IT Essentials - Fundamental Security - Chapter 9

A Trojan horse is a type of malware that disguises itself as legitimate software but actually contains malicious code. Unlike viruses or worms, a Trojan horse does not need to be attached to other software to infect a computer. It can be downloaded and executed independently, often tricking users into thinking it is a harmless program. Once installed, a Trojan horse can perform various malicious activities, such as stealing sensitive information, damaging files, or allowing unauthorized access to the infected system.

The given statement describes spam as a form of unsolicited mail. Spam refers to unwanted or unsolicited messages, typically sent in bulk, often advertising products or services. It is commonly associated with email but can also occur through other communication channels such as text messages or social media. The term "spam" originated from a Monty Python sketch where the word was repeated excessively, similar to how unwanted messages can flood inboxes or mailboxes.

It is not possible to reverse the file structure from NTFS back to FAT32. NTFS (New Technology File System) and FAT32 (File Allocation Table) are two different file systems used by different operating systems. NTFS is the default file system for Windows, while FAT32 is an older file system used by Windows and other operating systems. Converting from NTFS to FAT32 would require reformatting the entire drive, resulting in the loss of all data. Therefore, it is not possible to reverse the file structure from NTFS back to FAT32.

Updates need to be installed after they have been downloaded. Downloading an update is only the process of acquiring the necessary files, but the installation process is required to actually apply the changes and update the software or system. Therefore, the statement that updates do not need to be installed once they have been downloaded is false.

A VPN, or virtual private network, is an encryption system that protects data as though it resides on a private network. It allows users to securely access and transmit data over a public network, such as the internet, by creating a private and encrypted connection. This ensures that the data is protected from unauthorized access and interception, providing a secure and private communication channel for users.

Phishing is a form of social engineering where attackers deceive individuals into revealing sensitive information such as passwords, credit card numbers, or personal data. They typically masquerade as trustworthy entities through emails, messages, or websites, tricking victims into clicking on malicious links or providing confidential information. This tactic exploits human psychology and trust to manipulate individuals into compromising their security.

DDoS (distributed denial of service) is the correct answer for the question. DDoS is a threat to security that involves overwhelming servers with traffic from zombie computers. Zombie computers are typically infected with malware and controlled by a hacker without the owner's knowledge. These computers are used to generate a massive amount of traffic, causing the targeted server to become overloaded and unable to respond to legitimate requests. This type of attack can disrupt the availability of a website or online service, making it inaccessible to users.

Organizations often create a written security policy to ensure the safety and protection of their systems and data. This policy explicitly states that employees are prohibited from installing any software that is not provided by the company. This measure helps to prevent unauthorized software installations that may introduce security vulnerabilities or compromise the organization's network. By enforcing this policy, organizations can maintain control over the software environment and reduce the risk of potential threats or breaches.

Before updating a virus signature file, it is advisable to create a restore point. This is because updating a virus signature file involves making changes to the system, and in case anything goes wrong during the update, having a restore point allows the user to revert back to a previous stable state of the system. A restore point serves as a backup and helps in restoring the system to its previous functioning state if needed.

LEAP, which stands for Lightweight Extensible Authentication Protocol, is a wireless security protocol developed by Cisco. It was created to address the vulnerabilities found in the WEP and WPA protocols. LEAP provides a more secure and robust authentication mechanism for wireless networks, making it a suitable solution for ensuring the confidentiality and integrity of data transmitted over wireless connections.

WEP stands for "wired equivalent privacy". This term refers to a security protocol used in wireless networks to provide a level of privacy and data protection equivalent to that of a wired network. WEP encrypts data transmitted over the network to prevent unauthorized access and ensure the confidentiality of information. However, it is important to note that WEP is now considered to be weak and vulnerable to attacks, and it has been largely replaced by more secure protocols such as WPA and WPA2.

The correct answer is "malicious threats" and "malicious threat". These terms refer to situations where an employee has the intention to cause harm or damage. The use of the plural form "threats" indicates that there can be multiple instances of such behavior, while the singular form "threat" suggests a single occurrence. Both forms accurately describe the concept of intentional harm caused by an employee.

Port protection refers to the ability to control the type of data sent to a computer by selecting which ports will be open and which will be secure. This feature allows the user to manage the incoming and outgoing traffic through specific ports, ensuring that only authorized data is allowed to pass through while blocking any potentially harmful or unauthorized data. Port protection is an essential aspect of network security, as it helps to prevent unauthorized access, data breaches, and other malicious activities.

