Kopieren und bearbeiten

Cyber Security Test-1

Beschreibung

Quiz am Cyber Security Test-1, erstellt von Bishal Jena am 05/10/2023.
Bishal Jena
Quiz von Bishal Jena, aktualisiert vor 9 Monate
Bishal Jena
Erstellt von Bishal Jena vor 9 Monate
89
1
0

Zusammenfassung der Ressource

Frage 1

Frage
Security is a state or quality of being secure to be free from--------------.
Antworten
  • Vulnerability
  • Attack
  • Threat
  • Danger

Frage 2

Frage
Which term among the following is correct?
Antworten
  • Cybersecurity
  • Cyber-security
  • cyber security
  • All are correct

Frage 3

Frage
What does “cyber” meanin the context of Information Technology?
Antworten
  • Software
  • Hardware
  • Network
  • Online World

Frage 4

Frage
Cyber security affects individuals, organizations, society and --------------------
Antworten
  • Government
  • Institution
  • Department
  • Firms

Frage 5

Frage
Choose the odd one
Antworten
  • Phishing attack
  • Denial of Service attack
  • SQL Injection
  • Man in the middle attack
  • Importing data

Frage 6

Frage
Restricting unauthorized access and misuse of physical assets helps in achieving physical security of an organization.
Antworten
  • True
  • False

Frage 7

Frage
Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment , organization and
Antworten
  • users’ cyber assets
  • user personal information
  • cyberspace
  • resource

Frage 8

Frage
The general security objectives comprise -------------------,Availability and Integrity
Antworten
  • Confidentiality
  • Accountability
  • Authorization
  • Authentication

Frage 9

Frage
Network security involves protection of items, objects, or facilities.
Antworten
  • True
  • False

Frage 10

Frage
What term describes the quality or state of ownership or control of information?
Antworten
  • confidentiality
  • possession
  • authenticity
  • integrity

Frage 11

Frage
Fill in the blanks The McCumber Cube has -------------------dimensions with -------cells representing areas that must be addressed to secure today’s information systems.
Antworten
  • 7 and 21
  • 4 and 27
  • 3 and 18
  • 3 and 27

Frage 12

Frage
------------------is a weakness or fault in a system or protection mechanism that opens it to attack or damage.
Antworten
  • Threat
  • Vulnerability
  • Risk
  • Attack

Frage 13

Frage
Which of the following is not a component of an organization’s Information System? (1) Software (2) Vendors (3) People (4) Government (5) ISPs
Antworten
  • 1&3
  • 1,2 &4
  • 4 & 5
  • 2,4, & 5

Frage 14

Frage
True or False: The person responsible for the storage, maintenance, and protection of information is the data custodian.
Antworten
  • True
  • False

Frage 15

Frage
Biometric data collected from users is used for-------------------------------------------- process.
Antworten
  • Authentication
  • Authorization
  • Accountability
  • Privacy

Frage 16

Frage
Select the right options of the C.I.A. triad (1) Assurance that information is shared only among authorized people or organizations (2) Assurance that the information is complete and uncorrupted (3) Assurance that information systems and the necessary data are not available for use when needed
Antworten
  • (1) True (2) False (3) True
  • (1) False (2) False (3) True
  • (1) True (2) True (3) True
  • (1) True (2) True (3) False

Frage 17

Frage
Match the following:
Image:
Cs (binary/octet-stream)
Antworten
  • A-1, B-3, C-4, D-2, E-5
  • A-3, B-4, C-5, D-1, E-2
  • A-5, B-4, C-3, D-2, E-1
  • A-1, B-2, C-3, D-4, E-5

Frage 18

Frage
Who are responsible for the security and use of a particular set of information?
Antworten
  • Data users
  • Data exporter
  • Data custodians
  • Data owner

Frage 19

Frage
True or False: If information has a state of being genuine or original and is not a fabrication, it has the characteristic of authenticity.
Antworten
  • True
  • False

Frage 20

Frage
Which of the following terms best describe the specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls?
Antworten
  • Blueprint
  • NIST handbook
  • An information security framework
  • Security plan

Frage 21

Frage
True or False: SP 800-18, Guide for Developing Security Plans, is considered the foundation for a comprehensive security blueprint and framework.
Antworten
  • True
  • False

