What is the process of assessing the state of an organization's security

What is the process of assessing the state of an organization's security

SYN flooding is an example of a
- Viral attack
- Denial of service attack
- Logic bomb
- Trojan horse

 

·         Denial of service attack

 

A _____________ is a software or hardware device that is used to observe traffic as it passes through a network on shared broadcast media.
- logic bomb
- network sniffer
- backdoor
- trapdoor

 

·         network sniffer

 

Making data look like it has come from a different source is called
- Sniffing
- A man-in-the-middle attack
- A replay attack
- Spoofing

 

·         Spoofing

 

 

In a ___________ attack, the attacker sends a spoofed packet to the broadcast address for a network, which distributes the packet to all systems on that network.
- smurf
- denial-of-service
- viral
- worm

 

·         smurf

 

An attack where the attacker captures a portion of a communication between two parties and retransmits it at another time is called a(n) ___________ attack.
- smurf
- denial-of-service
- viral
- replay

 

·         replay

 

A term used to refer to the process of taking control of an already existing session between a client and a server is
- TCP/IP hijacking
- Replay attacking
- Denial-of-service attack
- Password guessing

 

·         TCP/IP hijacking

 

The art of "secret writing" is called
- Spoofing
- Smurfing
- Cryptography
- Cryptanalysis

 

·         Cryptography

 

A(n) ___________ finds weaknesses in the mechanisms surrounding the cryptography.
- viral attack
- worm attack
- indirect attack
- password attack

 

·         indirect attack

 

An attack that takes advantage of bugs or weaknesses in the software is referred to as what?
- A brute-force attack
- Software exploitation
- A dictionary attack
- Weakness exploitation

 

·         Software exploitation

 

What is the term used to describe a hacker's attempt to discover unprotected modem connections to computer systems and networks called?
- Software exploitation
- Indirect attack
- War-dialing
- Spoofing

 

·         War-dialing

 

The activity where hackers wander throughout an area with a computer with wireless capability, searching for wireless networks they can access is referred to as which of the following?
- War-driving
- War-dialing
- Indirect attack
- Brute force attack

 

·         War-driving

 

_____________ relies on lies and misrepresentation to trick an authorized user into providing information or access to an attacker.
- Social engineering
- User exploitation
- War-driving
- Indirect attack

 

·         Social engineering

 

In a ______________, a password cracking program attempts all possible password combinations.
- brute-force attack
- dictionary attack
- man-in-the-middle attack
- replay attack

 

·         brute-force attack

 

The term ___________ refers to software that has been designed for some nefarious purpose.
- virus
- worm
- Trojan horse
- malware

 

·         malware

 

What is it called when an attacker makes his data look like it is coming from a different source address, and is able to intercept information transferred between two computers?
- Spoofing
- Man-in-the-middle attack
- Sniffing
- Injecting

 

·         Man-in-the-middle attack

 

What is the automated downloading of malware that takes advantage of a browsers' ability to the download different files that compose a web page called?
- Download of death
- Trojanized download
- Drive-by download
- War-downloading

 

·         Drive-by download

 

What is the process of assessing the state of an organization's security compared against an established standard called?
- Pen testing
- Auditing
- Vulnerability testing
- Accounting

 

·         Auditing

 

Bob gets an e-mail addressed from his bank, asking for his user ID and password. He then notices that the e-mail has poor grammar and incorrect spelling. He calls up his bank to ask if they sent the e-mail, and they promptly tell him they did not and would not ask for that kind of information. What is this type of attack called?
- Phishing
- Pharming
- Spear pharming
- Spishing

 

·         Phishing

 

What is it called when a person registers a domain name, relinquishes it in less than five days, and then gets the same name again, repeating this cycle over and over again?
- DNS spoofing
- DNS jacking
- DNS pilfering
- DNS kiting

 

·         DNS kiting

 

What is the term for when a large list of words are used to try and crack a password?
- Dictionary attack
- Brute-force attack
- Hybrid attack
- Lister crack

 

·         Dictionary attack

 

When an attacker purposely sends more data for input that the program was designed to handle and it results in a system crash, what is this an example of?
- Syn flood
- Buffer overflow
- Incomplete mediation
- Logic bomb

 

·         Buffer overflow

 

Johnny received a "new version" of the game Solitaire in an e-mail. After running the program, a backdoor was installed on his computer without his knowledge. What kind of an attack is this?
- Logic bomb
- Hoax
- Trojan
- Worm

 

·         Trojan

 

What is software that records and reports activities of the user (typically without their knowledge) called?
- Snoopware
- Malware
- Spyware
- Eyeware

 

·         Spyware

 

Malicious code that sits dormant until a particular event occurs to release its payload is called what?
- Trojan
- Logic bomb
- Trigger virus
- Logic worm

 

·         Logic bomb

 

What is the term for malware that changes the way the operating system functions to avoid detection?
- Rootkit
- Boot sector virus
- Spyware
- Dieware

 

·         Rootkit