865 538
Quiz von , erstellt am more than 1 year ago

intro

41
0
0
865 538
Erstellt von 865 538 vor fast 8 Jahre
Schließen

nsf_01

Frage 1 von 30

1

The single most expensive malicious attack was the 2000 __, which cost an estimated $8.7 billion.

Wähle eine der folgenden:

  • a. Love Bug

  • b. Nimda

  • c. Slammer

  • d. Code Red

Erklärung

Frage 2 von 30

1

The __ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.

Wähle eine der folgenden:

  • a. USA Patriot

  • b. Gramm-Leach-Bliley

  • c. California Database Security Breach

  • d. Sarbanes-Oxley

Erklärung

Frage 3 von 30

1

Under the __, health care enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format.

Wähle eine der folgenden:

  • a. HLPDA

  • b. USHIPA

  • c. HIPAA

  • d. HCPA

Erklärung

Frage 4 von 30

1

What is another name for unsolicited e-mail messages?

Wähle eine der folgenden:

  • a. trash

  • b. scam

  • c. spawn

  • d. spam

Erklärung

Frage 5 von 30

1

__ ensures that information is correct and that no unauthorized person or malicious software has altered that data

Wähle eine der folgenden:

  • a. Identity

  • b. Confidentiality

  • c. Integrity

  • d. Availability

Erklärung

Frage 6 von 30

1

__ ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter.

Wähle eine der folgenden:

  • a. Encryption

  • b. Authentication

  • c. Accounting

  • d. Authorization

Erklärung

Frage 7 von 30

1

A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts.

Wähle eine der folgenden:

  • a. 10 to 14

  • b. 14 to 16

  • c. 12 to 15

  • d. 13 to 14

Erklärung

Frage 8 von 30

1

In information security, an example of a threat agent can be ____.

Wähle eine der folgenden:

  • a. a force of nature such as a tornado that could destroy computer equipment

  • b. a virus that attacks a computer network

  • c. Both a and d

  • d. an unsecured computer network

Erklärung

Frage 9 von 30

1

Weakness in software can be more quickly uncovered and exploited with new software tools and techniques.

Wähle eins der folgenden:

  • WAHR
  • FALSCH

Erklärung

Frage 10 von 30

1

The demand for IT professionals who know how to secure networks and computers is at an all-time low.

Wähle eins der folgenden:

  • WAHR
  • FALSCH

Erklärung

Frage 11 von 30

1

Which of the following is NOT a characteristic of Advanced Persistent Threat (APT)?

Wähle eine der folgenden:

  • a. can span several years

  • b. targets sensitive propriety information

  • c. uses advanced tools and techniques

  • d. is only used by hactivists against foreign enemies

Erklärung

Frage 12 von 30

1

Which of the following was used to describe attackers who would break into a computer system without the owner's permission and publicly disclose the vulnerability?

Wähle eine der folgenden:

  • a. white hat hackers

  • b. black hat hackers

  • c. blue hat hackers

  • d. gray hat hackers

Erklärung

Frage 13 von 30

1

Which of the following is NOT a reason why it is difficult to defend against today's attackers?

Wähle eine der folgenden:

  • a. increased speed of attacks

  • b. simplicity of attack tools

  • c. greater sophistication of defense tools

  • d. delays in security updating

Erklärung

Frage 14 von 30

1

Why can brokers command such a high price for what they sell?

Wähle eine der folgenden:

  • a. Brokers are licensed professionals.

  • b. The attack targets are always wealthy corporations.

  • c. The vulnerability was previously unknown and is unlikely to be patched quickly.

  • d. Brokers work in teams and all the members must be compensated.

Erklärung

Frage 15 von 30

1

Which phrase describes the term "security" in a general sense.

Wähle eine der folgenden:

  • a. protection from only direct actions

  • b. using reverse attack vectors (RAV) for protection

  • c. only available on hardened computers and systems

  • d. the necessary steps to protect a person or property from harm

Erklärung

Frage 16 von 30

1

____ ensures that only authorized parties can view the information.

Wähle eine der folgenden:

  • a. Confidentiality

  • b. Availability

  • c. Authorization

  • d. Integrity

Erklärung

Frage 17 von 30

1

Each of the following is a successive layer in which information security is achieved EXCEPT ____.