Frage 22

Frage
One of the foundations of security architectures is the requirement to implement security in layers. This layered approach is referred to as:
Antworten
  • managerial controls
  • security domain
  • redundancy
  • defense in depth

Frage 23

Frage
Control Objectives for Information and Related Technologies is a framework created by ------ for information technology (IT) management and -------------
Antworten
  • HIPPA, & Information officer
  • SO, & Security officer
  • ISACA, & IT governance
  • CISO, & Chief officer

Frage 24

Frage
Three approaches to cyber security management are 1. Governance-Risk-Compliance (GRC) approach 2. --------------------------------------------------- 3. Organizational planning approach
Antworten
  • Information-driven approach
  • Security-driven approach
  • Standards-driven approach
  • Procedure-driven approach

Frage 25

Frage
SO/IEC 27032:2012 involves guidelines for -----------------
Antworten
  • Network security
  • Cyber security
  • Risk Management
  • Governance of information security

Frage 26

Frage
The five goals of information security governance are 1. -----------------of information security with business strategy to support organizational objectives 2. ---------------- by executing appropriate measures to manage and mitigate threats to information resources 3. -----------------by utilizing information security knowledge and infrastructure efficiently and effectively 4. -----------------by measuring, monitoring, and reporting information security governance metrics to ensure that organizational objectives are achieved 5. -----------------by optimizing information security investments in support of organizational objectives. A. Strategic alignment B. Risk management C. Resource management D. Performance measurement E. Value delivery Match the following
Antworten
  • 1-B,2-C,3-D,4-C,5-A,
  • 1-C,2-B,3-A,4-B,5-E
  • 1-E,2-C,3-A,4-B,5-D
  • 1-A,2-B,3-C,4-D,5-E,

Frage 27

Frage
Match ISO Series with the corresponding topic (A) 27000 (1)Series Overview and Terminology (B) 27003 (2)Information Security Management Systems Implementation Guidelines (C) 27004 (3) Information Security Measurements and Metrics (D) 27005 (4) ISMS Risk Management (E) 27006 (5) Requirements for Bodies Providing Audit and Certification of ISMS
Antworten
  • A-1, B-2,C-3, D-4, E-5
  • A-4, B-2, C-3, D-1, E-5
  • A-2,B-1,C-3,D-5,E-4
  • A-3,B-2,C-1,D-5,E-4

Frage 28

Frage
(1)------------------ is authorized by policy from senior management and is usually carried out by senior IT and information security executives, such as the(2)---------and-(3)-------
Antworten
  • 1- ISG 2- CIO, 3- CISO
  • 1-CO,2, 2-CIO,3- CISO
  • 1-CISO, 2-CIO, 3-CO
  • 1-CISO, 2-ISG, 3-CO

Frage 29

Frage
Which term is used to describe detailed statements of what must be done to comply with policy?
Antworten
  • Policies
  • Standards
  • Ethics
  • Governance

Frage 30

Frage
Management must use -------------------as the basis for all information security planning, design, and deployment.
Antworten
  • Standards
  • Procedures
  • Policies
  • Best business practices

Frage 31

Frage
Which type of planning ensures that critical business functions continue if a catastrophic incident or disaster occurs?
Antworten
  • Business continuity planning (BCP)
  • Contingency planning (CP)
  • Business resumption planning (BRP)
  • Disaster recovery planning (DRP)

Frage 32

Frage
-------------- policy can be separated into two general groups (a) managerial guidance and (b) technical specifications. Select the correct options
Antworten
  • Systems-Specific Security
  • Issue-Specific Security
  • Enterprise Information Security
  • None of these

Frage 33

Frage
The actions taken during and after a disaster falls under ----------------
Antworten
  • Impact assessment
  • Risk management
  • Crisis management
  • Both (a) & (b)

Frage 34

Frage
Special Publication 800-14 of the National Institute of Standards and Technology (NIST) defines three types of security policy and chooses the
Antworten
  • Violations of Policy, Business continuity planning, Response planning
  • A disaster recovery, Incident response planning, and Business continuity planning
  • Issue-specific security, Systems-specific security, Enterprise information security
  • Enterprise information security, Violations of Policy, Response planning

