Last Updated on October 29, 2019 by Admin
CCNA CyberOps Chapter 6 Exam Online
CCNA CyberOps 1.1 -- Chapter 6 Exam
Quiz-summary
0 of 28 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
Information
CCNA CyberOps 1.1 — Chapter 6 Exam
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 28 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Average score |
|
Your score |
|
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- Answered
- Review
-
Question 1 of 28
1. Question
1 pointsWhat is the motivation of a white hat attacker?
Correct
Incorrect
White hat attackers break into networks or computer systems in order to discover weaknesses for the purpose of improving the security of these systems. These break-ins are done with permission from the owner or the organization. Any results are reported back to the owner or the organization.
Hint
White hat attackers break into networks or computer systems in order to discover weaknesses for the purpose of improving the security of these systems. These break-ins are done with permission from the owner or the organization. Any results are reported back to the owner or the organization.
-
Question 2 of 28
2. Question
1 pointsWhich type of hacker is motivated to protest against political and social issues?
Correct
Incorrect
Hackers are categorized by motivating factors. Hacktivists are motivated by protesting political and social issues.
Hint
Hackers are categorized by motivating factors. Hacktivists are motivated by protesting political and social issues.
-
Question 3 of 28
3. Question
1 pointsWhich security threat installs on a computer without the knowledge of the user and then monitors computer activity?
Correct
Incorrect
Spyware normally installs on a system without end-user knowledge and monitors activity on a computer, which can then be sent to the source of spyware. Viruses infect systems and execute malicious code. Worms self-replicate and propagate across networks from a singular host, consuming a lot of bandwidth. Adware is normally distributed through downloaded software and results in the exhibition of several pop-up windows on the system.
Hint
Spyware normally installs on a system without end-user knowledge and monitors activity on a computer, which can then be sent to the source of spyware. Viruses infect systems and execute malicious code. Worms self-replicate and propagate across networks from a singular host, consuming a lot of bandwidth. Adware is normally distributed through downloaded software and results in the exhibition of several pop-up windows on the system.
-
Question 4 of 28
4. Question
1 pointsWhat is a significant characteristic of virus malware?
Correct
Incorrect
A virus is malicious code that is attached to a legitimate program or executable file, and requires specific activation, which may include user actions or a time-based event. When activated, a virus can infect the files it has not yet infected, but does not automatically propagate itself to other systems. Self-propagation is a feature of worms. In addition to being distributed over the Internet, viruses are also spread by USB memory sticks, CDs, and DVDs.
Hint
A virus is malicious code that is attached to a legitimate program or executable file, and requires specific activation, which may include user actions or a time-based event. When activated, a virus can infect the files it has not yet infected, but does not automatically propagate itself to other systems. Self-propagation is a feature of worms. In addition to being distributed over the Internet, viruses are also spread by USB memory sticks, CDs, and DVDs.
-
Question 5 of 28
5. Question
3 pointsWhat are the three major components of a worm attack? (Choose three.)
Correct
Incorrect
A computer can have a worm installed through an email attachment, an executable program file, or a Trojan Horse. The worm attack not only affects one computer, but replicates to other computers. What the worm leaves behind is the payload–the code that results in some action.
Hint
A computer can have a worm installed through an email attachment, an executable program file, or a Trojan Horse. The worm attack not only affects one computer, but replicates to other computers. What the worm leaves behind is the payload–the code that results in some action.
-
Question 6 of 28
6. Question
1 pointsWhat type of malware has the primary objective of spreading across the network?
Correct
Incorrect
The main purpose of a worm is to self-replicate and propagate across the network. A virus is a type of malicious software that needs a user to spread. A trojan horse is not self-replicating and disguises itself as a legitimate application when it is not. A botnet is a series of zombie computers working together to wage a network attack.
Hint
The main purpose of a worm is to self-replicate and propagate across the network. A virus is a type of malicious software that needs a user to spread. A trojan horse is not self-replicating and disguises itself as a legitimate application when it is not. A botnet is a series of zombie computers working together to wage a network attack.
