1_2_8 Section 1 – Attacks, Threats, and Vulnerabilities - 1.2

What type of attack occurs when a separate event triggers a logic bomb?

Logic bomb attack

In what country did a time-based logic bomb incident occur on March 19, 2013?

South Korea

What is one common trigger for a logic bomb to execute?

Turning on or off a computer

Why is it difficult to identify if a logic bomb has been placed in a system?

It doesn't follow any known signature Signup and view all the answers

What type of organizations in South Korea were targeted by the time-based logic bomb in 2013?

Media organizations and banks Signup and view all the answers

What happens to many logic bombs after they execute?

They delete themselves Signup and view all the answers

What type of networks were affected by the logic bomb in Ukraine on December 17th, 2016?

SCADA networks Signup and view all the answers

How did systems without a master boot record respond after the attack?

Showing a 'boot device not found' error Signup and view all the answers

What is one recommendation for preventing logic bombs from being installed?

Implementing formal processes and controls for environment changes Signup and view all the answers

What are SCADA networks used for?

Managing electrical systems Signup and view all the answers

What method can be used to detect unauthorized changes on a server?

Host-based intrusion prevention Signup and view all the answers

Why is it important to have constant auditing of alert systems and computer systems?

To ensure authorized changes are being made Signup and view all the answers

What can be a trigger for a logic bomb to execute, based on the text?

Opening a specific email attachment Signup and view all the answers

Why is it challenging to detect a logic bomb in a system according to the text?

They delete themselves after execution Signup and view all the answers

What is commonly used as a trigger for a logic bomb in addition to time-based triggers?

Placing a file in a specific folder Signup and view all the answers

How did the time-based logic bomb incident in South Korea on March 19, 2013, get activated?

It self-activated once the date and time were reached Signup and view all the answers

What can be a potential trigger for a logic bomb to execute based on the text?

Placing a file in a specified folder Signup and view all the answers

Why are logic bombs hard to identify with traditional security solutions according to the text?

They mimic regular system activities Signup and view all the answers

What effect did the logic bomb in Ukraine on December 17th, 2016, have on high voltage substations?

Disabling electrical circuits and bringing down electrical connections Signup and view all the answers

Why is it challenging to detect when a logic bomb has been installed in a system?

There are no known signatures that can alert to the presence of a logic bomb Signup and view all the answers

What type of networks were targeted by the malware customized to work with SCADA networks?

Supervisory control and data acquisition networks Signup and view all the answers

Why is having a formal set of processes and controls important when making changes in an environment?

To deter any unauthorized modifications Signup and view all the answers

What is one suggested method for detecting unauthorized changes on a server?

Configuring host-based intrusion prevention Signup and view all the answers

Why is constant auditing of alert systems and computer systems important?

To ensure all changes are authorized and track any unauthorized attempts Signup and view all the answers

1_2_8 Section 1 – Attacks, Threats, and Vulnerabilities - 1.2 – Attack Types - Logic Bombs

Questions and Answers