Frage 35

Frage
What are the elements of a business impact analysis? 1. Threat attack identification 2. Business unit analysis 3. Attack success scenario development 4. Potential damage assessment 5. Subordinate plan classification 6. Risk management 7. Disaster management The elements of a business impact analysis are:
Antworten
  • 1,2,3,4,5 correct
  • 1,2,3,5,6 correct
  • 2,3,5,6,7 correct
  • All are correct

Frage 36

Frage
Access control lists (ACLs) that govern the rights and privileges of users consist of the 1. User access lists, 2. Matrices, 3. Capability, and 4. Dedicated hardware Choose the correct answer
Antworten
  • 1,2,3,4 are true
  • 1,2,3 are true
  • Only 4 is true
  • All are true

Frage 37

Frage
The instructions a system administrator codes into a server, networking device, or a device to specify how it operates is called
Antworten
  • Administration rule
  • Configuration rules
  • Networking rules
  • Security rule

Frage 38

Frage
Information security safeguards focus on administrative planning, organizing, leading, and controlling and that are designed by strategic planners and implemented by the organization’s security administration. These safeguards include governance and risk management together known as
Antworten
  • Managerial controls
  • Operational controls
  • Technical controls
  • None of these

Frage 39

Frage
A lattice-based access control with rows of attributes associated with a particular subject such as a user is called
Antworten
  • Access control matrix
  • Capabilities table
  • Configuration table
  • All of above

Frage 40

Frage
What type of policy addresses specific areas of technology, requires frequent updates, and contains a statement on the organization’s position on a specific issue?
Antworten
  • Enterprise information security policy (EISP)
  • Systems-specific security policy (SysSP)
  • Automated policy (AP)
  • Issue-specific security policy (ISSP)

Frage 41

Frage
What are the defence strategies’ three common methods? 1. Application of policy 2. Education and training 3. Business impact analysis 4. Risk management 5. Application of technology Choose the correct answer.
Antworten
  • 1,2,3
  • 1,2,4
  • 2,4,5
  • 1,2,5

Frage 42

Frage
Policy administrator is responsible for ----------- 1. creation, 2. revision, 3. implementation 4. distribution, and 5. storage of policy in an organization. Choose the correct option
Antworten
  • 1,2
  • 3
  • 3,4
  • 5

Frage 43

Frage
Which type of policy is frequently codified as standards and procedures to be used when configuring or maintaining systems?
Antworten
  • Enterprise information security policy (EISP)
  • Systems-specific security policy (SysSP)
  • Automated policy (AP)
  • Issue-specific security policy (ISSP)

Frage 44

Frage
Which of the following is used to direct how issues should be addressed and technologies must be used in an organization?
Antworten
  • policies
  • standards
  • ethics
  • governance

Frage 45

Frage
The boundary in the network within which an organization attempts to maintain security controls for securing information from threats from untrusted network areas is called ----
Antworten
  • Security peripheral
  • Security perimeter
  • Security measure
  • Security principle

Frage 46

Frage
Consider the following statements 1. Statement of Purpose -What the policy is for 2. Information Technology Security Elements – Defines information security 3. Need for Information Technology Security – Justifies the irrelevance of information security in the organization 4. Information Technology Security Responsibilities and Roles - Defines organizational overall business planning and security investment plan. Identify the components of the EISP
Antworten
  • 3, 4
  • 2, 3, 4
  • 1, 2
  • all are true

Frage 47

Frage
Access Control Lists specify 1. who can --------the system 2. what ---------users can access 3. when authorised users can --------the system 4. where authorised users can access the system from Chose the correct words or expressions to fill in the blanks, in sequence:
Antworten
  • use, authorised, access
  • authorised, access, create
  • authorised, access, use
  • administer, access, accountable

Frage 48

Frage
The goals of (A)------------------------------ are: 1.------------------ of information security with business strategy to support organizational objectives 2 ------------------ by executing appropriate measures to manage and mitigate threats to information resources 3. ------------------ by using information security knowledge and infrastructure efficiently and effectively Choose the correct answer:
Antworten
  • A-Financial security gov, 1- Tactical alignment, 2- Performance mgmt., 3- Resource mgmt.,
  • A-Information security governance,1-Strategic alignment, 2- Risk mgmt., 3- Resource mgmt.
  • A-Data security gov, 1-Operational management, 2- Resource mgmt., 3- Risk mgmt.,
  • A-Bord of governance,1-Operational alignment, 2- Risk mgmt., 3- Resource mgmt