-
Question 7 of 28
7. Question
1 pointsWhat is a characteristic of a Trojan horse as it relates to network security?
Correct
Incorrect
A Trojan horse carries out malicious operations under the guise of a legitimate program. Denial of service attacks send extreme quantities of data to a particular host or network device interface. Password attacks use electronic dictionaries in an attempt to learn passwords. Buffer overflow attacks exploit memory buffers by sending too much information to a host to render the system inoperable.
Hint
A Trojan horse carries out malicious operations under the guise of a legitimate program. Denial of service attacks send extreme quantities of data to a particular host or network device interface. Password attacks use electronic dictionaries in an attempt to learn passwords. Buffer overflow attacks exploit memory buffers by sending too much information to a host to render the system inoperable.
-
Question 8 of 28
8. Question
1 pointsWhich type of Trojan horse security breach uses the computer of the victim as the source device to launch other attacks?
Correct
Incorrect
The attacker uses a proxy Trojan horse attack to penetrate one device and then use that device to launch attacks on other devices. The DoS Trojan horse slows or halts network traffic. The FTP trojan horse enables unauthorized file transfer services when port 21 has been compromised. A data-sending Trojan horse transmits data back to the hacker that could include passwords.
Hint
The attacker uses a proxy Trojan horse attack to penetrate one device and then use that device to launch attacks on other devices. The DoS Trojan horse slows or halts network traffic. The FTP trojan horse enables unauthorized file transfer services when port 21 has been compromised. A data-sending Trojan horse transmits data back to the hacker that could include passwords.
-
Question 9 of 28
9. Question
1 pointsWhy would a rootkit be used by a hacker?
Correct
Incorrect
Hackers use rootkits to avoid detection as well as hide any software installed by the hacker.
Hint
Hackers use rootkits to avoid detection as well as hide any software installed by the hacker.
-
Question 10 of 28
10. Question
1 pointsA senior citizen receives a warning on the computer that states that the operating system registry is corrupt and to click a particular link to repair it. Which type of malware is being used to try to create the perception of a computer threat to the user?
Correct
Incorrect
Scareware is a type of malware that attempts to shock or induce anxiety by creating a perception of a threat. Phishing tries to get the user to divulge some information. A DoS attack tries to disrupt service on a network. Adware usually appears in pop-ups trying to get the user to buy something or to visit a website.
Hint
Scareware is a type of malware that attempts to shock or induce anxiety by creating a perception of a threat. Phishing tries to get the user to divulge some information. A DoS attack tries to disrupt service on a network. Adware usually appears in pop-ups trying to get the user to buy something or to visit a website.
-
Question 11 of 28
11. Question
1 pointsA company pays a significant sum of money to hackers in order to regain control of an email and data server. Which type of security attack was used by the hackers?
Correct
Incorrect
Ransomware involves the hackers preventing user access to the infected and controlled system until the user pays a specified amount.
Hint
Ransomware involves the hackers preventing user access to the infected and controlled system until the user pays a specified amount.
-
Question 12 of 28
12. Question
2 pointsA user is curious about how someone might know a computer has been infected with malware. What are two common malware behaviors? (Choose two.)
Correct
Incorrect
Common symptoms of computers infected with malware:Appearance of files, applications, or desktop icons
Security tools such as antivirus software or firewalls turned off or changed
System crashes
Emails spontaneously sent to others
Modified or missing files
Slow system or browser response
Unfamiliar processes or services running
Unknown TCP or UDP ports open
Connections made to unknown remote devicesHint
Common symptoms of computers infected with malware:Appearance of files, applications, or desktop icons
Security tools such as antivirus software or firewalls turned off or changed
System crashes
Emails spontaneously sent to others
Modified or missing files
Slow system or browser response
Unfamiliar processes or services running
Unknown TCP or UDP ports open
Connections made to unknown remote devices -
Question 13 of 28
13. Question
1 pointsWhat is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?
Correct
Incorrect
Phishing is used by malicious parties who create fraudulent messages that attempt to trick a user into either sharing sensitive information or installing malware.