Wähle eine der folgenden:

  • a. products

  • b. purposes

  • c. procedures

  • d. people

Erklärung

Frage 18 von 30

1

What is a person or element that has the power to carry out a threat.

Wähle eine der folgenden:

  • a. threat agent

  • b. exploiter

  • c. risk agent

  • d. vulnerability

Erklärung

Frage 19 von 30

1

____ ensures that individuals are why they claim to be.

Wähle eine der folgenden:

  • a. Demonstration

  • b. Accounting

  • c. Authentication

  • d. Certification

Erklärung

Frage 20 von 30

1

What is the difference between a hactivist and a cyberterrorist?

Wähle eine der folgenden:

  • a. A hactivist is motivated by ideology while a cyberterrorist is not.

  • b. Cyberterrorists always work in groups while hactivists work alone.

  • c. The aim of a hactivist is not to incite panic like cyberterrorists.

  • d. Cyberterrorists are better funded than hactivists.

Erklärung

Frage 21 von 30

1

Each of the following is a goal of information security EXCEPT ____.

Wähle eine der folgenden:

  • a. avoid legal consequences

  • b. foil cyberterrorism

  • c. prevent data theft

  • d. limit access control

Erklärung

Frage 22 von 30

1

Which act requires enterprises to guard protected health information and implement policies and procedures to safeguard it?

Wähle eine der folgenden:

  • a. Hospital Protection and Insurance Association Agreement (HPIAA)

  • b. Sarbanes-Oxley (Sarbox)

  • c. Gramm-Leach-Bliley Act (GLBA)

  • d. Health Insurance Portability and Accountability Act (HIPAA)

Erklärung

Frage 23 von 30

1

Why do cyberterrorists target power plants, air traffic control centers, and water systems?

Wähle eine der folgenden:

  • a. These targets have notoriously weak security and are easy to penetrate.

  • b. They can cause significant disruption by destroying only a few targets.

  • c. These targets are government-regulated and any successful attack would be considered a major victory.

  • d. The targets are privately owned and cannot afford high levels of security.

Erklärung

Frage 24 von 30

1

What is the first step in the Cyber Kill Chain?

Wähle eine der folgenden:

  • a. weaponization

  • b. exploitation

  • c. actions on objectives

  • d. reconnaissance

Erklärung

Frage 25 von 30

1

An organization that purchased security products from different vendors is demonstrating which security principle?

Wähle eine der folgenden:

  • a. obscurity

  • b. diversity

  • c. limiting

  • d. layering

Erklärung

Frage 26 von 30

1

Each of the following can be classified an "insider" EXCEPT ____.

Wähle eine der folgenden:

  • a. business partners

  • b. contractors

  • c. stockholders

  • d. employees

Erklärung

Frage 27 von 30

1

What are attackers called who belong to a network of identity thieves and financial fraudsters?

Wähle eine der folgenden:

  • a. cybercriminals

  • b. script kiddies

  • c. hackers

  • d. brokers

Erklärung

Frage 28 von 30

1

What is an objective of state-sponsored attackers?

Wähle eine der folgenden:

  • a. to right a perceived wrong

  • b. to spy on citizens

  • c. to sell vulnerabilities to the highest bidder

  • d. fortune instead of fame

Erklärung

Frage 29 von 30

1

An example of ____ is not reveling they type of computer, operating system, software, and network connection a computer uses.

Wähle eine der folgenden:

  • a. layering

  • b. diversity

  • c. obscurity

  • d. limiting

Erklärung

Frage 30 von 30

1

The ____ is primarily responsible for accessing, managing, and implementing security.

Wähle eine der folgenden:

  • a. security administrator

  • b. security manager

  • c. security technician

  • d. chief information security officer (CISO)

Erklärung