CSCU EXERCISE EXAM
Test Number: 1-50CSCUEXERCISE EXAMQUESTION 1 Smith receives an
email from his bank informing him that it suspects an unauthorized
transaction on his account. To protect his account, the email
advises Smith to click on a link to verify his identity and provide
any missing information in the form. Smith is a victim of:
Website defacement and denial of service Phishing attack.
Cyberterrorism Web application attack
QUESTION 2 Stella needs to buy a gift for her friend on her
birthday. While shopping online, a message from the Internet
Service Provider (ISP) pops-up, which urges Stella to click on the
link to verify or update her account information. Identify the type
of social engineering attack?
Computer-Based Social Engineering.Human-Based Social Engineering
Social Engineering Using SMS Spam Email
QUESTION 3Cyber criminals can use your computer to steal
personal and other important information from you or do some
mischievous activities. John while surfing the Internet gets a
pop-up ad and it takes John to a website that offers a free game
for his computer. What is the best course action for John?Download
the game now, and decide later whether to install on his PC or give
the game to his friend Download the game, install it, as John can
uninstall the game anytime if there is any problem Research about
the game on the Internet and check whether it is safe to download
it or not. Check whether the website is asking for any money. If it
is free, simply download the game
QUESTION 4 Social networking websites such as Facebook and
Twitter allow users to create their own personal webpages and
connect with their relatives and friends. Creating webpages on
social networking sites is fun and exciting. What if, while
creating a website, the user is not careful enough which can pave
way for hackers and other malicious users? Elisha also created her
own webpage on Facebook. She got a message on her wall saying "Hey
Elisha, its ur uncle Tom! Thanks for the invitation - Aunt Michel
is f9 and we both Love ur webpage. Wed love to join ur friend
list!" What does Elisha have to do now?Accept the request Deny the
request. Accept but give access to less information Delete the
webpage
QUESTION 5 It can be convenient to access email and surf the
Internet using a wireless computer. However, wireless networks can
be vulnerable to hackers unless the user takes necessary
precautions. Ronald wants to make an insurance policy and buy some
stock online using his wireless computer. While investing, the
agency requires Ronald to prove his identity and provide a security
token. Using a security token when investing online allows John
to?
Log onto a public computer for a predetermined amount of time
Carry his laptop safely overseas in a commercial airplane Generate
random pass-codes to access his online financial accounts with
added security. Hedge his investment by moving a portion of his
investment into U.S. Securities
QUESTION 6 Pamela uses Internet to chat with her friends, work
on official documents, and bank online. She often gets confused and
could not trust the websites that she is browsing when transferring
money to her daughter. How can she ensure that the data sent
between her computer and the banking website is encrypted? (Select
all that apply)By checking the website link. By reading the terms
and conditions By reading the privacy policies Tiny padlock icon
found at the bottom of a Web site
QUESTION 7 Linda banks online to pay her utilities bills, shop,
etc. Which of the following are application-level encryption
protocols that Linda would most likely use to bank online
safely?
SSL and SET. Verisign and SHA1 READY, SET, and GO PGP, PEM, and
SSL
QUESTION 8 Jeff wants to shop online but is concerned about a
company privacy policy. What online purchase decision aid should he
use?
Shopbot Trust verification site. Business rating site Shopping
portals
QUESTION 9I want to request secure web pages using https://.
What port will I need to open on my firewall to allow these
SSL-encrypted packets to flow?22 53 80 443. QUESTION 10 Susan
spends most of the time on computer working and doing other things.
Susan left her PC connected to Internet idle for some time. An
attacker, although was not able to steal any information, remotely
utilized her PCs processor cycles for some of his computationally
intensive task. Classify the above breach of security?
Disclosure of information Compromising integrity of the PC.
Denial of service attack Buffer overflow attack QUESTION 11 Anne
suspects that her husband is cheating on her. He spends most of his
time on the Internet chatting with a woman. When questioned, he
says she is a good friend and a colleague. On suspicion, Anne
contacted her friend who happened to be a network security
administrator. Upon his instructions, Anne installed a Keylogger
when her husband was away for work. How does a Keylogger can help
Anne to know whether her husband is cheating or not?It captures the
voice communication of her husband Captures the control panel
settings Captures the .pdf (PDF-Printable Document Format) files
and sends them to her as attachments Captures all the keystrokes
that her husband types.