Hint
Phishing is used by malicious parties who create fraudulent messages that attempt to trick a user into either sharing sensitive information or installing malware.
-
Question 14 of 28
14. Question
1 pointsWhat is the primary goal of a DoS attack?
Correct
Incorrect
A denial of service (DoS) attack attempts to overwhelm a system or process by sending large amounts of data or requests to the target. The goal is to keep the system so overwhelmed handling false requests that it is unable to respond to legitimate ones.
Hint
A denial of service (DoS) attack attempts to overwhelm a system or process by sending large amounts of data or requests to the target. The goal is to keep the system so overwhelmed handling false requests that it is unable to respond to legitimate ones.
-
Question 15 of 28
15. Question
1 pointsWhat causes a buffer overflow?
Correct
Incorrect
By sending too much data to a specific area of memory, adjacent memory locations are overwritten, which causes a security issue because the program in the overwritten memory location is affected.
Hint
By sending too much data to a specific area of memory, adjacent memory locations are overwritten, which causes a security issue because the program in the overwritten memory location is affected.
-
Question 16 of 28
16. Question
2 pointsWhat are two purposes of launching a reconnaissance attack on a network? (Choose two.)
Correct
Incorrect
Gathering information about a network and scanning for access is a reconnaissance attack. Preventing other users from accessing a system is a denial of service attack. Attempting to retrieve and modify data, and attempting to escalate access privileges are types of access attacks.
Hint
Gathering information about a network and scanning for access is a reconnaissance attack. Preventing other users from accessing a system is a denial of service attack. Attempting to retrieve and modify data, and attempting to escalate access privileges are types of access attacks.
-
Question 17 of 28
17. Question
1 pointsWhat is a main purpose of launching an access attack on network systems?
Correct
Incorrect
Gathering information about a network and scanning for access is a reconnaissance attack. Preventing other users from accessing a system is a denial of service attack.
Hint
Gathering information about a network and scanning for access is a reconnaissance attack. Preventing other users from accessing a system is a denial of service attack.
-
Question 18 of 28
18. Question
1 pointsWhich access attack method involves a software program that attempts to discover a system password by the use of an electronic dictionary?
Correct
Incorrect
An access attack tries to affect services that affect entry into accounts, databases, and other sensitive information. Access attacks commonly involve a dictionary ths is used to guess a specific user password. A brute-force access attack would try to access an account via repeated attempts.
Hint
An access attack tries to affect services that affect entry into accounts, databases, and other sensitive information. Access attacks commonly involve a dictionary ths is used to guess a specific user password. A brute-force access attack would try to access an account via repeated attempts.
-
Question 19 of 28
19. Question
1 pointsAn attacker is using a laptop as a rogue access point to capture all network traffic from a targeted user. Which type of attack is this?
Correct
Incorrect
An access attack tries to gain access to a resource using a hijacked account or other means. The five types of access attacks include the following:password – a dictionary is used for repeated login attempts
trust exploitation – uses granted privileges to access unauthorized material
port redirection – uses a compromised internal host to pass traffic through a firewall
man-in-the-middle – an unauthorized device positioned between two legitimate devices in order to redirect or capture traffic
buffer overflow – too much data sent to a memory location that already contains dataHint
An access attack tries to gain access to a resource using a hijacked account or other means. The five types of access attacks include the following:password – a dictionary is used for repeated login attempts
trust exploitation – uses granted privileges to access unauthorized material
port redirection – uses a compromised internal host to pass traffic through a firewall
man-in-the-middle – an unauthorized device positioned between two legitimate devices in order to redirect or capture traffic
buffer overflow – too much data sent to a memory location that already contains data -
Question 20 of 28
20. Question
1 pointsWhat is a ping sweep?
Correct
Incorrect
A ping sweep is a tool that is used during a reconnaissance attack. Other tools that might be used during this type of attack include a ping sweep, port scan, or Internet information query. A reconnaissance attack is used to gather information about a particular network, usually in preparation for another type of network attack.
