Cybersecurity Management Exam Questions and Correct Answers Latest Update 2024 (Rated A+)

Cybersecurity Management Exam Questions and Correct Answers Latest Update 2024 (Rated A+) threat environment - Answers types of attackers and attacks that companies face security goals - Answers confidentiality, integrity, availability confidentiality - Answers people cannot read sensitive information integrity - Answers attackers cannot change or destroy information availability - Answers people who are authorized to use information are not prevented from doing so compromises - Answers successful attacks countermeasures - Answers tools used to thwart attacks types of countermeasures - Answers preventative, detective, corrective sony attack method - Answers sql injection sql injection - Answers sending modified sql statements through web application to alter how sql statement is processed why are employees dangerous - Answers knowledge of systems, permissions to access systems, can avoid detection, trusted employee sabotage - Answers destruction of hardware, software, or data hacking - Answers intentionally accessing a computer resource without authorization or in excess of authorization employee financial theft - Answers misappropriation of funds employee extortion - Answers perpetrator tries to obtain money or other goods by threatening to take actions that would be against the victim's interest other internal attackers - Answers contract workers malware - Answers evil software viruses - Answers programs that attach themselves to legitimate programs on the victim's machine; spread primarily by email worms - Answers stand-alone programs that do not attach themselves to other programs; can jump from one computer to another without human intervention on the receiving computer payloads - Answers pieces of code that do damage; implemented by viruses and worms after propagation how non-mobile malware is placed on computer - Answers by hackers; by virus or worm as part of payload; by victim downloading program; mobile code on a website can download trojan horse - Answers program that hides itself by deleting a system file and taking on the system file's name remote access trojans (RAT) - Answers allow the attacker to control your computer remotely spyware - Answers programs that gather information about you and make it available to the adversary (cookies, keystroke loggers, data mining) cookies - Answers small text strings stored on your PC by websites to remember passwords and what actions you took in a series of screens keystroke loggers - Answers capture all of your keystrokes; can then be searched for usernames, passwords, ss numbers, credit card numbers data mining spyware - Answers searches through your disk drives for personal information rootkits - Answers take control of the super user account (root, administrator) and use its privileges to hide themselves mobile code - Answers executable code on a webpage; code is executed automatically when the webpage is downloaded social engineering - Answers attempting to trick users into doing something that goes against security policies (spam, phishing) traditional hacker motives - Answers thrill of break-ins, validation of their skills, embarrassing victim anatomy of a hack - Answers target selection by reconnaissance probes and then the exploit reconnaissance probes - Answers casing the neighborhood with IP address scanning and port scanning exploit - Answers specific attack method that the attacker uses to break into the computer spoofing - Answers placing a different IP address in the source IP address field to frustrate efforts to find the attacker chain of attack computers - Answers if attacker needs replies from the victim, attacker works