Frage 49

Frage
Match 1 & 2 with A& B following 1. Residual risk 2. Risk appetite A: The risk to information assets that remains even after current controls have been applied. B: The quantity and nature of risk that organizations are willing to accept as they evaluate the trade-offs between perfect security and unlimited accessibility. Choose the correct answer:
Antworten
  • 1-A, 2-B
  • 1-B, 2-A

Frage 50

Frage
True or False: The information technology community of interest must assist in risk management by configuring and operating information systems in a secure fashion.
Antworten
  • True
  • False

Frage 51

Frage
The process of examining how each threat will affect an organization is called:
Antworten
  • Risk assessment
  • Data classification
  • Threat assessment
  • Vulnerability classification

Frage 52

Frage
The probability that a specific vulnerability within an organization will be the target of an attack is known as:
Antworten
  • Loss Magnitude
  • Manageability
  • Likelihood
  • Practicability

Frage 53

Frage
The calculation of the value associated with the most likely loss from an attack is called:
Antworten
  • Annualised Rate of Occurrence (ARO)
  • Annualised Loss Expectancy (ALE)
  • Cost Benefit Analysis (CBA)
  • Single Loss Expectancy (SLE)

Frage 54

Frage
----------------------is the formal assessment and presentation of the economic expenditures needed for particular security control, contrasted with its projected value to the organization.
Antworten
  • Feasibility analysis
  • Cost-benefit analysis
  • Risk-benefit analysis
  • Economic impact analysis

Frage 55

Frage
A document that compares the relative importance of prioritised assets to prioritised threats and highlights any weaknesses in the asset/threat pairs.
Antworten
  • Threats-Vulnerabilities document
  • Threats-Vulnerabilities-Assets (TVA) worksheet
  • Threats-Vulnerabilities-Assets log file
  • Attack Vulnerability Asset document

Frage 56

Frage
Match the following: (A) Internal Used for the most sensitive corporate information that must be tightly controlled, even within the company. Access to information with this classification is strictly on a need-to-know basis or as required by the terms of a contract. Information with this classification may also be referred to as “sensitive” or “proprietary.” (B) Confidential Used for all internal information that does not meet the criteria for the confidential category. Internal information is to be viewed only by corporate employees, authorized contractors, and other third parties. (C) External All information that has been approved by management for public release.
Antworten
  • A-2, B-1, C-3
  • A-1, B-2, C-3
  • A-3, B-2, C-1
  • A-1, B-3, C-2

Frage 57

Frage
------------------- varies among organisations because they maintain different balances between the expense of controlling vulnerabilities and the possible losses if the vulnerabilities are exploited. The key for each organisation is to find the proper balance in its decision-making and feasibility analyses, to use experience and facts instead of ignorance or wishful thinking.
Antworten
  • Risk appetite
  • Risk control
  • Residual Risk
  • Risk Assessment

Frage 58

Frage
Malware dictation Software has its own (Asset) internal personnel database behind a firewall. Industry reports indicate a 5 % chance of an attack. The information security and IT departments report that if the organization is attacked, the attack has a 15 % chance of success based on current asset vulnerabilities and protection mechanisms. The asset is valued at a score of 35 on a scale of 0 to 100, and information security and IT staff expect that 60 % of the asset would be lost or compromised by a successful attack, because not all of the asset is stored in a single location. You estimate that the assumptions and data are 90 % accurate. Calculating Risk.
Antworten
  • 0.1575
  • 0.1733
  • 0.2887
  • 0.5575

Frage 59

Frage
xyzbuy.com has an estimated value of Rs 50,00,000, as determined by an asset valuation and a cracker defacement scenario indicates that a deliberate act of sabotage or vandalism could damage 25 per cent of xyzbuy.com, then the single loss expectancy for the xyzbuy.com would be?
Antworten
  • 16,50,000
  • 15,20,000
  • 11,11,000
  • 12,50,000

