# of participants: 87 / 100 average: 7.03 / 10
Quiz 3 – statistics
The cyber-intelligence team of a software development company named MBI has learned from/on a dark-web forum that one of the most popular MBI’s software products has a vulnerability that is not known to the company and the wider public. The team has also discovered that several weeks ago a hacking group named BlackHatsXYZ used this vulnerability to conduct a smaller-scale cyber-attack on a small non-profit organization.
Copyright By PowCoder代写 加微信 powcoder
Which of the below 5 options would be the most appropriate next-step by MBI company?
1) do nothing, as this vulnerability was exploited only once in a small-scale attack
2) lower the price of the vulnerable software in all future sales
3) try to get in touch with BlackHatsXYZ to learn more about this vulnerability
4) inform the public about this vulnerability
5) inform only the current users of the vulnerable software about this vulnerability
Several weeks ago, a software development company named Boogle had identified a vulnerability in its staple product called Bhrome. The vulnerability CVE number is CVE-2020- xyz. Two days ago, Boogle released a ‘software advisory’ and an appropriate ‘workaround’ for CVE-2020-xyz. A full patch for CVE-2020-xyz is still not available.
This morning, a third-party company named ABC, which deploys Bhrome on most of its workstations, has experienced a cyber attack involving CVE-2020-xyz.
Which of the following would be an appropriate term for this morning’s attack on ABC?
1) zero-day attack
2) post-patch attack
3) third-party attack
4) follow-on attack
Which of the below sentences are NOT correct?
1) It is possible to conduct a DoS attack without the use of malware.
2) Every botnet-based DDoS attack involves the use of malware.
4) In terms of its intensity, a DoS attack can be as powerful as a DDoS attack.
3) DDoS attacks always involve the use of malware.
Which of the following types of ‘spoofing’ is used by hackers to make their web-bots more likely to enter web-sites strictly intended for human users/visitors?
1) IP spoofing
2) email spoofing
3) referrer spoofing
4) user-agent spoofing
Which of the following is not correct about ‘wireless sniffing’. 1) relatively easy to set-up / conduct
2) very difficult to detect
4) all of the above is correct about wireless sniffing
“We recommend a minimum of 10 dB, but 20 dB or more is the best.”
Can be defended against:
1) physical security (only authorized users allowed within signal’s reach and/or limit the signal’s reach)
2) encryption – signal/data can be captured but impossible to extract the content/information
3) impossible to defend against
https://interline.pl/Information-and-Tips/FRESNEL-ZONE-LOSS
The WiFi-blocking wallpaper uses a triangular snowflake-patterned mesh to filter out selected frequencies.
Copper Mesh – Electromagnetic Shielding & Electromagnetic Radiation Protection
https://www.copper-mesh.com/coppermesh/copper- shielding-mesh.html
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com