CST3520 Local Privilege Escalation Quiz

Questions and Answers

What is the main focus of the threat environment as discussed in the text?

• Employee and ex-employee threats
• Malware and hackers
• Criminal era threats (correct)
• Competitor threats

Which type of attackers are noted to be the dominant ones in today's threat landscape?

• Ex-employees
• Employees
• Criminals (correct)
• Competitors

What distinguishes cyberwar from cyberterror according to the text?

• Target of attacks (correct)
• Nature of attacks
• Country of origin
• Severity of attacks

Which group is highlighted for making types of attacks and cooperating in criminal activities?

Criminals (A)

What are the types of attacks discussed that criminals engage in today?

Denial-of-service and social engineering attacks (D)

What does 'confidentiality' mean in the context of security goals?

Ensuring people cannot read sensitive information (C)

What does 'integrity' aim to achieve in terms of security goals?

Detecting changes in information (B)

What is the primary focus of 'availability' as a security goal?

Ensuring authorized users can access information when needed (C)

What is the primary purpose of countermeasures in cybersecurity?

Thwarting attacks and protecting against security breaches (D)

'Compromises' in cybersecurity terminology refers to:

Successful attacks or incidents that occur (A)

In the context of security goals, what does 'prevention' as a countermeasure aim to achieve?

Preventing attacks from occurring in the first place (D)

What is a recommended technique to mitigate reconnaissance attacks?

Using encryption that meets data security needs (B)

Which of the following is NOT a practice to ensure a strong password policy?

Using plaintext passwords (C)

How can access attacks be mitigated?

Practicing strong password security (C)

What is a key principle to mitigate access attacks?

Principle of minimum trust (C)

Which tool is used to prevent sniffer attacks?

Anti-sniffer tools (A)

What is recommended to prevent continuous password attempts?

Disabling accounts after unsuccessful logins (D)

What distinguishes Trojan horses from viruses and worms?

Trojan horses do not self-replicate (D)

Which type of Trojan horse provides attackers with sensitive data like passwords?

Data sending Trojan Horse (B)

What is the purpose of a security software disabler Trojan horse?

Stops antivirus programs or firewalls from functioning (B)

How does a DoS Trojan horse affect a system?

Slows or halts network activity (C)

What is the key characteristic of a mobile code attack?

Executable code on a webpage executes automatically (A)

Which type of malware disguises itself as a useful program but provides unauthorized access to the system?

Trojan Horse (B)

What is a key feature in mitigating DoS attacks on routers and firewalls?

Proper configuration of anti-spoof features (B)

How can Ping Sweeps and Port Scans be mitigated according to the text?

Mitigated using IPS at both network and host levels (A)

What is the role of cryptography in mitigating packet sniffers?

Makes communication channels cryptographically secure (D)

What do anti-sniffer tools primarily detect?

Increased traffic processing by hosts (D)

How do anti-DoS features on routers and firewalls limit attacks?

Through limits on the amount of half-open TCP connections allowed (D)

What is the primary function of proper anti-spoof features configuration on routers and firewalls?

Reducing the risk of attack by filtering spoofed packets (A)

Flashcards are hidden until you start studying