Frage 60

Frage
Which VPN technology uses leased circuits from a service provider and conducts packet switching over these leased circuits?
Antworten
  • Secure VPN
  • Hybrid VPN
  • Trusted VPN
  • Transport VPN

Frage 61

Frage
The biometric technology criteria that describe the number of legitimate users who are denied access because of a failure in the biometric device in known as
Antworten
  • False reject rate
  • False accept rate
  • Crossover error rate
  • Accountability rate

Frage 62

Frage
True or False: All traffic exiting from the trusted network should be filtered.
Antworten
  • True
  • False

Frage 63

Frage
What term is used to describe decoy systems designed to lure potential attackers away from critical systems?
Antworten
  • Trap
  • Honeypot
  • Trace
  • Sniffer

Frage 64

Frage
True or False: Signature-based IDPS technology is widely used because many attacks have clear and distinct signatures.
Antworten
  • True
  • False

Frage 65

Frage
The method by which systems determine whether and how to admit a user into a trusted area of the organization is known as
Antworten
  • Attribute
  • Accountability
  • Access control
  • Audibility

Frage 66

Frage
------------------denotes the rate at which fraudulent users or nonusers are allowed access to systems or areas as a result of a failure in the biometric device. This failure is also known as --------------
Antworten
  • False reject rate, Type I error
  • False accept rate, Type 2 error
  • False accept rate, Type I error
  • False reject rate, Type 2 error

Frage 67

Frage
Fill in the blank ------------------denotes the rate at which authorised users are denied access to systems or areas as a result of a failure in the biometric device. This failure is also known as ------------. Choose the correct option
Antworten
  • False reject rate, Type I error
  • False accept rate, Type 2 error
  • False accept rate, Type I error
  • False reject rate, Type 2 error

Frage 68

Frage
Match the following A. Thresholds 1 Signature-based detection B. Blacklists and whitelists: 2 Anomaly-based detection C. Alert settings: 3 Detection-related related programs D. Code viewing and editing: 4 Specifying which prevention capabilities Choose the correct option
Antworten
  • A-2, B-3, C-1, D-4
  • A-2, B-1, C-3, D-4
  • A-1, B-2, C-3, D-4
  • A-2, B-1, C-4, D-3

Frage 69

Frage
Choose the right option to fill in the blanks (1) --------------- initiates network traffic to find and evaluate service ports whereas (2) ---------------- uses traffic from the target network segment to evaluate the service ports available from hosts on that segment.
Antworten
  • 1-active vulnerability scanners, 2-passive vulnerability scanners
  • 1-passive vulnerability scanners, 2-active vulnerability scanners

Frage 70

Frage
Which of the following terms describes the process of making and using codes to secure the transmission of information?
Antworten
  • Algorithm
  • Cryptography
  • Steganography
  • Cryptanalysis

Frage 71

Frage
What is term is used to describe a cryptographic method that incorporates mathematical operations involving both a public key and a private key to encipher or decipher a message?
Antworten
  • Private-key encryption
  • Symmetric encryption
  • Advanced Encryption Standard (AES)
  • Asymmetric encryption

Frage 72

Frage
A substitution cipher that incorporates two or more alphabets in the encryption process is called-------------------
Antworten
  • Monoalphabetic substitution
  • Block cipher substitution
  • Stream cipher substitution
  • Polyalphabetic substitution

Frage 73

Frage
The current standard for the encryption of data, as specified by NIST --------- is based on the Rijndael algorithm, which was developed by Vincent Rijmen and Joan Daemen.
Antworten
  • DES
  • RSA
  • AES
  • Message Digest

Frage 74

Frage
True or False: Nonrepudiation means that customers or partners can be held accountable for transactions, such as online purchases, which they cannot later deny.
Antworten
  • True
  • False

Frage 75

Frage
Limited-use symmetric keys for temporary communications during an online session is called
Antworten
  • Session keys
  • One-time padding
  • AES
  • DES

Frage 76

Frage
Match the folowing
Image:
W8 Q7n (binary/octet-stream)
Antworten
  • A-3, B-5, C-4, D-1, E-2
  • A-2, B-1, C-4, D-5, E-3
  • A-4, B-2, C-3, D-1, E-1
  • A-5, B-2, C-3, D-1, E-4

