100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
ITN260 FINAL EXAM REAL EXAM QUESTIONS AND CORRECT ANSWERS (VERIFIED ANSWERS) A GRADE $14.99   Add to cart

Exam (elaborations)

ITN260 FINAL EXAM REAL EXAM QUESTIONS AND CORRECT ANSWERS (VERIFIED ANSWERS) A GRADE

 4 views  0 purchase
  • Course
  • ITN260
  • Institution
  • ITN260

ITN260 FINAL EXAM REAL EXAM QUESTIONS AND CORRECT ANSWERS (VERIFIED ANSWERS) A GRADE Which of the following is a form of malware attack that uses specialized communication protocols? a. Keylogger b. Spyware c. Bot d. RAT - Answer d. RAT What is a risk to data when training a machine learni...

[Show more]

Preview 4 out of 32  pages

  • October 10, 2024
  • 32
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • itn260
  • ITN260
  • ITN260
avatar-seller
Scholarsstudyguide
ITN260 FINAL EXAM REAL EXAM
QUESTIONS AND CORRECT
ANSWERS (VERIFIED ANSWERS)
A GRADE

Which of the following is a form of malware attack that uses specialized communication
protocols?
a. Keylogger
b. Spyware
c. Bot
d. RAT - Answer ✔ d. RAT

What is a risk to data when training a machine learning (ML) application?
a. ML algorithm security
b. API attack on the device
c. Improper exception handling in the ML program
d. Tainted training data for machine learning - Answer ✔ d. Tainted training data for
machine learning

What does ransomware do to an endpoint device?
a. Ransomware infects the endpoint devices and launches attacks on the infected
endpoint and other devices connected to the network.
b. Ransomware gets accidentally installed in the endpoint device as software along with
other programs during the installation process. This happens when the user's
installation and download options are overlooked, thus affecting the user application
adversely.
c. Ransomware attacks the endpoint device without the consent of the user or the
device, discreetly collecting and transmitting information, causing harm to the end user
d. Ransomware attacks the endpoint device holding it hostage by preventing it from
functioning unless the user fulfills the ransom payment demanded. - Answer ✔ d.
Ransomware attacks the endpoint device holding it hostage by preventing it from
functioning unless the user fulfills the ransom payment demanded

William downloaded some free software to help him with photo editing. A few days later,
William noticed several personal photographs were modified and posted to various
social media pages with obscene comments. He also noticed that there were videos of

,him that were morphed and circulated on adult websites. The videos were obviously
taken using his webcam.
What should William do to fix his problem and prevent it from happening again in the
future?
a. William should run an antimalware program and scan for all known RATs, then
quarantine and remove the infected file(s). To prevent this in the future, he should only
download software from trusted websites.
b. William should disable his network devices, then run an antimalware program to scan
for keyloggers while his computer is not connected to the internet and delete all infected
files. To prevent this in the future, William should never download free software off the -
Answer ✔ a. William should run an antimalware program and scan for all known RATs,
then quaratnine and remove the infected file(s). To prevent this in the future, he should
only download software form trusted websites

While Andel is logging into his email through a browser, the login window disappears.
Andel attempts to log in again and is successful. Days later, he goes to log into his
email, and his attempt fails. He receives a message indicating that his username and/or
password are invalid.
What is Andel likely a victim of?
a. CSRF
b. RAT
c. Spyware
d. Keyloggers - Answer ✔ a. CSRF

What is another term commonly used to define cross-site request forgery (CSRF):
a. Server-side request forgery
b. Client-side request forgery
c. Cross-server request forgery
d. Client-server request forgery - Answer ✔ b. Client-side request forgery

Which of the following is an example of a request forgery malware?
a. Ransomware
b. CSRF
c. DLL injection
d. SQL injection - Answer ✔ b. CSRF

A few computers at a high-security software firm location have been compromised. The
threat actor took user videos, confidential information like bank account IDs and
passwords, email IDs and passwords, and computer screenshots. These confidential
data have been shared every three hours from the computers to the threat actor. Which
of the following is correct, based on the evaluation of the above observation?
a. This is a hardware keylogger attack, as video capture functionality and periodic
transfer of data are not possible with a software keylogger.
b. This is a software keylogger attack, as screenshots, video captures, and keystrokes
have been routinely monitored and periodically shared.