Hint
A ping sweep is a tool that is used during a reconnaissance attack. Other tools that might be used during this type of attack include a ping sweep, port scan, or Internet information query. A reconnaissance attack is used to gather information about a particular network, usually in preparation for another type of network attack.
-
Question 21 of 28
21. Question
1 pointsIn what way are zombies used in security attacks?
Correct
Incorrect
Zombies are infected computers that make up a botnet. The zombies are used to deploy a distributed denial of service (DDoS) attack.
Hint
Zombies are infected computers that make up a botnet. The zombies are used to deploy a distributed denial of service (DDoS) attack.
-
Question 22 of 28
22. Question
1 pointsWhat is the term used to describe an email that is targeting a specific person employed at a financial institution?
Correct
Incorrect
Spear phishing is a phishing attack customized to reach a specific person or target.
Hint
Spear phishing is a phishing attack customized to reach a specific person or target.
-
Question 23 of 28
23. Question
1 pointsWhat is a botnet?
Correct
Incorrect
One method of executing a DDoS attack involves using a botnet. A botnet builds or purchases a botnet of zombie hosts, which is a group of infected devices. The zombies continue to create more zombies which carry out the DDoS attack.
Hint
One method of executing a DDoS attack involves using a botnet. A botnet builds or purchases a botnet of zombie hosts, which is a group of infected devices. The zombies continue to create more zombies which carry out the DDoS attack.
-
Question 24 of 28
24. Question
2 pointsWhat are two evasion methods used by hackers? (Choose two.)
Correct
Incorrect
The following methods are used by hackers to avoid detection:Encryption and tunneling – hide or scramble the malware content
Resource exhaustion – keep the host device too busy to detect the invasion
Traffic fragmentation – split the malware into multiple packets
Protocol-level misinterpretation – sneak by the firewall
Pivot – use a compromised network device to attempt access to another device
Rootkit – allow the hacker to avoid detection as well as hide software installed by the hackerHint
The following methods are used by hackers to avoid detection:Encryption and tunneling – hide or scramble the malware content
Resource exhaustion – keep the host device too busy to detect the invasion
Traffic fragmentation – split the malware into multiple packets
Protocol-level misinterpretation – sneak by the firewall
Pivot – use a compromised network device to attempt access to another device
Rootkit – allow the hacker to avoid detection as well as hide software installed by the hacker -
Question 25 of 28
25. Question
1 pointsWhich type of security attack would attempt a buffer overflow?
Correct
Incorrect
Denial of service (DoS) attacks attempt to disrupt service on the network by either sending a particular device an overwhelming amount of data so no other devices can access the attacked device or by sending malformed packets.
Hint
Denial of service (DoS) attacks attempt to disrupt service on the network by either sending a particular device an overwhelming amount of data so no other devices can access the attacked device or by sending malformed packets.
-
Question 26 of 28
26. Question
3 pointsWhat are three techniques used in social engineering attacks? (Choose three.)
Correct
Incorrect
Phishing is an attempt to get a user to divulge information. Vishing is a type of phishing that uses voice and the phone system. With pretexting, the hacker lies to the user in an attempt to obtain information.
Hint
Phishing is an attempt to get a user to divulge information. Vishing is a type of phishing that uses voice and the phone system. With pretexting, the hacker lies to the user in an attempt to obtain information.
-
Question 27 of 28
27. Question
4 pointsMatch the security concept to the description.
Sort elements
- risk
- exploit
- vulnerability
- threat
-
the likelihood of undesireable consequences
-
a mechanism used to compromise an asset
-
a weakness in a system
-
a potential danger to an asset
Correct
Incorrect
-
Question 28 of 28
28. Question
3 pointsMatch the network security testing technique with how it is used to test network security. (Not all options are used.)
Sort elements
- used to determine the possible consequences of successful attacks on the network
- used to discover available resources on the network
- used to find weaknesses and misconfigurations on network systems
- used to detect and report changes made to systems
-
penetration testing
-
network scanning
-
vulnerability scanning
Correct
Incorrect