Frage 77

Frage
Suppose that everyone in a group of N people wants to communicate secretly with the N-1 others using a symmetric key cryptographic system. Communication between any two persons should not be decodable by others in the group. The number of keys required in the system as a whole to satisfy the confidentiality requirement is
Antworten
  • 2N
  • N(N-1)
  • N(N-1)/2
  • (N-1)2

Frage 78

Frage
Decrypt the following message if it was encrypted using a shift cipher with a shift of 3. Message: NPTELINFORMATION
Antworten
  • Q S W H O L Q I R U P W L R Q
  • Q S W H O L Q I T U P W L R Q
  • Q S W F O L Q I R V P W L R Q
  • Q S W H O L Q I R V P W L R Q

Frage 79

Frage
------------security protocols are used to protect e-mail
Antworten
  • SMTP
  • HTTPS
  • S/MIME, PEM, and PGP
  • Telnet

Frage 80

Frage
What is the most popular encryption system used over the Web?
Antworten
  • Diffie Hellman key exchange
  • RSA
  • Block cipher
  • DES

Frage 81

Frage
What is the maximum fine for GDPR non-compliance?
Antworten
  • EUR 10mn or 2% global turnover
  • EUR 15mn or 3% global turnover
  • EUR 20mn or 4% global turnover
  • EUR 25mn or 5% global turnover

Frage 82

Frage
Richards and Solove (2007) suggest that while the American derivation of general privacy is grounded in one's --------------------
Antworten
  • inviolate personality
  • violate personality
  • serious personality
  • funny personality

Frage 83

Frage
Cohenretism treats privacy as a
Antworten
  • Permission
  • Order
  • Freedom
  • Distinct right

Frage 84

Frage
True/ or False? Confidentiality is concerned with the externalization of restricted but accurate information to a specific entity.
Antworten
  • True
  • False

Frage 85

Frage
Being observed, while the subject doesn’t know is
Antworten
  • Panopticon
  • Transparency
  • Prevention
  • Anonymity

Frage 86

Frage
Concerns for Information Privacy (CFIP) has four constructs. Which is a construct that is not part of the CFIP?
Antworten
  • Collection
  • Unauthorized access
  • Autonomy
  • Errors

Frage 87

Frage
According to --------------------- privacy is not a distinct value concept because it could be conceptually reduced to other values, like liberty
Antworten
  • Coherentism
  • Reductionism
  • Privacy
  • Security

Frage 88

Frage
……………… determines the purposes and means of processing personal data
Antworten
  • Data fiduciary
  • Data processor
  • Data principle
  • Data users

Frage 89

Frage
A IPL team management contracts a market research specialist team to carry out players satisfaction survey. The IPL team specifies the budget and the deadline, but the market research team determines sample sizes and interview methods. The market research team decides which player to select for the interview, what information will be collected, how the information will be collected, and how the information will be presented to the IPL team management. Who is the data controller in this situation?
Antworten
  • An IPL team management
  • Market research firm
  • Both a & b are controllers
  • None of them are controllers

Frage 90

Frage
Fair Information Practice (FIP) principles were developed the United States in response to increasing privacy concerns resulting from massive computerization. What is an issue FIP does not address?
Antworten
  • secret record-keeping systems
  • access by data subject to information stored in record keeping systems
  • ability by data subject to correct errors in one’s own data
  • data localization

Frage 91

Frage
GDPR makes provisions for the individual member states to add their own exemptions
Antworten
  • True
  • False

Frage 92

Frage
The GDPR introduces a new data protection principle that requires organizations to
Antworten
  • demonstrate compliance with the principles
  • optional compliance with the privacy regulation
  • flexibility to report data protection breaches
  • accept data breaches

Frage 93

Frage
In which of these circumstances could a data subject exercise their right to be forgotten?
Antworten
  • Where they have withdrawn consent for data processing
  • Where the data is no longer necessary for the purposes for which it was collected
  • Where erasure is necessary to comply with a legal obligation
  • All are true
  • All are false

Frage 94

Frage
According to GDPR a group of companies or public authorities may appoint a single data protection officer to represent them all
Antworten
  • True
  • False

