Importance of Information in the Digital Age Quiz

Questions and Answers

What type of attack involves overloading a machine or bandwidth by flooding it with random requests?

• Clickjacking
• Spoofing
• Privilege Escalation
• DDOS using a botnet (correct)

Which method involves an attacker impersonating a trustworthy source to get individuals to disclose personal information?

• Baiting
• Trojans, viruses, worms
• Pretexting (correct)
• Message digests

How is privilege escalation defined?

• Overloading machine or bandwidth
• Securing accounts with password protection
• Entering a system using end-user privileges (correct)
• Tunneling through internet using VPN

Which countermeasure involves shield network services from attacks and uses packet filtering based on rules set up in the firewall?

Firewalls (C)

What is the purpose of using multifactor authentication?

To require multiple items for verification such as userID, password, memorable info or physical key (A)

Which method involves using encryption for data transfer in login portals and tunneling through the internet using VPNs?

Secure Networking (C)

What is the purpose of message digests in the context of security?

To proof no tampering in transit (B)

What does intrusion detection involve?

Logging packets for forensics (C)

What is the purpose of formal verification in the context of security?

To use secure O/S or hypervisor with a secure installer or service layer (D)

Why is redirecting web access to fake login page associated with Trojans, viruses, and worms?

To steal another person’s identity. (D)

What is the main concern with the increasing amount of online information?

Security issues leading to potential threats (B)

What is the purpose of assets in the context of security?

To quantify the risk and identify protection efforts (D)

What are vulnerabilities in the context of security?

Weaknesses that make attacks on information possible (C)

What is the estimated impact of a successful attack on assets?

Estimated loss (A)

What is the main concern with backdoors in software?

Secret routes into software left by developers (C)

What is the definition of countermeasures in the context of security?

Prevention and mitigation tactics (D)

What do vulnerabilities like eavesdropping involve?

Sniffing traffic going through routers (A)

What are threats in the context of security?

Potential dangers to assets (D)

What is the significance of maximum security with minimum productivity impact in security terminology?

Balancing security with minimal impact on productivity (B)

What is the purpose of direct access vulnerabilities?

Left/Lost disks and flash drives or unsecured networks laptops (B)

What is the primary purpose of assets in the context of security?

To identify what you want to protect and their value (B)

What is the main concern with the increasing amount of online information?

Potential dangers to valuable assets (C)

How are vulnerabilities defined in the context of security?

Weaknesses that make attacks on information possible (A)

What do countermeasures involve in the context of security?

Shielding network services from attacks and using packet filtering based on firewall rules (D)

What is the significance of maximum security with minimum productivity impact in security terminology?

It emphasizes balancing security with minimal disruption to work (A)

What is the purpose of formal verification in the context of security?

To verify that a system meets its specification (A)

Which type of attack involves overloading a machine or bandwidth by flooding it with random requests?

Denial of service (DoS) (D)

What is the main concern with backdoors in software?

Secret routes into software left by developers – later exploited (B)

What is the purpose of direct access vulnerabilities?

Left/lost disks and flash drives or unsecured networks laptops (C)

What does the term 'spoofing' typically involve in the context of cybersecurity?

Impersonating a trustworthy source to deceive individuals (B)

What is the definition of countermeasures in the context of security?

Prevention and mitigation tactics (C)

Which method aims to shield network services from attacks and uses packet filtering based on predefined rules in the firewall?

Firewalls (D)

What is the main purpose of using multifactor authentication in the context of security?

To require multiple items for user verification (B)

What is the main concern with the use of clickjacking in cybersecurity?

Redirecting web access to fake login pages (C)

What does the term 'denial-of-service' refer to in the context of cybersecurity?

Overloading a machine or bandwidth by flooding it with random requests (A)

What is the purpose of using message digests in the context of security?

To ensure no tampering of data during transit (C)

Which method involves physically separating computers with no internet access and using a Faraday cage to block electromagnetic waves?

Physical Separation (A)

What is the main aim of intrusion detection in cybersecurity?

Logging packets for forensic analysis (D)

'Phishing' in cybersecurity typically involves:

'Spoofing' by impersonating a trustworthy source (D)

'Pretexting' in cybersecurity involves:

'Spoofing' by impersonating a trustworthy source (B)