A fingerprint reader is considered an example of biometric security technology because it uses unique physical characteristics, such as fingerprints, to verify and authenticate an individual's identity. Biometric technology relies on the uniqueness and permanence of these biological traits to provide a high level of security, as they are difficult to replicate or forge. By scanning and comparing an individual's fingerprint with a stored database, fingerprint readers can accurately identify and grant access only to authorized individuals.

Adware is a type of program that displays advertising on a computer and is commonly distributed with downloaded software. Unlike malware, which encompasses various types of malicious software, adware is not necessarily harmful or intended to cause damage. Instead, it is designed to generate revenue for the developers by displaying advertisements to the user. Adware can be annoying and intrusive, but it is generally considered less harmful than other types of malicious software.

Smashing a hard drive with a hammer ensures that the data on it is non-recoverable because it physically damages the internal components of the drive, making it impossible to retrieve any information. Formatting the drive or re-installing the file system may still leave traces of the data that can potentially be recovered. Deleting all files also does not guarantee complete erasure as the data can still be recovered using specialized software.

An offsite secure facility is the safest place to store backups because it provides protection against physical threats such as fire, theft, or natural disasters. Storing backups in a different location ensures that they are not vulnerable to the same risks as the original data. Additionally, a secure facility typically has advanced security measures in place, such as surveillance cameras, access controls, and redundant power and cooling systems, to further safeguard the backups. This minimizes the risk of data loss and ensures that the backups are readily available in case of any unforeseen events.

To physically protect computer equipment, controlling access to facilities is important as it restricts unauthorized individuals from entering areas where the equipment is located. This helps prevent theft or tampering. Additionally, using security cages around equipment adds an extra layer of protection by physically enclosing the equipment and preventing unauthorized access. This further reduces the risk of theft or damage to the equipment.

The correct answer is a mixture of numbers, special characters, uppercase and lowercase letters. This is because a strong password should have a combination of different character types to make it harder for hackers to guess or crack. Including numbers, special characters, uppercase and lowercase letters increases the complexity of the password and makes it more secure.

Java and Active X are both web tools that can be used by attackers to install a program on a computer. Java is a programming language that is commonly used to create web-based applications and can be exploited by attackers to execute malicious code on a victim's computer. Active X is a framework developed by Microsoft that allows for the creation of interactive content on websites, but it can also be used by attackers to install malware or gain unauthorized access to a system.

A Denial of Service (DoS) attack is a form of attack that prevents users from accessing normal services, such as e-mail or web server. In a DoS attack, the attacker overwhelms the target system with a flood of illegitimate requests or traffic, causing the system to become overloaded and unable to respond to legitimate user requests. This effectively denies access to the normal services for legitimate users. Ping of death, E-mail bomb, and DDOS are also types of attacks, but they do not specifically target and prevent access to normal services like a DoS attack does.

This scenario describes a case of social engineering. Social engineering is a type of attack where an attacker manipulates or deceives individuals into revealing confidential information or performing actions that they shouldn't. In this case, the partner of the employee used their relationship to gain access to the employee's diary and obtain the password and username, which were then used to hack into the company network.

A SYN flood attack is a type of TCP/IP attack where the attacker sends a large number of SYN requests to a target server, but does not complete the handshake process. This causes the server to allocate resources to each incomplete connection, eventually exhausting its resources and making it unable to handle legitimate requests. This attack randomly opens TCP ports because it floods the server with SYN requests, overwhelming its capacity to handle them.

The question is asking about the types of WEP (Wired Equivalent Privacy) encryption. WEP is a security protocol used to protect wireless networks. The given answer options include different bit sizes, which refer to the length of the encryption key used in WEP. The correct answer is 64 bit, 128 bit, and 256 bit, as these are common key lengths used in WEP encryption. These bit sizes determine the strength of the encryption, with larger key lengths providing stronger security.

The two types of security threats are data and physical. Data threats refer to any unauthorized access, alteration, or destruction of digital information, such as hacking or data breaches. Physical threats, on the other hand, involve any potential harm or damage to the physical infrastructure or assets of an organization, including theft, vandalism, or natural disasters. Both types of threats pose significant risks to the security and integrity of an organization's systems and data.