Frage 95

Frage
--------------------- is a system for publicly sharing information about a dataset by describing the patterns of groups within the dataset while withholding information about individuals in the dataset.
Antworten
  • Differential privacy (DP)
  • Privacy calculus
  • Privacy paradox
  • Privacy theory

Frage 96

Frage
A release of data is said to have the k-anonymity property if the information for each person contained in the release cannot be distinguished from at ---------individuals whose information also appears in the release
Antworten
  • least k−1
  • least k+1
  • least k +/- 1
  • least k*1

Frage 97

Frage
consider the diagram: In the First wave of the economic theory of privacy, work did not consist of formal economic models, but rather general ------------around the value or the damage that individuals, and society, may incur when personal information is protected, thereby making potentially useful information unavailable to the marketplace Choose the correct answer:
Image:
W10 Q8 (binary/octet-stream)
Antworten
  • information privacy
  • economic arguments
  • economic value
  • economic benefit

Frage 98

Frage
The economics of privacy concerns the tradeoffs associated with the balancing of --------------------spheres between individuals, organizations, and governments.
Antworten
  • public and private
  • internal and external
  • low and high
  • individual vs group

Frage 99

Frage
The goal of privacy-preserving data mining is to develop data mining methods without increasing the risk of misuse of the ---------
Antworten
  • privacy
  • data
  • anonymity
  • Privacy-related content
  • database

Frage 100

Frage
___________ is a dichotomy between a person’s intention to protect their online privacy versus how they actually behave online and as a result compromise their privacy
Antworten
  • Privacy paradox
  • Privacy calculus
  • Differential calculus
  • Coherentism

Frage 101

Frage
The personal data that has been de-identified, ----------------but can be used to re-identify a person remains personal data and falls within the scope of the GDPR.
Antworten
  • pseudonymized
  • decrypted
  • Anonymize
  • Secrete

Frage 102

Frage
The area of philosophy that examines the basis for moral judgment, as well as its nature, standards, sources, and logic, is called ------------------
Antworten
  • Moral principle
  • Moral value
  • Ethics
  • Law

Frage 103

Frage
Choose the correct option that represents HIPAA’s fundamental principle
Antworten
  • Producer control of medical information
  • No restrictions on how medical data may be used
  • Accountability to maintain the privacy of specified types of information
  • Balance of public responsibility for the use of medical information for the greater good measured against no impact on the individual
  • Security of health information

Frage 104

Frage
True or False: The cornerstone of many current computer-related criminal laws in the US is the Computer Fraud and Abuse Act of 1986.
Antworten
  • True
  • False

Frage 105

Frage
Which one of these activities falls outside the scope of the GDPR?
Antworten
  • processing for marketing purposes
  • processing for domestic and household purposes
  • processing for the purposes of crime and investigations
  • processing for the purposes of journalism literature and art

Frage 106

Frage
What types of information are covered by the GDPR? 1. Personal data 2. Data related to the public domain 3. All data of a person that can be identified by their identifier, directly or indirectly 4. Garbage data Choose the correct option.
Antworten
  • 1,2
  • 2,4
  • 1,3
  • 4,3

Frage 107

Frage
Which of the following are not GDPR fundamental rights?
Antworten
  • The right to be informed, the right of access
  • The ability to learn from mistakes, the freedom to transfer data
  • The right to object, rights related to automated decision-making
  • All are correct

Frage 108

Frage
Match topics of interest to IT Professionals with US Laws (A) Cryptography (1) Electronic Communications Privacy Act (B) IP (2) Federal Privacy Act (C) Encryption and digital signatures (3) No Electronic Theft Act amends (D) Privacy (4) Security and Freedom through Encryption Act Choose the correct option
Antworten
  • A-3, B-1, C-4, D-2.
  • A-4, B-3, C-1, D-2.
  • A-1, B-3, C-4, D-2.

Frage 109

Frage
INDIAN COPYRIGHT ACT was drafted in --------------------by Shalu Gothi and Daisy Jain
Antworten
  • 2000
  • 1857
  • 1957
  • 1967

Frage 110

Frage
What is the software that comes hidden in free downloadable software and tracks your online movements, mine the information stored on your computer or use your computer’s CPU and storage for some task you know nothing about?
Antworten
  • Weblog
  • Clickstream
  • Anonymous web browsing service
  • None of above

Frage 111

Frage
What are the primary examples of public law?
Antworten
  • Criminal, administrative, and constitutional law
  • Civil, Legislative and public service
  • IPC, administrative, service, constitutional law
  • All are the primary examples of public law.

