Chap4_1ABCD

Name: ID:

Email:

Chap4_1ABCD

Multiple Choice
Identify the choice that best completes the statement or answers the question.

(1 point) A school network uses one computer to automatically assign IP addresses to student laptops. What type of computing device is this most likely acting as?

a.	Server computer	c.	Handheld computer
b.	Personal computer	d.	Embedded computer

(1 point) Which service is MOST likely provided by a server computer in an enterprise network?

a.	DNS name resolution for clients
b.	Touchscreen input for a tablet
c.	Heart-rate tracking on a smart watch
d.	Temperature control inside a coffee maker

(1 point) A company moves its file storage to a machine with extra storage and processing power so many employees can access shared files. Which device type best fits this role?

a.	Server computer	c.	Embedded computer
b.	Handheld computer	d.	Gaming console only

(1 point) Which statement best describes why enterprise servers often differ from a typical home computer?

a.	They usually have more processing power and storage to support many users and services
b.	They always run on battery power to stay portable
c.	They are designed for only one user at a time
d.	They have minimal storage and run a single instruction set

(1 point) A student writes: â€œAny computer can be a server.â€ Which example best supports this statement?

a.	A desktop computer running a small web server for a club website
b.	A smart thermostat controlling home temperature
c.	A smart watch counting steps
d.	A circuit breaker controller in a substation

(1 point) Which device is the BEST example of a personal computer?

a.	Laptop used for word processing and web browsing
b.	IV pump delivering medication
c.	Smart thermostat controlling HVAC
d.	Smart watch tracking heart rate

(1 point) A student edits videos and designs graphics on a desktop at home. Which type of device is this?

a.	Personal computer	c.	Embedded computer
b.	Server computer	d.	Network switch

(1 point) Which task is MOST commonly associated with personal computers?

a.	Media production and viewing
b.	Operating circuit breakers at a substation
c.	Controlling insulin delivery
d.	Running fixed instructions inside a washing machine

(1 point) A company gives each employee a notebook computer for individual work tasks like email and spreadsheets. These devices are best categorized as:

a.	Personal computers	c.	Servers only
b.	Embedded computers	d.	Programmable logic controllers

10.

(1 point) In a risk log, you list â€œpersonal computer used by one employee for web browsing.â€ Which description is MOST accurate for documenting the device type?

a.	A device designed for one person for work or recreation, such as a desktop or laptop
b.	A device with minimal storage that runs a single instruction set
c.	A battery-powered device with a small form factor, like a phone
d.	A device whose main job is to provide services like DNS or DHCP

11.

(1 point) Which device is the BEST example of a handheld computer?

a.	Smartphone	c.	Desktop workstation
b.	Rack-mounted DNS server	d.	Water treatment pump controller

12.

(1 point) A device has a small form factor, runs on battery power, and has less storage than a laptop. What type of computing device is it most likely?

a.	Handheld computer	c.	Embedded computer
b.	Server computer	d.	Firewall appliance

13.

(1 point) Wearable technology like a smart watch is typically categorized as which device type?

a.	Handheld computer	c.	Embedded computer
b.	Server computer	d.	Mainframe computer

14.

(1 point) Why might handheld computers be at higher risk of loss or theft than desktop computers?

a.	They are portable and designed for mobility
b.	They are fixed inside machines and hard to remove
c.	They are stored in locked server racks
d.	They require three-phase power supplies

15.

(1 point) A risk entry says: â€œMobile device used offsite; battery-powered; limited storage.â€ Which device category should you document?

a.	Handheld computer (mobile information appliance)
b.	Server computer
c.	Embedded computer
d.	Personal computer only

16.

(1 point) A smart thermostat has a micro-computer that controls temperature and connects to Wiâ€‘Fi. What type of computing device is it?

a.	Embedded computer (IoT device)	c.	Personal computer
b.	Handheld computer	d.	Server computer

17.

(1 point) Which characteristic best distinguishes embedded computers from general-purpose computers?

a.	They use specific instruction sets to interface with specialized machine components
b.	They always have more storage than laptops
c.	They are primarily designed for media production
d.	They must run desktop operating systems

18.

(1 point) A hospital uses an IV pump that contains a micro-computer to control medication flow. This is an example of a(n):

a.	Embedded computer	c.	Personal computer
b.	Handheld computer	d.	Network server

19.

(1 point) Why are embedded computers often slower and cheaper than other computing devices?

a.	They are built for specific tasks and typically have minimal storage and simpler hardware
b.	They must support thousands of users at once
c.	They require high-end graphics processors
d.	They include large SSD arrays by default

20.

(1 point) A controller that operates circuit breakers at an electrical substation is best categorized as:

a.	Embedded computer used in critical infrastructure
b.	Handheld computer used for mobility
c.	Personal computer used by one user
d.	Server computer providing DHCP

21.

