Chapter 2 - Attacks, Concepts and Techniques Quiz

1. Which two characteristics describe a worm?

a) Hides in a dormant state until wanted by an attacker
b) Executes when software is run on a computer
c) Travels to new computers without any intervention or knowledge of the user
d) Infects computers by attaching to software code
e) Is self-replicating
2. In what ways are zombies used in security attacks?
a) They are maliciously formed code segments to replace legitimate applications
b) They probe a group of machines for open ports to learn which services are running
c) They target specific individuals to gain corporate or personal information
d) They are infected machines that carry out a DDoS attack
3. Which tool is used to provide a list of open port on network devices?
a) Nmap
b) Ping
c) Whois
d) Tracert
4. Which type of attack allows an attacker to use a brute force approach?
a) Social engineering
b) Denial of service
c) Packet sniffing
d) Password cracking
5. What is the primary goal of a DoS attack?
a) To facilitate access to external networks
b) To prevent the target server from being able to handle additional requests
c) To obtain all addresses in the address book within the server
d) To scan the data on the target server
6. What is the purpose of a rootkit?
a) To replicate itself independently of any other programs
b) To gain privileged access to a device while concealing itself
c) To deliver advertisements without user consent
d) To masquerade as a legitimate program
7. Which example illustrates how malware might be concealed?
a) A hacker uses techniques to improve the ranking of a website so that the users are
directed to a malicious website
b) An attack is launched against the public website of an online retailer with the
objective of blocking its response to visitors
c) A botnet of zombies carries personal information back to the hacker
d) An email is sent to an employee of an organization with an attachment that looks
like an antivirus update, but the attachment actually consists of spyware
8. What is the main goal of search engine optimization (SEO) poisoning?
a) To trick someone into installing malware or divulging personal information
b) To build a botnet of zombies
c) To overwhelm a network device with maliciously formed packets
d) To increase web traffic to malicious sites

Page 1|3
 9. This is the name given to amateur hackers.

a) Hacktivist
b) Gray Hat
c) Black Hat
d) Script Kiddies

10. This category of threat is actually from current employees authorized to be on

the network.

a) Internal
b) Gray hat
c) External
d) Black Hat

Chapter Summary

1) Identify examples of security vulnerabilities:

 weak passwords
 unsecured network protocols
 misconfigured firewalls

2) Explain how a security vulnerability is exploited.

When an attacker discovers a security vulnerability in a system, they will attempt to exploit it to
gain access or control of the system. The process of exploiting a vulnerability involves the following
steps:

 Reconnaissance
 Escalation of Privileges
 Exploitation
 Maintaining Access
 Covering Tracks

3) Describe types of malware and their symptoms, methods of infiltration, methods used to deny
service:

 Ransomware : Ransomware is malware designed to encrypt data on a user's computer in

exchange for payment. Symptoms include files suddenly encrypted or a ransom message

Page 2|3
 appearing on the screen. Ransomware can deny service by rendering files inaccessible until
the ransom is paid.
 Virus : A virus is a program that infects other programs or files, and it can spread rapidly
through email attachments or infected downloads. Symptoms include slow computer
performance, frequent crashes, and missing files. Viruses can deny service by causing the
system to reboot continuously or by deleting critical system files.
 Spyware : Spyware is designed to secretly monitor a user's computer activity, internet usage
or steal personal information such as usernames and passwords. Symptoms include slow
computer performance or odd behavior when browsing the web. Spyware can deny service
by launching an endless series of pop-up ads or redirecting users to unwanted websites.
 Trojan : A trojan is a type of malware that disguises itself as a legitimate software program,
but instead it works quietly in the background to steal sensitive information or grant
unauthorized access. Symptoms may include slower computer performance or pop-up ads.
Trojans can deny service by opening up a backdoor on the infected machine or by deleting
important files.

4) Describe a blended attack and the importance of impact reduction:

A blended attack is a type of cyber attack that combines multiple methods or techniques to achieve
a specific goal, such as stealing data or taking control of a system. Blended attacks can use a
combination of social engineering, malware, and other tactics to bypass security measures and gain
unauthorized access to a network or system.

Impact reduction is important in the context of blended attacks because the goal is to minimize the
overall impact of an attack. Impact reduction strategies can include things like regular data backups,
network segmentation, security monitoring and incident response plans. By implementing these
measures, organizations can minimize the overall damage caused by a potential breach.

Page 3|3