Ashura Unstopable Posts: 370
| lol aight here we go:
Quote: | Are You a Security Wizard?” Quiz Goals: To broaden the security awareness of Agnitum site visitors with a lively and entertaining quiz. The quiz also serves to give visitors a way to quantify their security expertise. Depending on their final score, participants will get one of three different images to place on their web pages to indicate their level of expertise. Scoring system: There are 15 questions in the quiz. These questions are divided into three groups of increasing difficulty. The first five questions are relatively easy; correct answers to each of these questions are worth 1 point. Questions 6 to 10 are moderately difficult, and are worth 2 points for each correct answer. The final 5 questions are the hardest and are worth 3 points for each correct answer. The final score is the total number of points gained for the entire quiz; these scores translate to the following ratings: Wimp Warlock Wizard 0-10 points 11-24 points 25-30 points Questions and correct answers See below for a list of questions and corresponding correct answers. Group 1. 5 questions, each worth 1 point (maximum score: 5 points) question 1: Software firewall is a program designed to: answer choices: 1. Monitor network connections, control programs’ Internet activity and shield a computer from remote intruders and unwanted data. Increase throughput of the current connection, optimize traffic and boost file download speeds. 2. Improve reliability of data transfer and recover lost packets. 3. Automate the procedure of managing access configuration and dynamically assign IP addresses 4. for the joining hosts. correct answer: 1 notes on the correct answer: This is exactly what software firewall is designed to do. The other answers represent different network management tasks. question 2: The term “hacker” refers to people who: answer choices: 1. Attempt to get unauthorized access to the target computer or restricted data and view, compromise or exploit its contents. Send spam and phishing and receive commission payments from advertisers. 2. Write spyware that delivers advertising banners and unwanted pop-ups. 3. Create an illegal marketplace for stolen credit cards. 4. correct answer: 1 notes on the correct answer: This is the most precise description of a hacker in today’s world. The term hacker can also be used to refer to a person who is an expert in his/her field. question 3: What most precisely characterizes a computer virus? answer choices: 1. A program that replicates by appending a piece of its code to an otherwise harmless executable file. A file that instructs your computer to reboot following installation and adds its entry to the “Run” 2. thread of the Windows Registry. A program that hides itself on a system and memorizes entered passwords which it later 3. transfers to the perpetrator. A text file placed locally without your consent that records history of your browsing sessions for 4. the purpose of customizing appearance and speeding up future access. answer: 1 Choice 2) could be notes on the correct answer: This is the classic definition of a computer virus. Choice 3) characteristic of any kind of malware, but would typically be a Trojan with rootkit functionality Choice 4) denotes a tracking cookie. describes a keylogger question 4: Security updates are needed to: answer choices: 1. Mitigate flaws in installed programs and host OS to resolve vulnerabilities. Improve program design and functionality. 2. Make programs easier to use. 3. To boost vendors’ profits. 4. correct answer: 1 Choice 4) is also correct, notes on the correct answer: Although many people will probably say that Choice 1) is correct because vendors do usually issue security we were just having a little joke there. updates to fix security-related issues in their software. question 5: Antivirus is a program that: answer choices: 1. Will remove all kinds of malicious programs that exist. Removes only select categories of malware, depending upon how successfully it can identify any 2. given threat. Will roll back all changes made since the activation of malware, or prevent the activation in the 3. first place to ensure total invincibility. Can be updated via Windows Update in order to obtain new signature definitions. 4. correct answer: 2 notes on the correct answer: This answer most closely describes what an antivirus would do. No security solution can remove all threats, and in order to correctly identify a threat the antivirus would Choice 3) is plausible, but: often need to know about it in advance through signature updates. It’s quite unlikely that your antivirus software can remediate all problems caused as a result of malware activity (malware can format your hard drive, steal important documents or communicate personal passwords to its originators). Anti-viruses are not designed or are barely capable of fixing problems (e.g. clean files by carving out embedded malicious code, restore network connectivity, roll back configuration changes made by the virus, etc.), but are sort of more “removal and disinfection” – oriented solutions. Data backup solutions can help in case you want to undo the severe changes and return the computer back to its operational state. Choice 1), antiviruses cannot defend against the entire range of threats, nor are they fully Similar to capable of preventing the activation of every type of malware observed on the Internet. Choice 4) refers to another kind of update. Windows Update is a Windows-included service that updates the operating system and its internal software to reflect latest security and design changes. This service rd party security programs updates. Such products need to be updated separately is not responsible for 3 through the dedicated mechanism. Refer to your product manual for more information concerning updates. Group 2. 