Cybersecurity Plus Bootcamp Module 13 Quiz

A user’s workstation displays a message stating all files are encrypted and demands anonymous payment for recovery. What type of malware is this?

True or False: Modern antivirus products only detect viruses and Trojans.

Which statement best describes the difference between a Trojan and a backdoor?

A webmail account was compromised, and an investigation finds an unknown USB extension device attached to the workstation. What is the likely attack vector?

A process named n0tepad.exe is consuming 80–90% CPU and performing constant small disk reads/writes. What type of malware might you suspect?

Which framework catalogs adversary TTPs (tactics, techniques, and procedures)?

What is an amplification attack?

True or False: Most DoS attacks are distributed because many hosts are needed to overwhelm the target.

Users report slow websites and excessive ads. All systems are using an unauthorized DNS resolver. What is the likely cause?

Multiple failed attempts to read NTDS.DIT from a domain controller were logged. This is likely a precursor to what type of attack?

How does a replay attack work in session hijacking?

You see repeated web requests containing %3C and %3E. Should this be investigated?

You add authentication between a web server and a back-end database. This helps prevent which type of attack?

A log shows a high volume of HTTP 403 Forbidden errors. Which device is likely generating these logs?