CYBER-2600 : Final || Questions and Answers.
Today, the data stored and processed by computers is almost always more valuable than the
hardware.
True
False correct answers True
In many early cases of computer crime, the perpetrator of the crime intended to cause damage to
the computer.
True
False correct answers False
Most current ransomware attacks use a hybrid encrypting scheme, locking the files on a victim's
computer until a ransom is paid.
True
False correct answers True
Because of malware's nefarious purpose, there is no criminal distinction between the writers of
malware and those who release malware.
True
False correct answers False
One of the hardest threats that security professionals will have to address is that of the insider.
True
False correct answers True
Criminal activity on the Internet, at its most basic, is quite different from criminal activity in the
physical world.
True
False correct answers False
,When internal threat actors pursue their attacks, they have an additional step to take: the
establishment of access to the system under attack.
True
False correct answers False
True zero-day vulnerabilities are used often and quickly because once used, they will be patched.
True
False correct answers False
the early days of computers, security was considered to be a binary condition in which your
system was either secure or not secure.
True
False correct answers True
Which Internet worm, released in 1988, is considered to be one of the first real Internet crime
cases?
the Code Red worm
the Morris worm
the Slammer worm
the Jester worm correct answers the Morris Worm
Which Internet criminal is famous for conducting his attacks using a number of different "tools"
and techniques, including social engineering, sniffers, and cloned cellular telephones?
Robert Morris
Kevin Mitnick
Vladimir Levin
David Smith correct answers Kevin Mitnick
,What target did the teenage hacker who went by the name "Jester" attack in March 1997?
He hacked Sony, stealing over 70 million user accounts.
He broke into the U.S. electric power grid, mapped it out, and planted destructive programs that
could be activated at a later date.
He attacked Estonia with a massive denial-of-service (DoS) cyberattack.
He cut off telephone services to the FAA control tower as well as the emergency services at the
Worcester Airport and the community of Rutland, Massachusetts. correct answers He cut off
telephone services to the FAA control tower as well as the emergency services at the Worcester
Airport and the community of Rutland, Massachusetts
What was the primary lesson learned from the Slammer worm?
It made security personnel aware of attacks that had been going on for years without being
noticed.
It drove home the point that the Internet could be adversely impacted in a matter of minutes.
It brought the existence and impact of state-sponsored malware to light.
It made security personnel aware of data breaches that had come to dominate the security
landscape. correct answers It drove home the point that the Internet could be adversely impacted
in a matter of minutes.
How did the Code Red worm spread?
It exploited a buffer-overflow vulnerability in computers running Microsoft SQL Server or SQL
Server Desktop Engine.
It collected key-strokes, screenshots, and network traffic from open ports.
, It made use of a buffer-overflow condition in Microsoft's IIS web servers that had been known
for a month.
It entered through the victim's Outlook address book software and then replicated itself by
sending infected emails to the first 50 contacts. correct answers It made use of a buffer-overflow
condition in Microsoft's IIS web servers that had been known for a month.
How did the Slammer worm infect computer systems?
It entered through the victim's Outlook address book software and then replicated itself by
sending infected emails to the first 50 contacts.
It collected keystrokes, screenshots, and network traffic from open ports.
It exploited a buffer-overflow vulnerability in computers running Microsoft SQL Server or SQL
Server Desktop Engine.
It "slammed" shut a computer by not allowing any user to log in. correct answers It exploited a
buffer-overflow vulnerability in computers running Microsoft SQL Server or SQL Server
Desktop Engine.
Which Internet worm created infected systems that were part of what is known as a bot network
(or botnet) and could be used to cause a DoS attack on a target or to forward spam e-mail to
millions of users?
Slammer
Code Red
"ILOVEYOU"
Today, the data stored and processed by computers is almost always more valuable than the
hardware.
True
False correct answers True
In many early cases of computer crime, the perpetrator of the crime intended to cause damage to
the computer.
True
False correct answers False
Most current ransomware attacks use a hybrid encrypting scheme, locking the files on a victim's
computer until a ransom is paid.
True
False correct answers True
Because of malware's nefarious purpose, there is no criminal distinction between the writers of
malware and those who release malware.
True
False correct answers False
One of the hardest threats that security professionals will have to address is that of the insider.
True
False correct answers True
Criminal activity on the Internet, at its most basic, is quite different from criminal activity in the
physical world.
True
False correct answers False
,When internal threat actors pursue their attacks, they have an additional step to take: the
establishment of access to the system under attack.
True
False correct answers False
True zero-day vulnerabilities are used often and quickly because once used, they will be patched.
True
False correct answers False
the early days of computers, security was considered to be a binary condition in which your
system was either secure or not secure.
True
False correct answers True
Which Internet worm, released in 1988, is considered to be one of the first real Internet crime
cases?
the Code Red worm
the Morris worm
the Slammer worm
the Jester worm correct answers the Morris Worm
Which Internet criminal is famous for conducting his attacks using a number of different "tools"
and techniques, including social engineering, sniffers, and cloned cellular telephones?
Robert Morris
Kevin Mitnick
Vladimir Levin
David Smith correct answers Kevin Mitnick
,What target did the teenage hacker who went by the name "Jester" attack in March 1997?
He hacked Sony, stealing over 70 million user accounts.
He broke into the U.S. electric power grid, mapped it out, and planted destructive programs that
could be activated at a later date.
He attacked Estonia with a massive denial-of-service (DoS) cyberattack.
He cut off telephone services to the FAA control tower as well as the emergency services at the
Worcester Airport and the community of Rutland, Massachusetts. correct answers He cut off
telephone services to the FAA control tower as well as the emergency services at the Worcester
Airport and the community of Rutland, Massachusetts
What was the primary lesson learned from the Slammer worm?
It made security personnel aware of attacks that had been going on for years without being
noticed.
It drove home the point that the Internet could be adversely impacted in a matter of minutes.
It brought the existence and impact of state-sponsored malware to light.
It made security personnel aware of data breaches that had come to dominate the security
landscape. correct answers It drove home the point that the Internet could be adversely impacted
in a matter of minutes.
How did the Code Red worm spread?
It exploited a buffer-overflow vulnerability in computers running Microsoft SQL Server or SQL
Server Desktop Engine.
It collected key-strokes, screenshots, and network traffic from open ports.
, It made use of a buffer-overflow condition in Microsoft's IIS web servers that had been known
for a month.
It entered through the victim's Outlook address book software and then replicated itself by
sending infected emails to the first 50 contacts. correct answers It made use of a buffer-overflow
condition in Microsoft's IIS web servers that had been known for a month.
How did the Slammer worm infect computer systems?
It entered through the victim's Outlook address book software and then replicated itself by
sending infected emails to the first 50 contacts.
It collected keystrokes, screenshots, and network traffic from open ports.
It exploited a buffer-overflow vulnerability in computers running Microsoft SQL Server or SQL
Server Desktop Engine.
It "slammed" shut a computer by not allowing any user to log in. correct answers It exploited a
buffer-overflow vulnerability in computers running Microsoft SQL Server or SQL Server
Desktop Engine.
Which Internet worm created infected systems that were part of what is known as a bot network
(or botnet) and could be used to cause a DoS attack on a target or to forward spam e-mail to
millions of users?
Slammer
Code Red
"ILOVEYOU"