(1 point) In a security report, you describe â€œcoffee maker with a micro-computer and Wiâ€‘Fi.â€ Which wording most accurately documents the device type?

a.	An embedded computer; an everyday IoT device with a specialized function
b.	A handheld computer; a portable information appliance
c.	A server computer; provides services like DNS
d.	A personal computer; designed for one personâ€™s work tasks

22.

(1 point) A deviceâ€™s main job is to provide FTP file transfer services to many clients. Which device category best matches?

a.	Server computer	c.	Handheld computer
b.	Personal computer	d.	Embedded computer

23.

(1 point) Which pair of devices are BOTH typically handheld computers?

a.	Tablet and smartphone
b.	Desktop and DNS server
c.	Smart thermostat and washing machine controller
d.	IV pump and circuit breaker controller

24.

(1 point) A notebook computer used by one employee to create documents is best described as a:

a.	Personal computer	c.	Embedded computer
b.	Server computer	d.	Network sensor

25.

(1 point) An employee downloads a "Quarterly_Bonus.xlsx.exe" file and double-clicks it. Right after opening it, the computer starts deleting files and spreading copies of the same file to shared folders. What type of malware is MOST likely involved?

a.	Virus	c.	Rootkit
b.	Worm	d.	Logic bomb

26.

(1 point) A student opens an email attachment labeled "ClassRoster.pdf". After the file is opened, a malicious program begins running and modifies other files on the laptop. Which type of malware best matches this behavior?

a.	Virus	c.	Fileless malware
b.	Spyware	d.	Ransomware

27.

(1 point) A help desk report says the malware did not run until the user executed the downloaded installer. Which malware type is most consistent with requiring user execution to activate?

a.	Virus	c.	Rootkit
b.	Worm	d.	Hardware keylogger

28.

(1 point) A company notices dozens of computers becoming infected within minutes, even on machines where no one opened any suspicious files. The malware spreads automatically through the network. What type of malware is MOST likely?

a.	Worm	c.	Trojan
b.	Virus	d.	Logic bomb

29.

(1 point) A security analyst finds that the malware copied itself to other hosts using a network vulnerability, without requiring a user to click anything. Which malware type best fits this description?

a.	Worm	c.	Spyware
b.	Ransomware	d.	Keylogger

30.

(1 point) Log note: "Infection spread to new computers with no user action." What malware type should be documented?

a.	Worm	c.	Trojan
b.	Virus	d.	Rootkit

31.

(1 point) A "free" game mod installs normally, but it secretly opens a backdoor that lets an attacker control the computer from far away. What type of malware is MOST likely?

a.	Remote access trojan (RAT)	c.	Ransomware
b.	Worm	d.	Logic bomb

32.

(1 point) A fake antivirus program looks harmless and claims to speed up the PC, but it was hiding malicious code inside the installer. What type of malware is MOST likely?

a.	Trojan	c.	Worm
b.	Virus	d.	Rootkit

33.

(1 point) A user installs a "printer driver" from an untrusted site. The software works, but it also secretly sends commands to a remote attacker who can browse files and run programs. Which malware type best matches this?

a.	Remote access trojan (RAT)	c.	Ransomware
b.	Spyware	d.	Hardware keylogger

34.

(1 point) Incident summary: "Malware was hidden inside software that appeared harmless." Which type should be recorded in the report?

a.	Trojan	c.	Logic bomb
b.	Worm	d.	Fileless malware

35.

(1 point) A computer suddenly shows a message: "Your files have been encrypted. Pay within 72 hours to get the decryption key." What type of malware is MOST likely involved?

a.	Ransomware	c.	Trojan
b.	Spyware	d.	Rootkit

36.

(1 point) A hospital workstation cannot open patient records, and file names now end in ".locked". The screen demands payment to restore access. What malware type best fits?

a.	Ransomware	c.	Logic bomb
b.	Worm	d.	Keylogger

37.

(1 point) Which malware type is most strongly associated with encrypting files to deny access until payment is made?

a.	Ransomware	c.	Spyware
b.	Virus	d.	Trojan

38.

(1 point) A browser toolbar was installed without permission. After that, the computer began tracking websites visited and sending the browsing history to an unknown server. What type of malware is MOST likely?

a.	Spyware	c.	Worm
b.	Ransomware	d.	Logic bomb

39.

(1 point) A studentâ€™s laptop starts showing targeted ads, and security tools reveal a program collecting user activity and reporting it back to an attacker. Which malware type best matches?

a.	Spyware	c.	Virus
b.	Rootkit	d.	Hardware keylogger

40.

(1 point) Report entry: "Software monitored user actions and sent the information to the adversary." Which malware type should be documented?

a.	Spyware	c.	Worm
b.	Trojan	d.	Ransomware

41.

