Blacklist and header filtering are usually performed by email clients and webmail services.

Which of the following terms would best match this definition: Transforms a message or data file in such a way that its contents are hidden from unauthorized readers. encryption

An original message or file that has not yet been encrypted is referred to as ciphertext. False

A cryptographic key is a word, number, or phrase that must be known to encrypt or decrypt data.

There are various encryption methods, but AES is the encryption standard currently used worldwide.

A cryptographic algorithm is a procedure for encryption or decryption.

Which of the following is not an example of an authentication protocol? all of the above

The single most effective security measure for digital devices is to password protect access to them. True

Passwords used as encryption keys help to make hijacked data unusable.

Android devices automatically encrypt data stored on the device when a user activates the login password. False

It is not possible to encrypt a Windows hard drive volume. False

OS X devices include a utility that automatically encrypts data stored locally. False

A(n) strong password is difficult to hack.

Conventional wisdom tells us that strong passwords are at least eight, 8 characters in length and include one or more uppercase letters, numbers, and symbols.

Which of the following type of attack uses password-cracking software to generate every possible combination of letters, numerals, and symbols? brute force

Which of the following is not a characteristic of a weak password?
Eight characters in length and include one or more uppercase letters, numbers, and symbols.

Brute force attacks methodically try every possible password until the correct one is found. True

Password entropy is a measure in bits of a password's unpredictability.

Password entropy is a measure in bits of a password's unpredictability.

If you want to store passwords on your digital device, make sure to encrypt the file in which they are stored.

If you feel more secure with a totally random and unique password for each of your logins, then a(n) password manager is an excellent option.

The core function of a password manager is to store user IDs with their corresponding passwords.

Password managers can generate unique passwords that have very good entropy. True

Password managers store passwords in a(n) encrypted file.

If you use a password manager, what do you as the user need to remember? The master password.

A password manager can store passwords in an encrypted file located at which of the following storage locations? all of the above

Malware refers to any computer program designed to surreptitiously enter a digital device.

The action carried out by malware code is referred to as a(n) payload.

Common classifications of malware include viruses, worms, and trojans.

A computer virus is a set of self-replicating program instructions that surreptitiously attaches itself to a legitimate executable file on a host device.

In addition to replicating itself, a virus self-distributing. False

Viruses spread themselves from one device to another. False

Code injection is the process of modifying an executable file or data stream by adding additional commands.

What is the process called when an app from a source other than an official app store is installed on a device? Side-loading

Any code that is designed to hide the existence of processes and privileges is referred to as a(n) rootkit.

A key characteristic of viruses is their ability to lurk in a device for days or months, quietly replicating themselves. True

A computer worm is a self-replicating, self-distributing program designed to carry out unauthorized activity on a victim’s device.

Which of the following is not a characteristic of a computer worm?
spread through a process called side-loading

Stuxnet is a notorious computer worm.

Similar to a worm, a trojan is not designed to spread itself to other devices. False

Most trojans are not designed to replicate themselves. True

A(n) trojan is a computer program that seems to perform one function while actually doing something else.

Trojans are standalone programs that masquerade as useful utilities or applications.

Trojans depend on social engineering to spread.

A(n) dropper is designed to deliver malicious code into a device.

Any data entering a digital device could be malware. True

The best defense against malware is antivirus software.

A virus signature is a section of program code that contains a unique series of instructions known to be part of a malware exploit.

Antivirus software can use techniques called heuristic analysis to detect malware by analyzing the characteristics and behavior of suspicious files.

One method of heuristic analysis allows the suspicious file to run in a guarded environment called a(n) sandbox.

Heuristics may produce false positives that mistakenly identify a legitimate file as malware. True

When antivirus software detects malware, which of the following would not be a course of action you could take?
Conduct a heuristic analysis.

Once you have installed antivirus software, you don't typically need to keep it running full time in the background. False

A virus hoax usually arrives as an email message that contains warnings about a supposedly new virus.

A(n) online intrusion takes place when an unauthorized person gains access to a digital device by using an Internet connection and exploiting vulnerabilities in hardware or software.

