Quiz: Security attacks

This week's quiz has a slightly different format. Your goal will be to match the correct term in the left-hand column with its description in the right-hand column.

How to take the quiz:
- After reading the question, click on the answer that you think is correct to go to the whatis.com definition. If the answer you ve chosen is correct, you will see the question text somewhere in the defintion.
OR
- After reading the question, write down the letter of your answer choice on scrap paper. Check your answers by using the answer key at the end of the quiz.

a) white hat b) smurf attack c) honey pot d) pulsing zombie e) Back Orifice f) shoulder surfing g) dumpster diving h) rootkit i) war driving j) bucket brigade k) sandbox l) Blowfish m) anonymous FTP n) brute force o) hacktivism p) chaffing and winnowing q) cracker r) crosstalk s) weenie t) walled garden u) snoop server v) Carnivore

1._____ To prevent this simple, but effective, security attack, experts recommend that you shield paperwork or your keypad from view by using your body or cupping your hand. 2. _____In this kind of attack, an intruder might intercept messages in a public key exchange and then retransmit them, substituting their own public key for the requested one. 3._____ This is a computer whose security has been compromised so that it intermittently carries out a denial-of-service attack on other targeted computers. 4._____ In order to identify security risks, you might want to use one of these to place network interfaces into promiscuous mode -- which allows the system to access all the data in each network packet. 5. _____This is a computer system on the Internet that is expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems. 6. _____Created by a group of hackers called the Cult of the Dead Cow, this Windows application allows someone at one computer to control everything on another, remote computer. 7._____ This denial of service attack sends a ping message addressed to an IP broadcast address. Enough pings and resultant echoes can flood the network and make it unusable for real traffic. 8._____ Because the range of a wireless LAN sometimes extends outside a company's office building, a hacker might try to use this technique to obtain a free Internet connection or gain access to company records and other resources. 9._____ A sophisticated intruder might install this collection of tools on a computer in order to mask his or her presence. 10._____ This kind of attack can be tough to prosecute if the intruder insists that their behavior is the equivalent of a protest and should be protected as a form of free speech.

SCROLL DOWN FOR ANSWER KEY

ANSWER KEY: 1f;2j;3d;4u;5c;6e;7b;8i;9h;10o

BROWSE BY TAG Application and Platform Security,   Application Attacks (Buffer Overflows, Cross-Site Scripting),   Security Awareness Training and Internal Threats,   Information Security Management,   Malware, Viruses, Trojans and Spyware,   Hacker Tools and Techniques: Underground Sites and Hacking Groups,   Web Security Tools and Best Practices,   Web Server Threats and Countermeasures,   Web Application and Web 2.0 Threats,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Application Attacks (Buffer Overflows, Cross-Site Scripting) Adobe warns of critical update for Reader, Acrobat 9.1.3 9 Ways to Improve Application Security After an Incident Developers Need Help with Security Errors Buffer overflow tutorial: How to find vulnerabilities, prevent attacks SQL injection protection: A guide on how to prevent and stop attacks Experts rebuke programmers who use SQL injection as feature SANS: Application threats, website flaws pose biggest security threats Mozilla helps Adobe push out faster patches SSH key compromise shuts down Apache website IBM finds sharp spike in malicious content on trusted sites Application Attacks (Buffer Overflows, Cross-Site Scripting) Research Security Awareness Training and Internal Threats Creating a HIPAA employee training program Successful rogue antivirus hinges on social engineering External attacks start with unintentional mistakes, survey finds Security technologies fail to address insider threat management Data breach avoidance begins with security basics, panel says Monitoring program data and internal controls for risk management Software security threats and employee awareness training Twitter risks, Facebook threats trouble security pros Social engineering training could disrupt botnet growth How to write a risk methodology that blends business, security needs Malware, Viruses, Trojans and Spyware Schneier-Ranum Face-Off: Is antivirus dead? Modern malware, stealthy botnets, adapt quickly, expert says Computer worm infections up, scareware antivirus down, Microsoft says Web-based attacks skyrocket, pirating sites surge, security firms say Mini guide: How to remove and prevent Trojans, malware and spyware Kaspersky system analyzes malicious URLs on Twitter for malware Silon malware intercepts Internet Explorer sessions, steals credentials Breach forces payroll service provider PayChoice to shut down again RSA research underscores problem tracking cybercriminals Conficker analysis finds P2P coding limited, less sophisticated

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary buffer overflow  (SearchSecurity.com) cache poisoning  (SearchSecurity.com) cyberterrorism  (SearchSecurity.com) dictionary attack  (SearchSecurity.com) directory harvest attack  (SearchSecurity.com) distributed denial-of-service attack  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) ping of death  (SearchSecurity.com) stack smashing  (SearchSecurity.com) SYN flooding  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary