1|Page
CYBR 2600 Final Exam Questions
with Detailed Verified Answers
Graded A+
the Morris worm Ans: (Security Chapter 1) Which internet worm, released in
1988, could be one of the first real internet crime cases?
It exploited a buffer-overflow vulnerability in computers running Microsoft
SQL server or SQL Server Desktop Engine. Ans: (Security Chapter 1) How did
the slammer worm infect the victim's computer?
Sandworm Ans: (Security Chapter 1) Which brand-name attack group consists
of Russian hackers who have launched major issues to Ukraine via numerous
attacks over the past couple of years?
target of opportunity attack Ans: (Security Chapter 1) Which term refers to
conduct against a site with software that is vulnerable to a specific exploit.
Script Kiddies Ans: (Security Chapter 1) __________________ are individuals who
do not have the technical expertise to develop scripts or discover innovative
vulnerabilities in software but who have just enough understanding of
computers systems to be able to download and run scripts that others hackers
have developed.
Protection = Prevention + (Detection + Response) Ans: (Security Chapter 2)
Which equation describes the operation model of security?
session management, exception management, and configuration
management. Ans: (Security Chapter 2) What are the three operation tenets
revealed in secure deployments?
, 2|Page
Phreaking Ans: (Security Chapter 2) _______________ refers to the "hacking" of
the computers and systems used by a telephone company to operate its
telephone network and services.
Isolation Ans: (Security Chapter 2) ______________ is the concept of separating
items so that they cannot interfere with each other.
information classification Ans: (Security Chapter 2) Which type of classification
contains categories such as High, Medium, Low, Confidential, Private, and
Public?
Uniform Partnership Act (UPA) Ans: (Security Chapter 3) Which document lists
a uniform set of rules associated with partnerships to resolve any partnership
terms?
Policies Ans: (Security Chapter 3) _____________ are high-level, broad
statements of what organizations plans to accomplish.
Guidelines Ans: (Security Chapter 3) _______________ are recommendations
relating to policy.
People have a basic desire to withhold information for personal gain. Ans:
(Security Chapter 3) Which statement represents why social engineering is
successful?
The attacker modifies local host files, which are used to convert URLs to the
appropriate IP address, so that the user is directed to a fake website. Ans:
(Security Chapter 3) Which statement describes how pharming is
accomplished?
An attacker directly observes the target entering sensitive information on a
form, keypad, or keyboard. Ans: (Security Chapter 4) Which statement
introduces how shoulder surfing is accomplished?
CYBR 2600 Final Exam Questions
with Detailed Verified Answers
Graded A+
the Morris worm Ans: (Security Chapter 1) Which internet worm, released in
1988, could be one of the first real internet crime cases?
It exploited a buffer-overflow vulnerability in computers running Microsoft
SQL server or SQL Server Desktop Engine. Ans: (Security Chapter 1) How did
the slammer worm infect the victim's computer?
Sandworm Ans: (Security Chapter 1) Which brand-name attack group consists
of Russian hackers who have launched major issues to Ukraine via numerous
attacks over the past couple of years?
target of opportunity attack Ans: (Security Chapter 1) Which term refers to
conduct against a site with software that is vulnerable to a specific exploit.
Script Kiddies Ans: (Security Chapter 1) __________________ are individuals who
do not have the technical expertise to develop scripts or discover innovative
vulnerabilities in software but who have just enough understanding of
computers systems to be able to download and run scripts that others hackers
have developed.
Protection = Prevention + (Detection + Response) Ans: (Security Chapter 2)
Which equation describes the operation model of security?
session management, exception management, and configuration
management. Ans: (Security Chapter 2) What are the three operation tenets
revealed in secure deployments?
, 2|Page
Phreaking Ans: (Security Chapter 2) _______________ refers to the "hacking" of
the computers and systems used by a telephone company to operate its
telephone network and services.
Isolation Ans: (Security Chapter 2) ______________ is the concept of separating
items so that they cannot interfere with each other.
information classification Ans: (Security Chapter 2) Which type of classification
contains categories such as High, Medium, Low, Confidential, Private, and
Public?
Uniform Partnership Act (UPA) Ans: (Security Chapter 3) Which document lists
a uniform set of rules associated with partnerships to resolve any partnership
terms?
Policies Ans: (Security Chapter 3) _____________ are high-level, broad
statements of what organizations plans to accomplish.
Guidelines Ans: (Security Chapter 3) _______________ are recommendations
relating to policy.
People have a basic desire to withhold information for personal gain. Ans:
(Security Chapter 3) Which statement represents why social engineering is
successful?
The attacker modifies local host files, which are used to convert URLs to the
appropriate IP address, so that the user is directed to a fake website. Ans:
(Security Chapter 3) Which statement describes how pharming is
accomplished?
An attacker directly observes the target entering sensitive information on a
form, keypad, or keyboard. Ans: (Security Chapter 4) Which statement
introduces how shoulder surfing is accomplished?
