Module 5: Threats

Assessment

True/False

Indicate whether the statement is true or false.

 

____ 1. An attacker has successfully committed a Denial-of-Service against a website, bringing it down for 3 hours until network engineers could resolve the problem. This is classified as a threat.

 

____ 2. Treats are the possibility that a negative event can occur.

 

____ 3. Attacks require malicious intent, so are always caused by people who intend to violate security.

 

____ 4. Lightning is an example of a threat agent.

Multiple Choice

Identify the choice that best completes the statement or answers the question.

 

____ 5. Which of the following is not an example of a threat category?

  • a. Attacks
  • b. Buggy software
  • c. Natural event
  • d. Human error

 

____ 6. Which of the following is not a threat to critical infrastructure?

  • a. Growth of very sophisticated tools that don’t require much skill level to use
  • b. High profile nature of critical infrastructure systems
  • c. The rapid development of technology
  • d. The interconnected nature of industrial control systems

 

____ 7. A social engineering tactic in which the attacker compromises a users system by sending them a spoofed email to get them to provide them with their user ID and password is called

  • a. Phishing
  • b. An Insider Attack
  • c. Cracking
  • d. Piggybacking

Completion

Complete each statement.

 

8. The types of attacks and attackers specific to a company is known as the threat ___________.

9. A social engineering attack in which the victim is tricked into clicking a link in an email that, then, infects them with malware or sends their user id and password to the attacker is known as ____________.

10. A web server attack in which the attacker’s malicious content appears in the user’s browser is called a/an  ___________.

Matching

  • a. DoS Attack
  • b. Hijacking
  • c. Ransomware
  • d. DDoS Attack
  • e. Buffer Overflow
  • f. SQL Injection
  • g. Trojan Horse
  • h. Virus
  • i. SMTP Spam Engine
  • j. Worm

 

____ 11. An attack in which multiple attackers attempt to flood a device

 

____ 12. Malware that replicates autonomously

 

____ 13. A Web application attack against a connected database

 

____ 14. Malicious code attached to a file that, when executed, delivers its payload

 

____ 15. Malware that encrypts the victims files on their computer until money is sent to the attacker

 

____ 16. An attack that leverages email protocols to send out messages from the infected device

 

____ 17. An attack that seizes control of communications, sending the communications to the attacker’s system

 

____ 18. An attack in which a single attacker overwhelms a system with a flood of traffic, in order to make it unavailable

 

____ 19. An attack that writes data to unexpected areas of memory, causing the device to crash

 

____ 20. Malware embedded in what appears to be a useful file

License

Icon for the Creative Commons Attribution 4.0 International License

Critical Infrastructure Systems by NCyTE Center is licensed under a Creative Commons Attribution 4.0 International License, except where otherwise noted.

Share This Book