IFMG 300 |Chapter 12

Beschreibung

Quiz am IFMG 300 |Chapter 12, erstellt von bjduguid am 04/11/2015.
bjduguid
Quiz von bjduguid, aktualisiert more than 1 year ago
bjduguid
Erstellt von bjduguid vor etwa 9 Jahre
10
0

Zusammenfassung der Ressource

Frage 1

Frage
Information security is made up of
Antworten
  • threats
  • vulnerabilities
  • safeguards
  • targets

Frage 2

Frage
Threats can be human or man-made.
Antworten
  • True
  • False

Frage 3

Frage
Common crimes that results in unauthorized data disclosure are
Antworten
  • pretexting
  • phishing
  • spoofing
  • sniffing
  • hacking

Frage 4

Frage
Spoofing involves altering header information, etc. to cause the recipient to trust an email they otherwise would not.
Antworten
  • True
  • False

Frage 5

Frage
Data can be changed or lost during a natural disaster due to problems recovering data.
Antworten
  • True
  • False

Frage 6

Frage
the two common types of spoofing are
Antworten
  • email
  • IP

Frage 7

Frage
Incorrect data modification can be caused by
Antworten
  • procedures not followed or incorrectly designed
  • improper internal controls on systems
  • system errors
  • faulty recovery actions after a disaster

Frage 8

Frage
Reasons a service can become faulty are
Antworten
  • incorrect data modification
  • systems working incorrectly
  • procedural mistakes
  • programming errors
  • IT installation errors
  • Usurpation
  • denial of service (unintentional)
  • denial of service (intentional)

Frage 9

Frage
DDOS stands for [blank_start]Distributed Denial of Service[blank_end]
Antworten
  • Distributed Denial of Service

Frage 10

Frage
Loss of infrastructure can be caused by
Antworten
  • human accidents
  • theft and terrorist events
  • a disgruntled or terminated employee
  • natural disaster
  • Advanced Persistent Threat (APT) or cyberwarfare

Frage 11

Frage
APT stands for [blank_start]Advanced Persistent Threat[blank_end]
Antworten
  • Advanced Persistent Threat

Frage 12

Frage
Data theft is most serious in large companies.
Antworten
  • True
  • False

Frage 13

Frage
The four most common computer crimes in 2011 were
Antworten
  • criminal activity against servers
  • viruses
  • code insertion
  • data loss on a user computer

Frage 14

Frage
Malware infection remains the most common type of attack experienced
Antworten
  • True
  • False

Frage 15

Frage
Insider abuse of internet or email remains very high
Antworten
  • True
  • False

Frage 16

Frage
IDS stands for [blank_start]Intrusion Detection System[blank_end]
Antworten
  • Intrusion Detection System

Frage 17

Frage
The number one rule in data privacy is "don't collect what you don't absolutely need"
Antworten
  • True
  • False

Frage 18

Frage
A security policy must contain
Antworten
  • what sensitive data may be stored
  • how sensitive data will be processed
  • what data can be shared with other organizations
  • how employees and others can obtain data about themselves
  • how employees and others can request changes to inaccurate data about themselves
  • What employees can do with their own mobile devices at work
  • what non-organizational activities an employee can take with employee-owned equipment

Frage 19

Frage
The five IS components are
Antworten
  • hardware
  • software
  • data
  • procedures
  • people

Frage 20

Frage
Technical safeguards to involve hardware and software and include
Antworten
  • identification and authorization
  • encryption
  • firewalls
  • malware protection
  • application design

Frage 21

Frage
Data safeguards includes
Antworten
  • the definition of data rights and responsibilities
  • passwords
  • encryption
  • backup and recovery
  • physical security

Frage 22

Frage
Human safeguards involving procedures and people include
Antworten
  • hiring practices
  • training
  • education
  • procedure design
  • administration
  • assessment
  • compliance
  • accountability

Frage 23

Frage
Identification and authentication are most often performed using a userid/password pair
Antworten
  • True
  • False

Frage 24

Frage
Malware includes viruses, trojans, spyware, adware, keystroke loggers, erc.
Antworten
  • True
  • False

Frage 25

Frage
SSL uses asymmetric encryption
Antworten
  • True
  • False

Frage 26

Frage
SSL stands for [blank_start]Secure Sockets Layer[blank_end]
Antworten
  • Secure Sockets Layer

Frage 27

Frage
DMZ stands for [blank_start]demilitarized zone[blank_end]
Antworten
  • demilitarized zone

Frage 28

Frage
A common network design has servers exposed to the internet located between two firewalls in the DMZ.
Antworten
  • True
  • False

Frage 29

Frage
Safeguards against malware include
Antworten
  • using antivirus and antispyware programs
  • performing frequent scans
  • update malware definitions frequently
  • open email from known sources only
  • install software updates ASAP
  • browse only reputable internet neighbourhoods

Frage 30

Frage
SQL injection is the most common cause of data disclosure
Antworten
  • True
  • False

Frage 31

Frage
SQL injections are successful when forms are poorly designed
Antworten
  • True
  • False

Frage 32

Frage
Human safeguards to protect against security threats include
Antworten
  • separation of duties
  • providing access based on concept of least privilege
  • classify data based on confidentiality and sensitivity
  • thorough hiring and screening practices
  • security awareness programs
  • friendly termination procedures

Frage 33

Frage
Security threats can be reduced through account administration by
Antworten
  • having standards for account administration which include rules for modifying permissions and deletion of inactive accounts
  • requiring passwords be changed regularly
  • Help Desk policies regarding password resets etc.

Frage 34

Frage
All employees should be required to sign an access agreement form which states that they will follow company policies
Antworten
  • True
  • False

Frage 35

Frage
Response plans for security incidents must be in place, just like disaster plans
Antworten
  • True
  • False

Frage 36

Frage
A speedy response to any suspected security incident is essential
Antworten
  • True
  • False

Frage 37

Frage
An Advanced Persistent Threat involves a multi-step attack usually targeted at a large business or government.
Antworten
  • True
  • False
Zusammenfassung anzeigen Zusammenfassung ausblenden

ähnlicher Inhalt

Managing Information Systems
Clair Hat
Prefixe
biologa.dri
Multiple Choice type questions
Kingsley Enyiorj
CIS 200
Madalyn Geuke
MIS quiz
Ben Swift
IFMG Chapter 4
bjduguid
IFMG 300 Chapter 5
bjduguid
Chapter 9 quiz
bjduguid
IFMG Chapter 11 quiz
bjduguid
IFMG Chapter 10 quiz
bjduguid