Frage 112

Frage
The Aadhaar project is the world’s largest national identity project, launched by the government of India, which seeks to collect the following data about residents and store these in a centralized database.
Antworten
  • Biometric data
  • Demographic data of residents
  • Life style data of citizens
  • All of these

Frage 113

Frage
Personal Data Protection Bill 2019 had the following provision. (1) Provide for the protection of the privacy of individuals relating to their personal data, (2) Specify demerits of the flow and usage of personal data, (3) Create a mysterious relationship of trust between persons and entities processing personal data, (4) Protect the fundamental rights of individuals whose personal data are processed Choose which of the options listed above are false?
Antworten
  • 1,2,3
  • 2,3
  • 1,4
  • 1,2

Frage 114

Frage
The Aadhaar Act attempts to create a method for--------------- of individuals so as to provide services, subsidies and other benefits to the residents of the country.
Antworten
  • Identification
  • Authentication
  • Authorization
  • Accountability

Frage 115

Frage
------------------- gathers personally identifying information from Aadhaar holders, prepares the data for transmission, and receives the authentication.
Antworten
  • System Terminal
  • Barcode reader
  • Authentication device
  • RFID

Frage 116

Frage
According to standard notions of digital authentication, a security principal (a user or a computer), while requesting access to a service, must provide two independent pieces of information, which are:
Antworten
  • Identity and Authentication.
  • Verification and Authentication
  • Validation and Authorization
  • Validation and Authentication

Frage 117

Frage
Identity provides an answer to the question ------------------ Anonymity is when nobody knows who you are but potentially, they know ---------------------------
Antworten
  • how are you? & how you do
  • who are you? & what you do
  • how are you feeling? & what you do
  • who are you? & what you know about others

Frage 118

Frage
Which of the following is odd about Aadhaar authentication?
Antworten
  • It enables authentication using a One-Time-Password (OTP) issued to the resident's listed email address or cellphone number in the CIDR.
  • It enables authentication combining OTP, fingerprint, and iris authentication for residents.
  • It offers a 2-factor authentication with OTP as one factor and multimodal biometric as the second factor for authenticating residents.
  • It enables Aadhaar authentication by matching Aadhaar numbers and demographic attributes of residents.

Frage 119

Frage
Personal Data Protection Bill sought to ensure privacy rights of the individual. Select the odd option
Antworten
  • Obtain confirmation from the fiduciary on whether their personal data has been processed
  • Seek correction of inaccurate, incomplete, or out-of-date personal data
  • Have personal data transferred to any other data fiduciary in certain circumstances
  • Restrict continuing disclosure of their personal data by a fiduciary, if it is no longer necessary Or consent is withdrawn
  • Provide advice on security safeguards like data encryption

Frage 120

Frage
Which of the following act enforces individual privacy in online space, after scrapping a similar bill:
Antworten
  • PDP Bill 2018
  • Digital Personal Data Protection Bill 2023
  • GDPR
  • IT Act, 2000
Zusammenfassung anzeigen Zusammenfassung ausblenden

Möchten Sie mit GoConqr kostenlos Ihre eigenen Quiz erstellen? eigenen Mehr erfahren.

ähnlicher Inhalt

Unregelmäßige Verben Englisch
Janine Egli
[Geschichte] Nachkriegsdeutschland - Die Stunde null
Marcel Pabst
Wie schreibe ich eine wissenschaftliche Arbeit
Antonia C
Pädagogik Abitur 2016: Freud
Lena S.
Vetie - Pathologie 2012
Fioras Hu
Systemwissenschaften 1 Teil Füllsack
Gustav Glanz
Vetie Allgemeine Pathologie Altfragen2016
Nele Unger
THEO: VO PSYCH - Medienpsychologie
Adrienne Tschaudi
MS-4 Tutorium 25.11.-1.12.2019
Lukas Imwalle
VO KORRE (WS19/20)
Patrick Peterka
Orthopädie Pferd Bildgebung Vetie
Fenja Joseph
Bibliothek durchsuchen