Which of the following sequence of events best describes an online intrusion?
Malware enters the device, then opens a backdoor, leading to an open communications link on the device that a hacker can exploit.

A RAT is malware that arrives in a trojan disguised as legitimate software and sets up a secret communication link to a hacker.

A(n) backdoor is an undocumented method of accessing a digital device.

RATs can be used to create a backdoor to a victim’s device that takes control of the device’s camera. True

If you are traveling and expect to access files on a computer that you’ve left at home, make sure the remote access utilities is turned off. False

Which type of device is the top target for ransomware? Smartphones

Ransomware locks a device and then requests payment for an unlocking code.

Hackers who gain control over several computers can organize them into a client-server network known as a(n) botnet.

A botnet has a server that is controlled by hackers. True

All of the above can be used to flood a Web site with so much traffic that it can no longer provide its intended service.

Correctly installed antivirus software will prevent all intrusions. False

Antivirus software cannot be expected to block threats that do not arrive in the form of malware. True

A(n) zero-day attack exploits previously unknown vulnerabilities in software applications, hardware, and operating system program code.

Anti-exploit software shields certain applications against behaviors commonly exhibited by intrusions.

Hackers can use ports to communicate with devices in botnets. True

A(n) port scan pings a packet of data to a port in order to see if that port is open or not.

A network utility called Netstat produces a detailed list of open ports on a device.

A(n) firewall is a device or software that is designed to block unauthorized access while allowing authorized communications.

Which of the following can be used to block unauthorized access while allowing authorized communications on a device or network? all of the above

Any software that secretly gathers personal information without the victim’s knowledge is classified as spyware.

Which of the following would be considered spyware? a keylogger

MITM attacks include which of the following? all of the above

The objective of a MITM attack is for a third party to block communications between two entities. False

A(n) Evil Twin is a LAN server that is designed to look like a legitimate Wi-Fi hotspot.

To establish a(n) Evil Twin, hackers set up an unsecured Wi-Fi hotspot complete with an Internet connection.

Address spoofing changes an originating address or a destination address to redirect the flow of data between two parties.

If a hacker intercepts encrypted data by way of a MITM attack, the contents of that data is not always secure. True

The current method of encrypting communication between a client and a server depends on a security protocol called TLS.

IMSI is a 64-bit number that uniquely identifies a cellular device.

IMSI catchers are operated by cellular service companies. False

Social engineering is a deceptive practice that exploits human psychology by inducing victims to interact with a digital device in a way that is not in their best interest.

none of the above is a term for a person who devises and carries out a scam in order to accomplish a goal.

Social engineering attacks prey on human vulnerabilities. True

A social engineering scam called advance fee fraud is when a victim is promised a large sum of money in exchange for a bank account number from which a small advance fee is withdrawn.

Spam is defined as unsolicited messages that are usually sent in massive numbers using electronic mail systems.

Spam sent by scammers often uses spoofed email addresses. True

Most mass-mailing databases are legitimately compiled from customer lists. False

Spam accounts for approximately 70% of all email.

The CAN-SPAM Act is considered an effective means of controlling the volume of spam on the Internet. False

Pretexting is a term describing spam that uses a false pretext to trick victims into participating.

Most ISPs and email services do not use filtering techniques to block spam. False

A spam filter uses a set of rules to examine email messages and determine which are spam.

Which of the following is not a type of spam filter? Entropy

Blacklist and header filtering is usually performed by email clients and Webmail services. False

Phishing is an email scam that masquerades as a message from a legitimate source.

Pharming redirects Web site traffic to fraudulent Web sites.

Pharming attacks carried out by DNS spoofing can be detected by antivirus software or spyware removal software. False.

Safe Browsing is a service offered by Google that checks URLs against a list of suspicious Web site URLs.

Microsoft uses a service called Safe Browsing to alert users about sites to avoid. False

A rogue antivirus exploit usually begins with a virus warning and an offer to disinfect the infected device.

The most common types of PUPs and PUAs are toolbars and alternative browsers. True

What is the term used to describe unwanted software that installs along with the application software that you originally downloaded and installed? PUP