It411 Computer Security Prelim Examination

Knowledge and experience of people is not an example of tangible assets because it refers to the intangible qualities possessed by individuals. Tangible assets are physical assets that can be touched or seen, such as data printed on paper, network equipment, servers, and computers.

Trash scouring refers to the process of masquerading as cleaning staff in order to dig through trash and gather information such as customer information and human resources information. This involves going through discarded documents, files, or any other materials that may contain valuable or sensitive information. This method is often used by individuals or groups seeking to obtain confidential information for malicious purposes. It is a form of social engineering where the attacker takes advantage of lax security measures and the assumption that trash is not a source of valuable information.

A port scan is the process of scanning a computer to look for open port numbers. This is done to identify any potential vulnerabilities or security holes in the system. By scanning the ports, an attacker can determine which ports are open and potentially exploit them to gain unauthorized access or launch an attack. Therefore, the correct answer is port scan.

A computer virus is a malicious program that is created with the intention of intruding into a computer without the user's knowledge and causing harm. It is designed to destroy or corrupt data within the computer. Unlike spyware, which is primarily used to gather information without causing direct harm, a computer virus is specifically created to cause damage. An email bomb is a different type of attack that involves overwhelming a user's email inbox with a large number of emails, causing it to crash or become unresponsive. Phishing, on the other hand, is a form of cyber attack where attackers try to trick users into revealing sensitive information such as passwords or credit card details.

Intrusion refers to the act of trespassing into a building or site by using items such as an ID card that have been found or stolen. It involves gaining unauthorized access to a restricted area by exploiting stolen or misplaced identification credentials. This can be done with the intention of stealing valuable information, causing damage, or carrying out illegal activities within the premises.

Social engineering refers to the act of manipulating people to obtain important information through physical and personal means and use it for fraudulent purposes. This can involve techniques such as impersonation, deception, and manipulation to gain the trust of individuals and exploit their vulnerabilities. It is a form of psychological manipulation that aims to trick people into divulging sensitive information or performing actions that may compromise their security.

Published information refers to information that has been made available to the public, such as product catalogs and information on web pages. It is information that can be accessed and viewed by anyone without any restrictions or limitations. This type of information is not confidential or unpublished, and can be freely distributed or shared.

This answer is correct because program destruction refers to a type of virus that causes destruction to application software or the operating system. This type of virus is designed to corrupt or delete programs, leading to the malfunctioning or complete breakdown of the software. It can cause significant damage to the system and may require reinstalling or repairing the affected programs or operating system to resolve the issue.

Information assets refer to assets whose value should be protected, such as data, software, computers, and network equipment. These assets hold valuable information and are crucial for the functioning and success of an organization. Protecting these assets from unauthorized access, theft, or damage is essential to maintain the confidentiality, integrity, and availability of the information they hold. Safeguarding information assets is a fundamental aspect of information security practices. Tangible assets refer to physical assets that can be touched, while intangible assets refer to non-physical assets such as intellectual property or brand reputation.

Peeping refers to the act of looking at someone's keyboard while they are entering a password. This behavior is typically done with the intention of obtaining unauthorized access to the person's account or stealing sensitive information. It is considered a form of invasion of privacy and can lead to various security breaches.

An operating system is an example of an intangible asset because it cannot be physically touched or seen. It is a software program that allows a computer to function and manage hardware and software resources. Unlike a hard copy of customer information, a router, or a system unit, an operating system does not have a physical form and exists only in the form of code and instructions. Therefore, it is considered an intangible asset.

Phishing refers to the act of sending emails that impersonate legitimate corporations or organizations in order to deceive recipients into providing their personal credit information, such as credit card numbers, IDs, and passwords. This is typically done through fraudulent emails that appear to be from trusted sources, tricking recipients into disclosing sensitive information.

The act described in the question involves intruding on a system without authorization and using unauthorized means to rewrite data within a computer. This action does not involve theft or loss of information, as the focus is on unauthorized manipulation rather than taking or losing data. Instead, it is more accurately described as falsification of information, as the unauthorized access is used to alter or manipulate data within the system. Leakage is not an appropriate term for this action, as it implies unintentional or accidental disclosure of information, which is not the case here.

A boot sector virus is a type of virus that infects the location that stores the program that is executed on system launch. When a computer is started, the boot sector virus loads itself into the computer's memory, allowing it to infect other files and spread throughout the system. This type of virus specifically targets the boot sector, which is responsible for starting up the computer and loading the operating system. By infecting the boot sector, the virus can gain control over the system and potentially cause damage or steal information.

A dictionary attack is a form of password cracking where a large list of candidate user names and passwords is used for analysis. This method involves systematically trying each entry in the list until a match is found, allowing unauthorized access to an account. Unlike a brute force attack that tries all possible combinations, a dictionary attack uses a predefined set of commonly used passwords and words from dictionaries, making it more efficient. This technique takes advantage of the fact that many people use weak passwords or common words, making it easier to guess or crack their passwords.

An email bomb is an attack where a large number of emails are sent to a mail server in an attempt to overwhelm and disable its functions. This is achieved by flooding the server with a high volume of incoming emails, causing it to become overloaded and unable to handle legitimate requests. This type of attack can disrupt email communication and cause significant inconvenience or damage to the targeted server and its users.

Resistancy is not part of the life cycle of a computer virus because it does not involve any stage or process that is typically associated with the life cycle of a virus. The life cycle of a computer virus typically includes stages such as infection, dormancy, and the appearance of symptoms. Resistancy, on the other hand, refers to the ability of a virus to withstand or counteract attempts to eliminate it, which is not a stage in the life cycle but rather a characteristic of the virus itself.

A brute force attack is a form of password cracking that involves using a program to generate random character strings and then analyzing them to find the correct password. This method is time-consuming and resource-intensive, as it systematically tries every possible combination until the correct password is found. It is often used when other methods, such as a dictionary attack or password attack, are not successful in cracking the password.

A stealth virus is a type of virus that is designed to hide itself and make it difficult for antivirus software to detect its presence. It achieves this by modifying its code or behavior in order to avoid detection. This type of virus can be particularly dangerous as it can infect a system without being detected and can continue to spread and cause harm without the user's knowledge.

Product catalogs are not an example of unpublished information because they are typically distributed to customers and made available for public viewing. Unpublished information refers to confidential or restricted data that is not accessible to the general public. In contrast, customer information, human resources information, and product cost sheets are examples of unpublished information as they contain sensitive data that is not intended to be shared with the public.

A BOT is a type of computer virus that is specifically designed to infect a computer and allow a third party to control it for malicious purposes. Once a computer is infected with a BOT, the attacker can manipulate the computer and cause significant harm. Unlike other types of viruses, a BOT is created with the intention of remote control and manipulation rather than simply causing damage or stealing information.