Quiz #14: Risks, Security, and Disaster Recovery

Show all answers     Hide all answers

    Completion

  1. UPS stands for __________. Answer Uninterruptible Power Supply
  2. SSL stands for ___________. Answer Secure Socket Layer
  3. DoS stands for ___________. Answer Denial of Service
  4. DDoS stands for ___________. Answer Distributed Denial of Service

    5. Short answer

  5. Define the term downtime. Answer Downtime is the time during which resources are unavailable.
  6. Define the term brownout. Answer A brownout is a reduction in voltage, which can be much more dangerous for electronics than a blackout.
  7. Define the term blackout. Answer A blackout is a loss of power.
  8. Define the term vandalism. Answer Vandalism is when humans deliberately damage or destroy resources just because they want to.
  9. What is HTTPS? Answer HTTPS is a secure version of HTTP
  10. Define the term social engineering. Answer Social engineering is using human weaknesses to gain access to confidential information
  11. Define the term keystroke logging. Answer Keystroke logging is intercepting keystrokes and either storing them or sending them someplace on the Internet (very useful for stealing usernames, passwords, account information, etc.).
  12. Define the term keylogger. Answer Hardware or software which secretly records keystrokes.
  13. Define the term phishing. Answer Phishing is done by sending fraudulent messages (typically emails) which lure recipients into going to a fake website to try to get them to enter confidential information.
  14. Define the term vishing. Answer Vishing is similar to phishing, but the attack takes place using a fraudulent phone call directing the person to call a malicious number where personal information will be gathered.
  15. Define the term pharming. Answer Pharming is replacing a real website with an imposter to try to get people to enter confidential information.
  16. Define the term tarpit. Answer A tarpit is a host on the network designed to expect attacks and respond very slowly, allowing the attacker to not get much done and spend enough time on the machine to be tracked.
  17. Define the term honeypot. Answer A honeypot is a host on the network designed to lure attackers in so waiting monitors can attempt to track the attacker.
  18. Define the term honeytoken. Answer A honeytoken is a piece of data which is extremely unlikely to be accessed legitimately, but which an attacker is likely to access; it has special monitoring to immediately alert system administrators when it is accessed with information about where the access request originated.
  19. Define the term virus. Answer A virus is software designed to spread from one computer to another based on something a user does, such as open a file.
  20. Define the term worm. Answer A worm is software that can spread itself through a network without human intervention.
  21. Define the term Trojan horse. Answer A Trojan horse is a malicious program disguised as a potentially helpful or useful program; the program may even appear to be carrying out useful tasks while the malicious part of the code silently carries out its tasks or waits for the right time to spring into action. Trojans horses are a form of virus.
  22. Explain the difference between virus, worm, and Trojan horse malware. Answer Malware these days often combines all three within its design. A virus is malware which is contained within another type of file, such as a PDF, Word document, etc. It infects other files when the document that contains the virus is opened. A Trojan horse is similar, but is contained within software that appears useful so that victims are lured into installing the software, and thus the malware contained within. Worms are malware that sends messages to other machines on the network hoping to find some weakness in the other machines that allows it to infect them. Worms often operate in the background, even when users are not actively using a machine, and users often don't even know that their machine is sending out or receiving malicious messages.
  23. Define the term logic bomb. Answer A logic bomb is a program where malicious code lies dormant waiting for a specific time or set of conditions to become active and cause damage.
  24. Define the term zombie. Answer A zombie is a machine which has been attacked and has been infected with malicious software which awaits commands to carry out DDoS attacks. The user is usually unaware of the problem.
  25. Define the term hijacking as it relates to computers. Answer Hijacking is taking control of a computer or website without the owners consent (generally remotely). Zombies are hijacked computers.
  26. Define the term atomic transaction. Answer An atomic transaction is a transaction that is guaranteed to not be only partially recorded. It is either completely recorded or dropped. Atomic transactions are generally made up from a group of transactions.
  27. Define the term audit trail. Answer An audit trail is a recorded series of details which log transactions, times, and the people involved. An audit trail can be used to find out where errors or abuses happened. This helps deter abuses.
  28. Define the term firewall. Answer A firewall is hardware and/or software that blocks unauthorized access to a system by blocking unrequested incoming messages and blocking outgoing messages that the computer should not be generating.
  29. Define the term proxy server. Answer A proxy server is a machine that represents all the machines within a network to the external world. This helps focus where security and other control measures are most important.
  30. Define the term encryption. Answer Encryption is translating a message into an unreadable form for all but the recipient (and possibly the sender).
  31. Define the term decryption. Answer Decryption is translating a message from unreadable ciphertext back into its original plaintext message.
  32. Define the term plaintext. Answer Plaintext is a message before it is encrypted (or after it is decrypted).
  33. Define the term ciphertext. Answer Ciphertext is a message which has been encrypted.
  34. Define the term symmetric encryption. Answer Symmetric encryption is when the encryption key and decryption key are the same.
  35. Define the term asymmetric encryption. Answer Asymmetric encryption is when the encryption key and decryption key are different. Each participant has a public and a private key. Someone can encrypt a message using the recipient's public key, which only the recipient can decrypt using their private key.
  36. Define the term private key encryption. Answer Private key encryption is a synonym for symmetric encryption. Symmetric encryption is when the encryption key and decryption key are the same.
  37. Define the term public key encryption. Answer Public key encryption is a synonym for asymmetric encryption. Asymmetric encryption is when the encryption key and decryption key are different. Each participant has a public and a private key. Someone can encrypt a message using the recipient's public key, which only the recipient can decrypt using their private key.