Module 5: Threats
Assessment
True/False
Indicate whether the statement is true or false.
____ 1. An attacker has successfully committed a Denial-of-Service against a website, bringing it down for 3 hours until network engineers could resolve the problem. This is classified as a threat.
____ 2. Treats are the possibility that a negative event can occur.
____ 3. Attacks require malicious intent, so are always caused by people who intend to violate security.
____ 4. Lightning is an example of a threat agent.
Multiple Choice
Identify the choice that best completes the statement or answers the question.
____ 5. Which of the following is not an example of a threat category?
- a. Attacks
- b. Buggy software
- c. Natural event
- d. Human error
____ 6. Which of the following is not a threat to critical infrastructure?
- a. Growth of very sophisticated tools that don’t require much skill level to use
- b. High profile nature of critical infrastructure systems
- c. The rapid development of technology
- d. The interconnected nature of industrial control systems
____ 7. A social engineering tactic in which the attacker compromises a users system by sending them a spoofed email to get them to provide them with their user ID and password is called
- a. Phishing
- b. An Insider Attack
- c. Cracking
- d. Piggybacking
Completion
Complete each statement.
8. The types of attacks and attackers specific to a company is known as the threat ___________.
9. A social engineering attack in which the victim is tricked into clicking a link in an email that, then, infects them with malware or sends their user id and password to the attacker is known as ____________.
10. A web server attack in which the attacker’s malicious content appears in the user’s browser is called a/an ___________.
Matching
- a. DoS Attack
- b. Hijacking
- c. Ransomware
- d. DDoS Attack
- e. Buffer Overflow
- f. SQL Injection
- g. Trojan Horse
- h. Virus
- i. SMTP Spam Engine
- j. Worm
____ 11. An attack in which multiple attackers attempt to flood a device
____ 12. Malware that replicates autonomously
____ 13. A Web application attack against a connected database
____ 14. Malicious code attached to a file that, when executed, delivers its payload
____ 15. Malware that encrypts the victims files on their computer until money is sent to the attacker
____ 16. An attack that leverages email protocols to send out messages from the infected device
____ 17. An attack that seizes control of communications, sending the communications to the attacker’s system
____ 18. An attack in which a single attacker overwhelms a system with a flood of traffic, in order to make it unavailable
____ 19. An attack that writes data to unexpected areas of memory, causing the device to crash
____ 20. Malware embedded in what appears to be a useful file