Protect Your Clients - A Practical Guide to Cybersecurity (Oregon) Exam with complete solution
2 vues 0 fois vendu
Cours
CYBERSECURITY OREGON
Établissement
CYBERSECURITY OREGON
Protect Your Clients - A Practical Guide to Cybersecurity (Oregon) Exam with complete solution
Protect Your Clients - A Practical Guide to Cybersecurity (Oregon)
Quiz 1: Reasons for Cybersecurity
A hacker who can be hired to assist your company with identifying weaknesses in the cybersecurity ...
Protect Your Clients - A Practical Guide to Cybersecurity
(Oregon) Exam with complete solution
Protect Your Clients - A Practical Guide to Cybersecurity (Oregon)
Quiz 1: Reasons for Cybersecurity
A hacker who can be hired to assist your company with identifying weaknesses
in the cybersecurity protections is known as a:
A) Grey Hat Hacker.
B) White Hat Hacker.
C) Hacktivist.
D) Black Hat Hacker.
B) White Hat Hacker.
White hat hackers are hackers who sell their services and skills to "test" the firewalls
and security methods your company has put in place. White hat hackers will not invade
your company's security mechanisms without approval; while grey hat hackers will
breach systems without permission before informing your company.
According to the National Cyber Security Alliance, what percentage of small or
midsized companies go out of business within six months of being hacked?
A) 30%
B) 50%
C) 60%
D) 90%
C) 60%
The NCSA estimates that some 60% of small and midsize companies go bankrupt
within a half year of being hacked. This is typically because the companies must pay for
the forensics and insurance.
Modern technology has begun to link digital consumer goods, such as cell
phones, smart printers, and computers, allowing machines to learn your patterns
or otherwise connect all devices together for ease of use. What is the term we use
for this network?
A) The Internet of Things
B) The Smart Connect
C) The device-web
D) The Digital Network
A) The Internet of Things
The Internet of Things refers to the connected web of consumer digital devices. While
the Internet of Things can be convenient and assist a company's efficiency, it also
opens up different avenues for hackers to exploit vulnerabilities within that digital
network.
All of the following are broad descriptions of cyber-attacks EXCEPT
A) attacks on integrity.
B) attacks on confidentiality.
,C) attacks on availability.
D) attacks on personnel.
D) attacks on personnel.
Attacks on availability, confidentiality, and integrity are the broad descriptions of
cyberattacks. Attacks on availability limit access to networks, attacks on integrity limits
the credibility of your systems;,and attacks on confidentiality are violations of your
company's privacy.
A real estate agent's email account was compromised. The hacker was able to
send an email to a client explaining that "last-minute closing changes" required a
"correction" to a bank account number being used to hold closing cost funds.
The client followed the email's instructions and transferred the money to pay for
closing costs to the updated bank account.
When the client was contacted by the real estate agent and learned that the
earlier email was a spoof, they soon discovered that the transferred money had
been removed from the account and was unrecoverable. What would this sort of
attack be considered?
A) Attack on availability
B) Attack on confidentiality
C) Advanced persistent threat
D) Attack on integrity
D) Attack on integrity
This would be an example of an attack on integrity because it uses the credibility of the
real estate agent's email account to convince the client to change closing information.
Quiz 2: Cyber Threats
Which of the following best describes baiting?
A) Directing a client to transfer their closing funds to an escrow company
B) Sending an email with the subject line, "YOU ARE A WINNER!"
C) Intentionally leaving a trojan-infected USB device on the sidewalk
D) Searching for unsecured wifi networks to use as the source for an attack
C) Intentionally leaving a trojan-infected USB device on the sidewalk
Baiting is oftentimes a very simple form of social engineering where a cd, laptop, or
USB stick is left in the open to tempt the victim into using the device.
Brute-force password attacks can break through a password by randomly
guessing the codes. Which of the following measures would best prevent a
successful password attack?
A) Making the password longer than 10 characters
B) Using words that are commonly found in a dictionary
C) Using a combination of uppercase and lowercase letters
D) Adding a letter to the end of a 4-digit numeric password
A) Making the password longer than 10 characters
Longer passwords are more difficult to crack with brute force password programs. In
, general, a longer password will be harder to crack than a password with symbols or
upper case/lower case letters.
A Distributed Denial of Services (DDoS) attack oftentimes involves
simultaneously using a large number of computers and digital devices to send an
unsustainable amount of traffic to a single website. Those computers are
controlled with assorted malwares that are controlled from a host computer. What
do we call the collection of computers that performs the DDoS?
A) A distributed strike
B) A digital horde
C) A remote swarm
D) A botnet
D) A botnet
The collection of computers and devices like phones and tablets is known as a botnet. It
is usually a remotely controlled network of slave devices that can be sent en masse to a
target site.
Tyrone received an email that read, "You are included in a settlement for
overcharging at Local Gas Station." The email explained that the local gas station
had lost a lawsuit for overcharging customers. Anyone who lived around Local
Gas Station was to receive a $150 check, so long as they could prove they bought
gasoline there in the past four months. The email asked for proof of address and
a credit card number that investigators could cross-check with Local Gas Station
purchase records. When Tyrone Googled "Local Gas Station lawsuit" there were
no articles or information about any lawsuit.
What is this email likely an example of?
A) A phishing scheme
B) A Quid Pro Quo arrangement
C) A contact spamming scheme
D) A doxing attack
A) A phishing scheme
An email claiming to provide money in exchange for personal or financial information is
often a clear example of a phishing scheme. By investigating the information a little,
Tyrone was able to discover that the information in the email was not real.
Which of the following would be an example of a Quid Pro Quo attack?
A) A hacker buys an old, decommissioned work laptop from a company and
locates a draft document hidden deep in the laptop's archives that has a current
server password. The hacker uses that password to break into the company's
servers.
B) A hacker calls every business in the area pretending to be tech support. When
one company responds that they were waiting to hear back from tech support,
the hacker proceeds to assist the company with the problem, but requests
passwords and account information in order to "fix the problem."
C) A hacker puts on a maintenance crew uniform and slips into the company's
server room without being stopped. The hacker then uses a USB drive to copy all
the documents on the servers and walks out without being noticed.
Les avantages d'acheter des résumés chez Stuvia:
Qualité garantie par les avis des clients
Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.
L’achat facile et rapide
Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.
Focus sur l’essentiel
Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.
Foire aux questions
Qu'est-ce que j'obtiens en achetant ce document ?
Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.
Garantie de remboursement : comment ça marche ?
Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.
Auprès de qui est-ce que j'achète ce résumé ?
Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur LectDan. Stuvia facilite les paiements au vendeur.
Est-ce que j'aurai un abonnement?
Non, vous n'achetez ce résumé que pour €11,48. Vous n'êtes lié à rien après votre achat.