,c. This is a hardware keylogger attack; it is only periodically sharing the information and
is a manual transfer of information by a human agent.
d. This is a software keylogger attack, as it is sharing the information every three -
Answer ✔ b. This is a software keylogger attack, as screenshots, video captures, and
keystrokes have been routinely monitored and periodically shared

Natasha, a network security administrator for an online travel portal, noticed that her
website was the victim of an SQL injection. She decided to study the SQL queries to
find which one made this vulnerability in the database, and she noticed the following
SQL code piece executed on the database:
'whatever' AND email IS NULL;
What has been accessed by the attacker running this SQL injection?
a. The attacker accessed the entirety of email address data from all users in the
database.
b. The attacker has determined the names of different types of fields in the database.
c. The attacker accessed the data of specific users.
d. The attacker has used the SQL injection to delete the table in the database. - Answer
✔ b. The attacker has determined the names of different types of fields in the database

Shanise is an IT security professional for a large private bank. She got an alert that the
bank website received a funds transfer request that was correctly credentialed but
flagged as being out of the account owner's usual pattern. If the alert is correct, what
type of attack has likely occurred?
a. CSRF attack
b. XSS attack
c. SQL injection
d. Replay attack - Answer ✔ a. CSRF attack

What is the name of the process where a website validates user input before the
application uses the input?
a. Sanitizing
b. Tokening
c. Authorizing
d. Eliminating - Answer ✔ a. Sanitizing

What should be done when the information life cycle of the data collected by an
organization ends?
a. Destroy the data
b. Mask the data
c. Protect the data
d. Tokenize the data - Answer ✔ a. Destroy the data

In a security review meeting, you are asked to calculate the single loss expectancy
(SLE) of an enterprise building worth $100,000,000, 75% of which is likely to be
destroyed by a flood. Flood insurance data suggest that a severe flood is likely to occur
once every 100 years. Which formula should you use to calculate the SLE?

, a. 100,000,000 * 0.75/0.1
b. 100,000,000/100 * 0.75
c. 100,000,000 * 0.75
d. 100,000,000/0.75 * 100 - Answer ✔ c. 100,000,000 * 0.75

Which data category can be accessed by any curreny employee or contractor?
a. Critical
b. Proprietary
c. Confidential
d. PHI - Answer ✔ b. Proprietary

After reviewing the data collection procedures in your organization, a court ordered you
to issue a document that specifies how the organization uses the collected personal
information. This document must be displayed to the user before allowing them to share
personal data. Which of the following documents should you prepare?
a. Pseudo-anonymization
b. Privacy notice
c. Data minimization
d. Terms of agreement - Answer ✔ b. Privacy notice

How does pseudo-anonymization contribute to data privacy?
a. Pseduo-anonymization obfuscates sensitive data elements
b. Pseudo-anonymization stores whole data in encrypted form.
c. Pseudo-anonymization limits the collection of personal information.
d. Pseudo-anonymization ensures data remains within its borders. - Answer ✔ a.
Pseudo-anonymization obfuscates sensitive data elements

Which control discourages security violations before their occurrence?
a. Preventative control
b. Deterrent control
c. Compensating control
d. Corrective control - Answer ✔ b. Deterrent control

What does the end of service notice indicate?
a. The nondisclosure agreement with a service vendor has expired
b. The enterprise is halting the manufacturing of a product
c. The service-level agreement with a vendor has expired
d. The enterprise will no longer offer support services for a product - Answer ✔ d. The
enterprise will no longer offer support services for a product

The protection of which of the following data type is mandated by HIPAA?
a. Public data
b. Personally identifiable information
c. Health information
d. Proprietary data - Answer ✔ c. Health information

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $14.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

67474 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$14.99
  • (0)
  Add to cart