5 questions, each worth 2 points (maximum score: 10 points) question 6: Which of the following might be the consequence of botnet activity? answer choices: 1. Your computer will be commandeered and used clandestinely to send spam and attack others. Your machine will act as a server by running backdoor software that accepts remote connections. 2. Part of your Internet bandwidth will be hijacked and used to funnel malicious traffic. 3. All of the above 4. correct answer: 4 notes on the correct answer: Once a computer has been incorporated into a ‘botnet army’, it can be used however the controller of the botnet wants. question 7: Which of the following would not be considered spyware? answer choices: 1. A malicious program that replicates by sending a copy of itself to all the contacts listed in a person’s address book. A program that modifies web browser settings such as the default search engine, startup page, 2. and adds custom entries to the Favorites menu. A keylogger that uses the technique of kernel modification to hide its presence on a system and 3. intercept user keystrokes. All of the above. 4. correct answer: 1 notes on the correct answer: This answer is descriptive of an email worm, which is usually classified with viruses rather than spyware. question 8: What is the principal drawback of modern antiviruses? answer choices: 1. Reliance on antivirus signatures and immature Heuristics-based detection capabilities. High price and the absence of free telephone support. 2. Sometimes false positives may occur, necessitating manual restoration of an erroneously 3. removed object from the quarantine location. High memory, CPU and hard disk utilization. 4. correct answer: 1 Reliance on antivirus signatures and immature Heuristics- notes on the correct answer: The answer is what really dogs the antivirus industry today because it’s impossible to based detection capabilities identify, and hence, protect from, all threats by employing a signature analysis only. Matching a possible threat against a fingerprint is the dominating approach all antiviruses take; and it has some weaknesses when threats are new (zero-day) or quite obscure. Other threat detection capabilities such as analyzing possible mutations of a threat or its future behavior (aka Heuristics) are still underdeveloped and immature. Other answer choices are irrelevant. question 9: A friend has sent you a link to an *.exe file with an invitation to run it. He/she is not online right now so you can’t check in with them. What should you do? answer choices: 1. Trust my friend and click on the link. Save the file and run a virus scan on it. If the file is clean, it’s probably ok to run it. 2. Never open the link, even if it’s from my friend. 3. Trust your firewall to block the file if it’s malicious. 4. correct answer: 2 The answer Choice 2) is correct. Let’s consider other choices to learn notes on the correct answer: why these are not: Choice 1): It’s risky to run executables downloaded from the internet even if they appear to come from a person you trust. Chances are it was not your friend who actually sent you the link but rather malware that impersonated your friend or used his/her credentials to spread via email or Instant Messaging. Never open executables obtained from the Internet without first checking them with an antivirus, or a combination of antimalware tools, for better diversity. Choice 3): Why not open a link if all precautions are met, chances are it’s quite harmless. But before doing so, verify that the link belongs to a trusted source. If you see the link pointing to, for example, http://www.agnitum.com/download/OutpostSecuritySuiteProInstall.exe, you may rest assured that it’s perfectly benign. But, of course, if you spot a link that has some suspicious connotations, you may never want to download it. Never run files obtained from the dubious sources! Important to understand in this context is that downloading a malicious file won’t cause the infection, whereas opening it will certainly do. Choice 4): The measures listed are not enough to block malware threat if the executable is launched. You should be mindful not to let malware activate in the first place. question 10: It’s December 20th and you have just received an email from your bank asking you to confirm your online activities by logging on to your account within a week. What is the best course of action to take? answer choices: 1. If possible, call your bank to confirm or otherwise the authenticity of the email. If you can’t reach your bank, don’t click the link but visit your account by manually entering the url of your bank (as you know it) into your browser. Follow the link provided in the email and