CISMP ACTUAL EXAM QUESTIONS WITH VERIFIED CORRECT
ANSWERS 2024/2025
What is a virus
Needs a host, only spreads on the machine where host program resides
Types of viruses
File infectors, boot sector virus, macro virus, script virus
What is a worm?
Spreads across the whole network, unlike a virus, it does not need a host, self
replicating
What is a Rootkit?
Infects the root of the system, difficult to detect and doesn't replicate like a virus.
What is a logic bomb?
A piece of code intentionally inserted into a software system that will set off a malicious
function when specified conditions are met. Angry employee
What is code infection?
Malicious code injected into the program with the intention of misusing the application. It
works due to poor programming practices
Name two examples of code injections?
SQL injection and Cross Site Scripting (XSS)
What is SQL injection?
,SQL Injection is a type of database attack technique where malicious SQL statements
are inserted into an entry field of database to retrieve unauthorised data
What is XSS? [Cross Site Scripting]
Happens with script injections on web forms and doesn't need an authenticated session
and can be exploited when the vulnerable website doesn't do the basics of validating or
escaping input.
What is adware and spyware?
Usually work hand in hand. Its ads and pop ups used to spy and profile the user
What is Zero Day?
(0-day) Vulnerability not yet generally known to exist. Vulnerabilities that are discovered
and exploited before a patch or fix has been made available.
What is the best way to protect against Zero days?
Keeping systems up to date and using IDS (Intrusion detection) and IPS (intrusion
prevention) Systems
What is ransomware and how to protect from it?
a form of malicious software that infects your computer and asks for money. Good back
up system to replace the encrypted data
What is a Trojan?
A program that appears to be harmless but actually produces harmful software inside
and it does not replicate
What is a Botnet Trojan?
, Infected computer which then becomes part of a remote handler who uses the computer
as part of a wider network of compromised computers for launching Distributed denial of
service attacks (DDoS)
What is a DDoS attack?
An attacker recruits zombie systems ahead of time to simultaneously release a flood of
traffic at a specific target.
What is denial of service?
an interruption in an authorised user's access to a computer network, typically one
caused with malicious intent.
What is Remote access Trojan (RAT)?
Acts normally until it gets a command from handler. Provides the attacker with remote
control of a victim computer and is the most commonly used type of Trojan
What is a proxy?
A proxy is a computer that acts on behalf of another one. A proxy server acts as a
gateway between you and the internet.
What is a Proxy Trojan
A trojan proxy sits in between the requester and the destination server but the server
sees the connection as coming from your computer so if the malicious actor was
accessing undesirable content, it would be traced to your computer not the true source.
What is active content?
Active content is interactive or animated content used on websites. Before it used to be
static once downloaded, because it it active, it now raises concerns e.g can it be
trusted.
ANSWERS 2024/2025
What is a virus
Needs a host, only spreads on the machine where host program resides
Types of viruses
File infectors, boot sector virus, macro virus, script virus
What is a worm?
Spreads across the whole network, unlike a virus, it does not need a host, self
replicating
What is a Rootkit?
Infects the root of the system, difficult to detect and doesn't replicate like a virus.
What is a logic bomb?
A piece of code intentionally inserted into a software system that will set off a malicious
function when specified conditions are met. Angry employee
What is code infection?
Malicious code injected into the program with the intention of misusing the application. It
works due to poor programming practices
Name two examples of code injections?
SQL injection and Cross Site Scripting (XSS)
What is SQL injection?
,SQL Injection is a type of database attack technique where malicious SQL statements
are inserted into an entry field of database to retrieve unauthorised data
What is XSS? [Cross Site Scripting]
Happens with script injections on web forms and doesn't need an authenticated session
and can be exploited when the vulnerable website doesn't do the basics of validating or
escaping input.
What is adware and spyware?
Usually work hand in hand. Its ads and pop ups used to spy and profile the user
What is Zero Day?
(0-day) Vulnerability not yet generally known to exist. Vulnerabilities that are discovered
and exploited before a patch or fix has been made available.
What is the best way to protect against Zero days?
Keeping systems up to date and using IDS (Intrusion detection) and IPS (intrusion
prevention) Systems
What is ransomware and how to protect from it?
a form of malicious software that infects your computer and asks for money. Good back
up system to replace the encrypted data
What is a Trojan?
A program that appears to be harmless but actually produces harmful software inside
and it does not replicate
What is a Botnet Trojan?
, Infected computer which then becomes part of a remote handler who uses the computer
as part of a wider network of compromised computers for launching Distributed denial of
service attacks (DDoS)
What is a DDoS attack?
An attacker recruits zombie systems ahead of time to simultaneously release a flood of
traffic at a specific target.
What is denial of service?
an interruption in an authorised user's access to a computer network, typically one
caused with malicious intent.
What is Remote access Trojan (RAT)?
Acts normally until it gets a command from handler. Provides the attacker with remote
control of a victim computer and is the most commonly used type of Trojan
What is a proxy?
A proxy is a computer that acts on behalf of another one. A proxy server acts as a
gateway between you and the internet.
What is a Proxy Trojan
A trojan proxy sits in between the requester and the destination server but the server
sees the connection as coming from your computer so if the malicious actor was
accessing undesirable content, it would be traced to your computer not the true source.
What is active content?
Active content is interactive or animated content used on websites. Before it used to be
static once downloaded, because it it active, it now raises concerns e.g can it be
trusted.
