3955838
Frage 1
Frage
Information security is made up of
Antworten
-
threats
-
vulnerabilities
-
safeguards
-
targets
Frage 2
Frage
Threats can be human or man-made.
Antworten
- True
- False
Frage 3
Frage
Common crimes that results in unauthorized data disclosure are
Antworten
-
pretexting
-
phishing
-
spoofing
-
sniffing
-
hacking
Frage 4
Frage
Spoofing involves altering header information, etc. to cause the recipient to trust an email they otherwise would not.
Antworten
- True
- False
Frage 5
Frage
Data can be changed or lost during a natural disaster due to problems recovering data.
Antworten
- True
- False
Frage 6
Frage
the two common types of spoofing are
Antworten
-
email
-
IP
Frage 7
Frage
Incorrect data modification can be caused by
Antworten
-
procedures not followed or incorrectly designed
-
improper internal controls on systems
-
system errors
-
faulty recovery actions after a disaster
Frage 8
Frage
Reasons a service can become faulty are
Antworten
-
incorrect data modification
-
systems working incorrectly
-
procedural mistakes
-
programming errors
-
IT installation errors
-
Usurpation
-
denial of service (unintentional)
-
denial of service (intentional)
Frage 9
Frage
DDOS stands for [blank_start]Distributed Denial of Service[blank_end]
Antworten
-
Distributed Denial of Service
Frage 10
Frage
Loss of infrastructure can be caused by
Antworten
-
human accidents
-
theft and terrorist events
-
a disgruntled or terminated employee
-
natural disaster
-
Advanced Persistent Threat (APT) or cyberwarfare
Frage 11
Frage
APT stands for [blank_start]Advanced Persistent Threat[blank_end]
Antworten
-
Advanced Persistent Threat
Frage 12
Frage
Data theft is most serious in large companies.
Antworten
- True
- False
Frage 13
Frage
The four most common computer crimes in 2011 were
Antworten
-
criminal activity against servers
-
viruses
-
code insertion
-
data loss on a user computer
Frage 14
Frage
Malware infection remains the most common type of attack experienced
Antworten
- True
- False
Frage 15
Frage
Insider abuse of internet or email remains very high
Antworten
- True
- False
Frage 16
Frage
IDS stands for [blank_start]Intrusion Detection System[blank_end]
Antworten
-
Intrusion Detection System
Frage 17
Frage
The number one rule in data privacy is "don't collect what you don't absolutely need"
Antworten
- True
- False
Frage 18
Frage
A security policy must contain
Antworten
-
what sensitive data may be stored
-
how sensitive data will be processed
-
what data can be shared with other organizations
-
how employees and others can obtain data about themselves
-
how employees and others can request changes to inaccurate data about themselves
-
What employees can do with their own mobile devices at work
-
what non-organizational activities an employee can take with employee-owned equipment
Frage 19
Frage
The five IS components are
Antworten
-
hardware
-
software
-
data
-
procedures
-
people
Frage 20
Frage
Technical safeguards to involve hardware and software and include
Antworten
-
identification and authorization
-
encryption
-
firewalls
-
malware protection
-
application design
Frage 21
Frage
Data safeguards includes
Antworten
-
the definition of data rights and responsibilities
-
passwords
-
encryption
-
backup and recovery
-
physical security
Frage 22
Frage
Human safeguards involving procedures and people include
Antworten
-
hiring practices
-
training
-
education
-
procedure design
-
administration
-
assessment
-
compliance
-
accountability
Frage 23
Frage
Identification and authentication are most often performed using a userid/password pair
Antworten
- True
- False
Frage 24
Frage
Malware includes viruses, trojans, spyware, adware, keystroke loggers, erc.
Antworten
- True
- False
Frage 25
Frage
SSL uses asymmetric encryption
Antworten
- True
- False
Frage 26
Frage
SSL stands for [blank_start]Secure Sockets Layer[blank_end]
Antworten
-
Secure Sockets Layer
Frage 27
Frage
DMZ stands for [blank_start]demilitarized zone[blank_end]
Antworten
-
demilitarized zone
Frage 28
Frage
A common network design has servers exposed to the internet located between two firewalls in the DMZ.
Antworten
- True
- False
Frage 29
Frage
Safeguards against malware include
Antworten
-
using antivirus and antispyware programs
-
performing frequent scans
-
update malware definitions frequently
-
open email from known sources only
-
install software updates ASAP
-
browse only reputable internet neighbourhoods
Frage 30
Frage
SQL injection is the most common cause of data disclosure
Antworten
- True
- False
Frage 31
Frage
SQL injections are successful when forms are poorly designed
Antworten
- True
- False
Frage 32
Frage
Human safeguards to protect against security threats include
Antworten
-
separation of duties
-
providing access based on concept of least privilege
-
classify data based on confidentiality and sensitivity
-
thorough hiring and screening practices
-
security awareness programs
-
friendly termination procedures
Frage 33
Frage
Security threats can be reduced through account administration by
Antworten
-
having standards for account administration which include rules for modifying permissions and deletion of inactive accounts
-
requiring passwords be changed regularly
-
Help Desk policies regarding password resets etc.
Frage 34
Frage
All employees should be required to sign an access agreement form which states that they will follow company policies
Antworten
- True
- False
Frage 35
Frage
Response plans for security incidents must be in place, just like disaster plans
Antworten
- True
- False
Frage 36
Frage
A speedy response to any suspected security incident is essential
Antworten
- True
- False
Frage 37
Frage
An Advanced Persistent Threat involves a multi-step attack usually targeted at a large business or government.
Antworten
- True
- False
Möchten Sie mit GoConqr kostenlos Ihre eigenen Quiz erstellen? eigenen Mehr erfahren.