QUESTION 12 Company ABC has various departments that have
developed several private resources that can be accessed using
Internet protocols. The company ABC now wants to link these
resources together. What type of network is being described
here?Internet Extranet Intranet. Virtual private network
QUESTION 13 Nancy wants to safeguard herself and prevent her
identity from being stolen. What would you recommend her to do
before throwing away items with personal information on them?Write
down the information for the records Shred them or tear them up.
Not necessary to do anything Contact the financial institution and
verify her transactions
QUESTION 14Allen, a front office executive from Atlanta, has
never taken a backup of his system. He is worried about security of
the data in case his system crashes. Which of the following type of
backup will you suggest to Allen if he wants to take a complete
backup of his system?Normal Data Backup. Incremental Data Backups
Differential Data Backup Full Incremental Data Backups
QUESTION 15Sharon recently purchased a new smart phone for
herself. While exploring her phone, she tried to set her mobile
phones Bluetooth security. Sharon wants her phones Bluetooth to be
in default operation mode. Which among the following options Sharon
has to select to keep her mobile in Bluetooths default security
mode?
Non-secure mode. Leaving security up to each application Enforce
link encryption for all traffic Security settings default to a
mobile policy server
QUESTION 16Austin and Stuart are two brothers. Austin works for
a reputed IT firm and sometimes his job requires him to work from
home with his PC connected to the Internet. When Austin is away to
work, his brother Stuart uses his PC. Austin suspected that his
brother browses Internet frequently and watches porn on his PC.
Austin wants to quietly and automatically block all the porn
websites so that his brother does not visit them. What must Austin
do in order to block the porn websites automatically?Install
scanning tool to scan the system Install a firewall that blocks all
porn Install an antivirus software and activate parental
control.Install a keylogger
QUESTION 17Nick received an email promotion stating that he has
won a new car. The email asks him to deposit $40 to the senders
account and provide some credentials. What will be the best course
of action for Nick in this situation?
Give only his social security number and amount Simply delete
the email. Scan the email Forward the mail to FBI for
investigation
QUESTION 18Sandra spends most of the post-office hours chatting
to her friends on Facebook. Recently she came to know regarding a
group on Facebook - Babysitter Goes to Jail after she Uploads This
HORRIBLE Baby Photo Online. Due to curiosity, she joined the group
to know more about it. The facilitator of this group has requested
all its members to raise funds for the innocent babies who are
becoming the victims of brutal harassment. What will you recommend
Sandra, whether to join the group or ignore it?
Quit the Facebook group, it may be a scam. Raise funds for the
babies Just facilitate the group Visit the group regularly
QUESTION 19 Emma purchased a new computer running Windows 7
operating system, with some relatively recent software installed.
Emma wants to disable some unwanted services that are running on
her computer. How does she disable services so that she can disable
the unnecessary programs?
Start -> type "services.msc" in search box and press ENTER to
open the Services window. Start -> All Programs ->
Administrative Tools -> Services Start -> Control Panel ->
Services Start -> All Programs -> Services 20QUESTION 20
Emerson works for a reputed finance corp. and has to travel
frequently to places. His laptop holds critical financial
information related to his clients and other business deals. Laptop
theft may lead to the disclosure of information such as client
names, confidential data, and other financial details related to
the corporate or Internet environment. Which of the following is
recommended in order to protect his laptop from theft?
Encrypt all the data in laptopNever leave the laptop unattended.
Enable GPS tracking in laptop Password protect the login
QUESTION 21Most of the students today spend their time on the
Internet. They share websites with each other using the chat rooms
as users. Some of the innocent kids may fall prey and visit
malicious links sent to them that might either be a kind of trick
to get their personal information or open a web page that is not
secure. Which of the following are the security tips you need to
follow to ensure that you dont fall trap for IM attacks?Save and
open any documents that you accept from your IM contacts Do not
click on the links sent by unknown members in the chat room. You
need to use your personal email ID to register to links that are
sent through IM Do not open files with the extension etc.
