MULTIPLE CHOICE QUESTIONS (2 points each):
1. The buffer overflow type of attack has been known since it was first widely used by the __________ Worm in 1988. A. Code Red B. Slammer C. Morris Internet D. Alpha One
2. A buffer _________ is a condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting oth-er information. A. overflow B. virus C. trigger D. all of the above
3. A consequence of a buffer overflow error is __________ . A. corruption of data used by the program B. unexpected transfer of control in the program C. possible memory access violation D. all of the above
4. __________ is malware that encrypts the user’s data and demands payment in order to access the key needed to recover the information. A. Trojan horse B. Ransomware C. Crimeware D. Polymorphic 5. A __________ attack is a bot attack on a computer system or network that causes a loss of service to users. A. spam B. phishing C. DDoS D. sniff 6. __________ is the first function in the propagation phase for a network worm. A. Propagating B. Fingerprinting B. Keylogging D. Spear phishing 7. The __________ is what the virus “does”. A. infection mechanism B. trigger C. logic bomb D. payload
8. The __________ is when the virus function is performed. A. dormant phase B. propagation phase C. triggering phase D. execution phase
9. __________ are used to send large volumes of unwanted e-mail. A. Rootkits B. Spammer programs C. Downloaders D. Auto-rooter
10. A __________ is code inserted into malware that lies dormant until a predefined condition, which triggers an unauthorized act, is met. A. logic bomb B. trapdoor C. worm D. Trojan horse
Questions (10 Points) 1. Describe the major security issues with virtual systems.
2. What is the Linux/UNIX security model? How is it built around DAC?
3. Describe four mitigations and the corresponding threat for each mitigation the us-er can configure in Windows 10?