43 Questions
What is the estimated annual cost of cybercrime to the global economy according to Intel Security (2014)?
> USD400 Billion
What is the projected cost of cybercrime by 2019 according to Forbes (2016)?
USD2-Trillion
What is the concept that explains why cybercriminals often target easy and lucrative targets?
Low-hanging fruit
According to Prothero's theory, what happens when convenience overtakes concerns or problems?
Convenience overshoot
Why are internet and associated technologies vulnerable to cybercrime?
They were not designed with security in mind
What is the estimated cost of cybercrime in 2019 according to Statista?
USD1.16 Trillion
What is the main purpose of Samba?
To address the issue of interoperability
What is the purpose of tools like chkrootkit?
To detect rootkits on Linux systems
Why is it nearly impossible to write a bug-free program?
Because it is difficult to anticipate and test every possible scenario
What is the main difference between static and dynamic web pages?
The information presented varies with time or user for dynamic web pages
What is the purpose of the Common Gateway Interface (CGI)?
To enable dynamic web pages
What is the main advantage of using PHP?
It enables the creation of dynamic web pages
What is the purpose of ODBC?
To provide a standard method for accessing databases
What is the main advantage of using ActiveX Data Objects (ADO)?
It provides a faster, more efficient, and more stable way of accessing databases
What is the main goal of the Open Web Application Security Project (OWASP)?
To find and fight web application vulnerabilities
What is the main purpose of the OWASP WebGoat project?
To help security testers learn how to conduct vulnerability testing on web applications
What can be determined with just a URL?
Web server OS and names of IT personnel.
What is a cookie?
A text file generated by a Web server, stored on a user’s browser, and sending information back to the Web server when the user returns.
What is a web bug?
A one-pixel by one-pixel image file referenced in an img tag, usually working with a cookie, and similar to spyware and adware.
What is social engineering?
Targeting the human component of a network to obtain confidential information or personal information.
What is port scanning?
Identifying which services are offered by a host and finding vulnerabilities, and identifying the operating system.
What is footprinting?
Gathering network information using web tools, such as IP addresses and domain names.
What is enumeration?
Extracting information about resources or shares on the network, usernames or groups assigned on the network, and user passwords and recent logon times.
What is the main weakness in FAT file system?
It does not support file-level access control lists (ACLs), making it vulnerable in a multiuser environment.
What is SQL Server vulnerability?
Null System Administrator (SA) password, which gives attackers administrative access to the database.
What is the importance of patching systems?
It is the best way to keep systems secure, as_patchin_ystems helps to eliminate known vulnerabilities that attackers can exploit.
What is the main security weakness in any network?
Authorized users, as they can be manipulated and exploited by attackers.
What is the primary function of an Access Point (AP) in a wireless network?
To connect to a network via an Ethernet cable and bridge a wireless LAN (WLAN) with a wired network
What is the purpose of a Service Set Identifier (SSID) in a wireless network?
To identify a wireless local area network (WLAN) and enable users to connect to a LAN
What is the difference between WEP and WPA in wireless network security?
WEP is a weaker encryption standard that encrypts data traversing a wireless network, while WPA is a stronger encryption standard that improves upon WEP's security features
What is the purpose of the 802.1X standard in wireless networks?
To define the process of authenticating and authorizing users on a WLAN
What is wardriving, and what tools are typically used in the process?
Wardriving is the act of driving around with inexpensive hardware and software to detect unsecured APs, and commonly used tools include a laptop, WNIC, antenna, and software such as NetStumbler or Kismet
What is the main purpose of the IEEE in relation to wireless networks?
To create standards for LANs and WANs, including the 802.11 standard for wireless networking
What is the function of a Wireless Network Interface Card (WNIC) in a wireless network?
To convert radio waves into digital signals and enable wireless communication
What is the primary concern with wireless networks in terms of security?
The potential for unauthorized users to access resources on the network
What is the difference between a Basic Service Set (BSS) and a Distribution System (DS) in a wireless network?
A BSS is a collection of devices that make up a WLAN, while a DS is an intermediate layer that connects two BSSs
What is the purpose of countermeasures for wireless attacks, such as anti-wardriving software and honeypots?
To make it more difficult for hackers to discover and access a WLAN, and to prevent unauthorized access to the network
What is one way an attacker can launch a Unicode exploit on an IIS web server?
Submitting a specially formatted URL to the attacked web server.
What is the purpose of checking for SQL injection vulnerabilities in a web application?
To prevent an attacker from inserting SQL commands in a web application field to attack the system.
Why is it important to test a web application's authentication mechanism?
To ensure that the web application correctly authenticates users and prevents unauthorized access.
What is a characteristic of dynamic web pages?
They can create a secure environment.
What is one type of input that security testers should check for when testing for SQL injection vulnerabilities?
Text with punctuation marks.
What is the purpose of checking if a web application connects to a back-end database server?
To identify potential vulnerabilities in the database server that can be exploited by an attacker.
Explore the alarming economic impact of cybercrime on the global economy. Learn about the estimated annual costs, GDPs of various countries, and the projected costs by 2019. Discover the concept of low-hanging fruit and more.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free