an organization report that they cannot access the customer database on the main server. Further investigation reveals that the database file is now encrypted. Shortly afterward, the organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced?
Cybersecurity Threats Vulnerabilities and Attacks Quiz Question Answers – Module 1
1. A cybercriminal sends a series of maliciously formatted packets to a database server, which causes the server to crash. What do you call this type of attack?
- SQL injection
- DoS
- Man-in-the-middle
- Packet injection
2. Employees in an organization report that the network access is slow. Further investigation reveals that one employee downloaded a third-party scanning program for the printer. What type of malware may have been introduced?
- Phishing
- Worm
- Spam
- Trojan horse
3. A penetration test carried out by an organization identified a backdoor on the network. What action should the organization take to find out if their systems have been compromised?
- Look for usernames that do not have passwords
- Look for policy changes in Event Viewer
- Scan the systems for viruses
- Look for unauthorized accounts
4. All employees in an organization receive an email stating that their account password will expire immediately and that they should reset their password within five minutes. Which of the following statements best describes this email?
- It is a piggyback attack
- It is a hoax
- It is a DDoS attack
- It is an impersonation attack
5. What do you call an impersonation attack that takes advantage of a trusted relationship between two systems?
- Spoofing
- Man-in-the-middle
- Sniffing
- Spamming
- Educate employees regarding security policies
- Add more security guards
- Do not provide password resets in a chat window
- Enable a policy that states that the IT department should supply information over the phone only to managers
- Deploy well-designed firewall appliances
- Resist the urge to click on enticing web links
7. What non-technical method could a cybercriminal use to gather sensitive information from an organization?
- Social engineering
- Pharming
- Man-in-the-middle
- Ransomware
8. Employees in an organization report that they cannot access the customer database on the main server. Further investigation reveals that the database file is now encrypted. Shortly afterward, the organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced?
- DoS attack
- Trojan horse
- Man-in-the-middle attack
- Ransomware
9. Which of the following statements describes a distributed denial of service (DDoS) attack?
- One computer accepts data packets based on the MAC address of another computer
- An attacker sends an enormous quantity of data that a server cannot handle
- An attacker monitors network traffic to learn authentication credentials
- A botnet of zombies, coordinated by an attacker, overwhelms a server with DoS attacks
10. What type of attack occurs when data goes beyond the memory areas allocated to an application?
- RAM spoofing
- Buffer overflow
- SQL injection
- RAM injection