QUESTION 22Which among the following exploits peoples tendency
to select weak passwords and uses a list of pre-defined words to
discover the correct passwords?Guessing Brute Forcing Dictionary
Attack. Shoulder Surfing
QUESTION 23Which of the following password will be the
strongest?
qwerty administrator Q!56ra@G. mypassword
QUESTION 24What is the process of encoding information in a way
so that only someone with a key can decode it?
Compression Steganography Systemic variation Encryption.
QUESTION 25John used a tool to create an encrypted value similar
to "b2638eeef37069d0e697f92ae7de46a7" representing an important
file. His network administrator told him that this value will be
different every time there is a change in the file. What is John
generating in order to check the integrity of the file?Encryption
algorithm Hash value. Encryption value Decryption value QUESTION
26
The screen below appears while you are browsing the Internet.
What is the most appropriate action you will take to keep your
system secure?
You have an out of date browser, as indicated by the message.
You will click Protect PC Now button. You have an out of date
browser, as indicated by the message. You will click Updates button
in the left pane. This is probably a malware attack. You will close
the screen by clicking Close (X) option at the right-top corner of
the screen. This screen doesnt give enough information. You will
click Support link, to receive more informationQUESTION 27Bob wants
to send a short confidential message to Smith, using public key
cryptography. How should Bob achieve that?Bob should encrypt it
with his private key Bob should encrypt it with his public key Bob
should encrypt it with Smiths private key Bob should encrypt it
with Smith's public key.
QUESTION 28Which of the following software programs would enable
an attacker to have a complete control over a victims computer?
Virus Worm Trojan. Keylogger
QUESTION 29Nadal, the industrialist from Norway, was travelling
from his hometown to Zurich for business purpose. On the way his
phone was stolen by a burglar. Which code Nadal may use to
deactivate his phone in order to save his personal as well as
confidential business information stored in his phone?
IMEI code. IEMI code *#07* #*07#
QUESTION 30If you ever receive an unsolicited telephone call
from someone claiming to need your password, what would you do?
Refuse and report immediately. Write the password on a piece of
paper, put it in an envelope and send it by mail Tell him/her the
password and change it the following day Send him/her the password
via email
QUESTION 31Which command is Jason running?netstat a netstat b.
netstat e portstat b
Jason is skeptical of the security of his Internet connection.
He suspects that his system is infected with some Trojan which
connects to a remote attacker and sends sensitive data. On
recommendation of one of his friend who is a network administrator,
Jason runs a Windows command to find open ports, services, and
applications associated with these services. On running the command
from the command prompt, Jason gets following screen:
QUESTION 32Which of the following attack uses a highly
directional antenna and a laptop to establish connections with
Bluetooth-enabled devices from over a half-mile away?Bluesniping.
Bluejacking Fuzzing attack Bluesnarfing
QUESTION 33The North Carolina based healthcare company stored
medical data of customers without implementing proper information
security controls which led to the disclosure of medical records of
hundreds of its customers. Which of the following act can be
invoked against the company?
HIPAA. FERPA PCI DSS AAPIE QUESTION 34
The following diagram shows a network device that is used for
connecting the modem to the network and determining the next
network point to which a packet should be forwarded. This device
can access the address of a network layer and can have incorporated
software that helps it identify the possible paths between the
addresses and the appropriate channels to transmit data.
Identify the device.Hub NICs Modem Router.
QUESTION 35The advanced encryption standard (AES) is an iterated
symmetric block cipher defined in FIPS, which means that it works
by repeating the same defined steps multiple times. What key length
does AES not support?
128-bit 512-bit. 256-bit 192-bit
QUESTION 36Your IP address can link your Internet activities
directly to you; it can be used to find your name and location. So
protecting your Online Identity is a must, thus Anonymous Web
Surfing and the ability to hide your IP address are mandatory in
order to ensure a high level of online protection. Which of the
following is an IP Address Hiding Tool?
TOR. Hider IP Anonymous Use My IP
QUESTION 37Which of the following will help prevent
unauthenticated access to the wireless network?