(1 point) After an incident, an organization finds stolen usernames and passwords. Investigation shows a program recorded every keystroke and sent the logs to an attacker. What type of malware is MOST likely?

a.	Keylogger	c.	Ransomware
b.	Spyware	d.	Rootkit

42.

(1 point) A small device was discovered plugged between the keyboard cable and the desktop computer. It captured typed data over time. What type of malware/tool is this?

a.	Hardware keylogger	c.	Worm
b.	Virus	d.	Logic bomb

43.

(1 point) Which type of malware is specifically designed to record what a user types to capture credentials?

a.	Keylogger	c.	Ransomware
b.	Trojan	d.	Worm

44.

(1 point) A contractor wrote code that deletes key files only on the first day after they are fired. The damage occurs only when that condition is met. What type of malware is MOST likely?

a.	Logic bomb	c.	Spyware
b.	Worm	d.	Ransomware

45.

(1 point) A malicious program stays inactive for months and triggers when the system date reaches July 1, causing services to stop. Which malware type best matches this behavior?

a.	Logic bomb	c.	Trojan
b.	Virus	d.	Rootkit

46.

(1 point) Documentation note: "Attack triggered only after specific conditions (time/date) were met." Which malware type is this?

a.	Logic bomb	c.	Spyware
b.	Ransomware	d.	Worm

47.

(1 point) An attacker gains deep control of a deviceâ€™s operating system and hides malicious processes so security tools cannot see them. Which malware type is MOST likely?

a.	Rootkit	c.	Worm
b.	Virus	d.	Ransomware

48.

(1 point) A security team notices system settings being changed, but scans keep coming back clean. They later learn malware was designed to be invisible and control the OS. What type of malware best fits?

a.	Rootkit	c.	Spyware
b.	Trojan	d.	Logic bomb

49.

(1 point) A school laptop has not installed operating system updates for a year. An attacker finds a published exploit for that OS version and uses it to turn on the webcam without permission. Which vulnerability is the attacker exploiting?

a.	Unpatched software with known vulnerabilities
b.	Strong MFA on the user account
c.	A locked BIOS/UEFI password
d.	A properly configured firewall blocking inbound traffic

50.

(1 point) A companyâ€™s file server crashes repeatedly after an attacker sends a crafted request that targets a known bug in the server software. Which explanation best fits how the attacker caused the disruption?

a.	They used an exploit for an unpatched software vulnerability to crash the system
b.	They guessed the administrator password using social engineering
c.	They used BIOS recovery mode to change user profiles
d.	They relied on anti-malware software to delete the serverâ€™s files

51.

(1 point) A help desk report shows an attacker remotely executed commands on a workstation after exploiting an older browser plugin vulnerability. What is the most likely impact of leaving the plugin unpatched?

a.	An attacker can take control and issue commands to steal or destroy data
b.	The device becomes immune to malware from external drives
c.	Open ports automatically close on the device
d.	The firewall updates itself even if misconfigured

52.

(1 point) A risk log notes: "Legacy OS not patched; published exploit could allow remote command execution." Which impact should be documented as most plausible?

a.	Loss of data confidentiality and potential device control
b.	Guaranteed prevention of all social engineering attacks
c.	Automatic encryption of all device files
d.	Elimination of all open network ports

53.

(1 point) An employee uses the password "Welcome123" for multiple accounts. An attacker tries common passwords and successfully logs in. Which vulnerability did the attacker exploit?

a.	Weak authentication requirements that allow password guessing
b.	A patched operating system
c.	A disabled autorun setting
d.	A BIOS password that blocks recovery mode

54.

(1 point) A student gets a call from someone claiming to be IT support and asks for their login to "fix Wiâ€‘Fi." The student shares it, and the attacker logs in. Which best explains how the attacker gained access?

a.	Social engineering to obtain a password
b.	A rootkit installed through autorun
c.	A firewall rule that allowed only HTTPS
d.	A BIOS password preventing boot changes

55.

(1 point) A small business has no MFA and allows short passwords. Which outcome best explains the risk of this configuration?

a.	Attackers can guess or steal passwords and access the device or data
b.	Attackers cannot exploit software bugs without physical access
c.	All open ports are automatically blocked
d.	Anti-malware will prevent any unauthorized login

56.

(1 point) A risk assessment states: "No MFA; simple passwords; users frequently fall for phishing." Which impact is most likely if exploited?

a.	Unauthorized access that can lead to data theft or service disruption
b.	Guaranteed device encryption that stops all attacks
c.	Reduced need for software updates
d.	Automatic closing of all device ports

57.

(1 point) A laptop has no BIOS/UEFI password. An attacker steals it and boots into recovery mode to reset the local admin password. Which vulnerability enabled this?

a.	Missing BIOS/UEFI protection allowing elevated access via recovery mode
b.	Disabled USB ports preventing external access
c.	Fully patched operating system
d.	A stateful firewall blocking inbound traffic

58.

