- Email support@dumps4free.com
In this attack, a victim receives an e-mail claiming from PayPal stating that their account
has been disabled and confirmation is required before activation. The attackers then scam
to collect not one but two credit card numbers, ATM PIN number and other personal
details. Ignorant users usually fall prey to this scam.
Which of the following statement is incorrect related to this attack?
A.
Do not reply to email messages or popup ads asking for personal or financial
information
B.
Do not trust telephone numbers in e-mails or popup ads
C.
Review credit card and bank account statements regularly
D.
Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
E.
Do not send credit card numbers, and personal or financial information via e-mail
Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
A bank stores and processes sensitive privacy information related to home loans. However,
auditing has never been enabled on the system. What is the first step that the bank should
take before enabling the audit feature?
A.
Perform a vulnerability scan of the system.
B.
Determine the impact of enabling the audit feature.
C.
Perform a cost/benefit analysis of the audit feature.
D.
Allocate funds for staffing of audit log review
Determine the impact of enabling the audit feature.
Which of the following describes the characteristics of a Boot Sector Virus?
A.
Modifies directory table entries so that directory entries point to the virus code instead of the actual program.
B.
Moves the MBR to another location on the RAM and copies itself to the original location of the MBR.
C.
Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.
D.
Overwrites the original MBR and only executes the new virus code.
Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.
John, a professional hacker, performs a network attack on a renowned organization and
gains unauthorized access to the target network. He remains in the network without being
detected for a long time and obtains sensitive information without sabotaging the
organization. Which of the following attack techniques is used by John?
A.
Advanced persistent
B.
threat Diversion theft
C.
Spear-phishing sites
D.
insider threat
Advanced persistent
Explanation: An advanced persistent threat (APT) may be a broad term wont to describe
AN attack campaign within which an intruder, or team of intruders, establishes a bootleg,
long presence on a network so as to mine sensitive knowledge.
The targets of those assaults, that square measure terribly fastidiously chosen and
researched, usually embrace massive enterprises or governmental networks. the
implications of such intrusions square measure huge, and include:
Intellectual property thieving (e.g., trade secrets or patents)
Compromised sensitive info (e.g., worker and user personal data)
The sabotaging of essential structure infrastructures (e.g., information deletion)
Total website takeovers
Executing an APT assault needs additional resources than a regular internet application
attack. The perpetrators square measure typically groups of intimate cybercriminals having
substantial resource. Some APT attacks square measure government-funded and used as
cyber warfare weapons.
APT attacks dissent from ancient internet application threats, in that:
They’re considerably additional advanced.
They’re not hit and run attacks—once a network is infiltrated, the culprit remains so
as to realize the maximum amount info as potential.
They’re manually dead (not automated) against a selected mark and
indiscriminately launched against an outsized pool of targets.
They typically aim to infiltrate a complete network, as opposition one specific half.
More common attacks, like remote file inclusion (RFI), SQL injection and cross-site
scripting (XSS), square measure oftentimes employed by perpetrators to ascertain a
footing in a very targeted network. Next, Trojans and backdoor shells square measure
typically wont to expand that foothold and make a persistent presence inside the targeted
perimeter.
What term describes the amount of risk that remains after the vulnerabilities are classified
and the countermeasures have been deployed?
A.
Residual risk
B.
Impact risk
C.
Deferred risk
D.
Inherent risk
Residual risk
| Page 14 out of 104 Pages |
| Previous |