HTTP and VPN VPN and Ipsec. HTTP and WEP IPsec and HTTP
QUESTION 38What does a user do if he does not want everyone on
the network to access his shared disk or folder?Create a hidden
share by adding a percentage sign (%) to the end of the share name
Create a hidden share by adding a dollar sign ($) to the start of
the share name Create a hidden share by adding a dollar sign ($) to
the end of the share name. Create a hidden share by adding a
percentage sign (%) to the start of the share name
QUESTION 39Secure Sockets Layer (SSL) is the standard security
technology used to create a secure communication channel between a
server and a client. SSL insures that:
All information transmitted between the web server and the
browser is sent via a third party service provider All information
transmitted between the web server and the browser is encrypted.
All information transmitted between the web server and the browser
is verified by a certificate authority Both B & C
QUESTION 40Jason calls a companys help desk and says he has
forgotten his password. He adds that if he misses the deadline on a
big advertising project, his boss might fire him. What exactly is
Jason trying to do?Make friends with the help desk executive Using
social engineering to extract information from the help desk
executive. Trying to hack the password Trying to create a social
network
QUESTION 41Identify the authorities represented by A, B, and C
in a digital certificate setup as depicted in following diagram:A -
Registration Authority (RA), B - Validation Authority (VA), C -
Certificate Authority (CA) A - Certificate Authority (CA), B -
Registration Authority (RA), C - Validation Authority (VA) A -
Registration Authority (RA), B - Certificate Authority (CA), C -
Validation Authority (VA). A - Certificate Authority (CA), B -
Validation Authority (VA), C - Registration Authority (RA)
QUESTION 42The following diagram illustrates how a file or
folder can be encrypted in a Windows 7 system.Which native
encryption system Windows 7 uses to secure files?Advanced
Encryption System (AES) Encrypted File System (EFS). Data
Encryption System (DES) Native Encryption System (NES)
QUESTION 43 John, while surfing the web for basic computer
security measures, learnt that all the disk drives should be
formatted with the NTFS file system. He checked his system and
discovered that his D: drive is formatted with the FAT file system.
Which of the following command John can use to convert the drive
from FAT to NTFS in a Windows system?
convert D: /convert fat ntfs convert D: /fs:ntfs. convert D:
/fs:fat ntfs convert D: /fs:ntfs fat
QUESTION 44Bob holds a credit card from a reputed bank. He used
the card to purchase goods at https://amazon.com, but when the bank
statement was issued, he called the bank and claimed that he never
authorized the transaction. Categorize this fraud?
Credit card mail order fraud Skimming/counterfeit credit card
Chargeback fraud. Card-not-present (CNP) fraud
QUESTION 45Some of the common threats to wireless networks
include eavesdropping, data interception and modification,
denial-of-service, spoofing, etc. Which one of the following
sentences describes spoofing?An attacker masquerading as a law
enforcement authority to gain access to the wireless network An
attacker using tools to find wireless access points where they can
pick up an SSID broadcast It is an illegitimate technique of
gaining access by masquerading as a legitimate user. D. An attacker
shutting down the access points by jamming the radio waves
QUESTION 46Which of the following is true considering E-mail
threats?Phishing mails lure victims to provide personal data. In
hoax mail, the user may receive spam mails that contain malware,
allowing attackers to take control of the user's computer In
spamming, the user may receive threatening emails that contain
false information, insisting that he or she forwards the email Hoax
mail contains attachments that may contain a virus, trojan, worm,
keyloggers, and more; opening such attachments infects the
computer
QUESTION 47Robin frequently uses his credit cards to shop
online. He was shocked looking at his recent credit card statement
as he discovered some entries for items that he never purchased. On
checking with the online shop, he was told that they have not done
it and it might have crept in due to some security problems in
credit card processing. Which of the following standards will help
Robin to resolve this issue?HIPAA FEMA PCI DSS. FERPA
QUESTION 48Which of the following attack involves anonymously
sending an electronic business card or photo to another Bluetooth
user?
Bluesniping Bluejacking. Fuzzing attack Bluesnarfing
QUESTION 49http://www.experian.com, http://www.equifax.com, and
http://www.transunion.com are examples of credit reporting
agencies. You should contact these agencies if suspect that your
identity is stolen. These agencies will help you in:
Investigating who has stolen the identity Recovering your loss
out of identity theft Protecting from losses due to identity theft.
Creating a new identity for youQUESTION 50An attack that is
intended to severely limit access to network resources, Internet,
or other services is commonly referred to as:Phishing Spoofing
Denial of service. Buffer overflow
GOOD LUCK