enter your login information - after all the email has 2. your bank’s logo and looks legitimate. Setup my antispam software to automatically purge messages received from people not listed in 3. my contacts. I know it’s phishing, so I’ll just put false information in to fool the hackers. If it’s not my 4. information, they can’t do anything to harm me. correct answer: 1 Choice 1) is the right way to act. Other choices can either notes on the correct answer: The answer lead to ID compromise, drive-by-download of malware or you might just miss a valid message that somebody wanted to convey to you. Let’s quickly walk through these options: Choice 2): Responding to such emails by doing what they solicit is really dangerous because of the . Never provide any information to letters asking financial details, login phishing threat. Read more here data or other sensitive information. Remember that legitimate organizations will almost never contact you through email to confirm anything. Choice 3) is plausible but not the best choice here. If you setup your email filter that way, you might miss valid or important messages from someone you don’t know (e.g. prospect client, someone who has seen your post on a forum and wanted to contact you, etc.) Choice 4). This choice is plausible but you can become a victim of drive-by (silent) malware activation if you happen to visit a malware-containing site that exploits unpatched vulnerabilities in your web browser software. Group 3. 5 questions, each worth 3 points (maximum score: 15 points) question 11: Which of the following activities could you probably do safely without fear of a malware infection? answer choices: 1. Running a screensaver downloaded from the Internet without first checking it for viruses. Not keeping up to date with Word security patches and then double-clicking on a document that 2. claims to come from someone you know. Allowing Outlook Express to download and display graphics included in html emails 3. None of the above 4. correct answer: 4 notes on the correct answer: Any of the first three activities could enable malware to get onto your system. Always keep up to date on patches, scan all downloads, and run a firewall at all times. question 12: You’re in a hotel room accessing the Internet through a WiFi connection. How can you best protect your connection? answer choices: 1. A personal firewall on your system plus WPA encryption of the wireless signal. Internet security software and WEP2 encryption. 2. Assurance that the hotel’s gateway is being protected with HIPS and a hardware firewall. 3. All of the above. 4. correct answer: 1 notes on the correct answer: The key issue with WiFi security is to protect the signal with strong encryption. WPA is stronger than WEP2. And relying for security on something you can’t check for yourself is never a safe solution. question 13: Why might you install a Host-based Intrusion Prevention Solution (HIPS) on your personal computer? answer choices: 1. To monitor and control how programs are permitted to interact with each other and the host OS. To prevent the activation of unsigned device drivers on your system. 2. To monitor broadcast packets and prevent ARP spoofing. 3. To prevent malware from infecting the Windows XP 64-bit kernel. 4. correct answer: 1 notes on the correct answer: This is the most accurate description of the functionality of Host-based Intrusion Prevention Solutions. question 14: How do you decrease the susceptibility of your computer to malware attacks? answer choices: 1. Perform incremental backups of your system. Set File and Printer Sharing permissions to only apply to hosts within your subnet. 2. Work under the Restricted User account. 3. Use encryption and have antispam automatically delete messages arriving from unknown 4. senders. correct answer: 3 Choice 3) is the correct answer because by lowering user rights from notes on the correct answer: Administrators to Restricted Users makes it harder for malware to access or modify different settings in installed software or the host Operating System. Restricted User account puts your system in a tighter environment with limited privileges granted to programs, thus limiting the scope of actions malware is allowed to do. Restricted Users, for instance, are prohibited from installing software, making system-wide modifications and elevating software privileges to the level of Administrator. Other choices won’t help against malware-related risks. question 15: Which of the following commands typed into the “Run” menu of Windows XP will NOT help you find out and configure which programs are allowed to be auto-started on a system answer choices: 1. “Services.msc” “IPconfig.exe/all” 2. “Regedit”.exe 3. “Msconfig.exe” 4. correct answer: 2 notes on the correct answer: The answer - “IPconfig.exe/all” is a command that will reveal your network configuration, not the auto-started entries. Other choices will list programs/drivers/services that will be autostarted on your XP machine, in one way or another. Spread the word! We hope you’ve found our quiz challenging and entertaining - maybe you even learned something from it? Why not challenge your friends now and see what their security ratings are! You’ll find an invitation | last 8 questions are just alot of bs
|