1. Question
What is the name given to a program or program code that bypasses normal authentication? Select one:
- backdoor
- Trojan
- worm
- virus
- ransomware
Explanation:
A backdoor is a program or program code implemented by a criminal to bypass the normal
authentication that is used to access a system.
2. Question
What is the term used to describe an email that is targeting a specific person employed at a financial institution? Select one:
- spyware
- spam
- spear phishing
- target phishing
- vishing
Explanation:
Spear phishing is a phishing attack customized to reach a specific person or target.
3. Question
What is the meaning of the term logic bomb? Select one:
- a malicious program that uses a trigger to awaken the malicious code
- a malicious program that hides itself in a legitimate program
- a malicious virus
- a malicious worm
Explanation:
A logic bomb remains inactive until a trigger event occurs. Once activated, a logic bomb runs
malicious code that causes harm to a computer.
4. Question
An attacker is sitting in front of a store and wirelessly copies emails and contact lists from nearby
unsuspecting user devices. What type of attack is this? Select one:
- RF jamming
- bluejacking
- smishing
- blue snarfing
Explanation:
Blusnarfing is the copying of user information through unauthorized Bluetooth transmissions.
5. Question
What does a rootkit modify? Select one:
- programs
- operating system
- Microsoft Word
- Notepad
- screen savers
Explanation:
A rootkit commonly modifies an operating system to create a backdoor to bypass normal
authentication mechanisms.
6. Question
A computer is presenting a user with a screen requesting payment before the user data is allowed to
be accessed by the same user. What type of malware is this? Select one:
- a type of logic bomb
- a type of worm
- a type of ransomware
- a type of virus
Explanation:
Ransomware commonly encrypts data on a computer and makes the data unavailable until the
computer user pays a specific sum of money.
7. Question
What is the difference between a virus and a worm? Select one:
- Worms require a host file but viruses do not.
- Worms self-replicate but viruses do not.
- Viruses self-replicate but worms do not.
- Viruses hide in legitimate programs but worms do not.
Explanation:
Worms are able to self-replicate and exploit vulnerabilities on computer networks without user
participation.
8. Question
Which two reasons describe why WEP is a weak protocol? (Choose two.) Select one or more:
- The default settings cannot be modified.
- Everyone on the network uses a different key.
- The key is transmitted in clear text.
- The key is static and repeats on a congested network.
- WEP uses the same encryption features as Bluetooth.
Explanation:
The initialization vector (IV) of WEP is as follows:
• Is a 24-bit field, which is too small
• Is cleartext and readable
• Is static and causes identical key streams to repeat on a busy network
9. Question
What are two of the tactics used by a social engineer to obtain personal information from an
unsuspecting target? (Choose two.) Select one or more:
- intimidation
- integrity
- urgency
- honesty
- compassion
Explanation:
Social engineering tactics include the following:
• Authority
• Intimidation
• Consensus/Social Proof
• Scarcity
• Urgency
• Familiarity/Liking
• Trust
10. Question
What is a vulnerability that allows criminals to inject scripts into web pages viewed by users? Select one:
- Cross-site scripting
- SQL injection
- XML injection
- buffer overflow
Explanation:
Cross-site scripting (XSS) allows criminals to inject scripts that contain malicious code into web
applications.
11. Question
Which term describes the sending of a short deceptive SMS message used to trick a target into visiting a website? Select one:
- smishing
- grayware
- spam
- impersonation
Explanation:
Cross-site scripting (XSS) allows criminals to inject scripts that contain malicious code into web
applications.
12. Question
A criminal is using software to obtain information about the computer of a user. What is the name of this type of software? Select one:
- spyware
- adware
- virus
- phishing
Explanation:
Spyware is software that tracks the activity of a user and obtains information about that user.
13. Question
What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source? Select one:
- phishing
- Trojan
- social engineering
- backdoor
- vishing
Explanation:
Phishing is used by malicious parties who create fraudulent messages that attempt to trick a user
into either sharing sensitive information or installing malware.
14. Question
What are two common indicators of spam mail? (Choose two.) Select one or more:
- The email has keywords in it.
- The email is from your supervisor.
- The email has misspelled words or punctuation errors or both.
- The email is from a friend.
- The email has no subject line.
- The email has an attachment that is a receipt for a recent purchase.
Explanation:
Spam is a common method of advertising through the use of unsolicited email and may contain
malware.
15. Question
What type of attack targets an SQL database using the input field of a user? Select one:
- buffer overflow
- XML injection
- SQL injection
- Cross-site scripting
Explanation:
A criminal can insert a malicious SQL statement in an entry field on a website where the system
does not filter the user input correctly.
16. Question
What are two ways to protect a computer from malware? (Choose two.) Select one or more:
- Use antivirus software.
- Keep software up to date.
- Defragment the hard disk.
- Delete unused software.
- Empty the browser cache.
Explanation:
At a minimum, a computer should use antivirus software and have all software up to date to defend
against malware.
17. Question
What occurs on a computer when data goes beyond the limits of a buffer? Select one:
- an SQL injection
- a buffer overflow
- a system exception
- cross-site scripting
Explanation:
A buffer overflow occurs by changing data beyond the boundaries of a buffer and can lead to a
system crash, data compromise, or cause escalation of privileges.
18. Question
What is the name for the type of software that generates revenue by generating annoying pop-ups? Select one:
- trackers
- adware
- spyware
- pop-ups
Explanation:
Adware is a type of malware that displays pop-ups on a computer to generate revenue for the
creator of the malware.