(1 point) A lab desktop has no BIOS password and allows booting from USB. An attacker boots a custom OS from a flash drive and copies files from the internal drive. How did the attacker bypass normal login protections?

a.	By booting an external OS using unprotected BIOS/UEFI settings
b.	By using MAC address spoofing on the network
c.	By encrypting the files with ransomware
d.	By enabling WPA3 on the wireless network

59.

(1 point) Which weakness best explains why a thief could load their own operating system and create a new user account on a stolen device?

a.	No BIOS/UEFI password and boot settings allow external boot
b.	The device had updated antivirus signatures
c.	The device used strong wireless encryption
d.	The firewall blocked all inbound traffic

60.

(1 point) An organization documents: "Workstations can boot from external media; BIOS password not set." Which impact should be recorded as most likely?

a.	Attackers could alter user accounts or steal data by booting into recovery/external OS
b.	Attackers cannot access the device without knowing the Wiâ€‘Fi SSID
c.	Attackers can only cause jamming attacks
d.	Attackers are prevented from copying any files

61.

(1 point) A user plugs in a USB drive they found in a parking lot. Malware runs automatically and installs a backdoor. Which setting made the device more vulnerable?

a.	Autorun enabled for external drives
b.	Firewall configured to block unused ports
c.	BIOS/UEFI password set
d.	Operating system fully patched

62.

(1 point) A company disables autorun on endpoints. Which risk does this control most directly reduce?

a.	Malware executing automatically when an external drive is inserted
b.	Password guessing through brute force
c.	An access point advertising its SSID
d.	A firewall dropping outbound DNS traffic

63.

(1 point) An attacker leaves infected flash drives in a lobby hoping employees plug them in. This works best when which vulnerability exists?

a.	Devices automatically run code from inserted drives
b.	Devices require WPA3 for Wiâ€‘Fi connections
c.	Devices have strict BIOS boot restrictions
d.	Devices have anti-malware installed and updated

64.

(1 point) Risk note: "Autorun enabled; removable media frequently used." What impact is most plausible?

a.	Rapid malware installation leading to data theft or device control
b.	Guaranteed prevention of social engineering
c.	Automatic patching of all software
d.	Elimination of open ports on the device

65.

(1 point) A home PC has Remote Desktop open to the internet. An attacker scans for that port and tries to connect. Which device vulnerability is being exploited?

a.	Open ports that allow external connections
b.	Disabled wireless beacon frames
c.	A locked screen after inactivity
d.	A UPS providing backup power

66.

(1 point) A security scan finds an unused service listening on port 21 (FTP) on a workstation. Why is this a risk?

a.	Attackers can leverage open ports to connect and attempt compromise
b.	Open ports prevent malware from installing
c.	Open ports automatically encrypt data
d.	Open ports are only a risk on wireless networks

67.

(1 point) An attacker connects to a device through an exposed service and then attempts to install malware. Which step made the initial access possible?

a.	A reachable open port/service on the device
b.	A BIOS password preventing USB boot
c.	Anti-malware signatures updated hourly
d.	A firewall blocking all inbound traffic

68.

(1 point) A risk log states: "Multiple unnecessary services listening; no port hardening." Which impact should be documented?

a.	Higher likelihood of unauthorized access through exposed services
b.	Lower likelihood of password theft by phishing
c.	Guaranteed protection from exploits
d.	Elimination of device vulnerabilities

69.

(1 point) A small office disables the host firewall on all computers. Soon after, a computer is compromised by malicious traffic from the internet. Why did disabling the firewall increase risk?

a.	The device could not filter out malicious inbound data
b.	The device automatically patched itself less often
c.	The deviceâ€™s BIOS password was removed
d.	The Wiâ€‘Fi encryption changed to WPA3

70.

(1 point) A firewall rule accidentally allows all inbound traffic to a workstation. An attacker sends crafted packets that disrupt services. Which best explains the role of the misconfigured firewall?

a.	It failed to block malicious traffic that should have been denied
b.	It prevented the device from receiving updates
c.	It disabled anti-malware scanning
d.	It forced the device to boot from USB

71.

(1 point) Which situation best shows how a firewall helps prevent device disruption?

a.	Blocking known-bad inbound traffic before it reaches the device
b.	Making passwords shorter so users remember them
c.	Enabling autorun for faster USB installs
d.	Disabling BIOS/UEFI passwords for easier repairs

72.

(1 point) Assessment note: "Host firewall off; device exposed directly to internet." What impact is most likely if exploited?

a.	Device disruption or compromise via malicious network traffic
b.	Prevention of malware installation from USB drives
c.	Reduced likelihood of password guessing
d.	Automatic detection of all attacks without logs

73.