nsf_01

Beschreibung

intro
865 538
Quiz von 865 538, aktualisiert more than 1 year ago
865 538
Erstellt von 865 538 vor fast 8 Jahre
41
0

Zusammenfassung der Ressource

Frage 1

Frage
The single most expensive malicious attack was the 2000 __, which cost an estimated $8.7 billion.
Antworten
  • a. Love Bug
  • b. Nimda
  • c. Slammer
  • d. Code Red

Frage 2

Frage
The __ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.
Antworten
  • a. USA Patriot
  • b. Gramm-Leach-Bliley
  • c. California Database Security Breach
  • d. Sarbanes-Oxley

Frage 3

Frage
Under the __, health care enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format.
Antworten
  • a. HLPDA
  • b. USHIPA
  • c. HIPAA
  • d. HCPA

Frage 4

Frage
What is another name for unsolicited e-mail messages?
Antworten
  • a. trash
  • b. scam
  • c. spawn
  • d. spam

Frage 5

Frage
__ ensures that information is correct and that no unauthorized person or malicious software has altered that data
Antworten
  • a. Identity
  • b. Confidentiality
  • c. Integrity
  • d. Availability

Frage 6

Frage
__ ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter.
Antworten
  • a. Encryption
  • b. Authentication
  • c. Accounting
  • d. Authorization

Frage 7

Frage
A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts.
Antworten
  • a. 10 to 14
  • b. 14 to 16
  • c. 12 to 15
  • d. 13 to 14

Frage 8

Frage
In information security, an example of a threat agent can be ____.
Antworten
  • a. a force of nature such as a tornado that could destroy computer equipment
  • b. a virus that attacks a computer network
  • c. Both a and d
  • d. an unsecured computer network

Frage 9

Frage
Weakness in software can be more quickly uncovered and exploited with new software tools and techniques.
Antworten
  • True
  • False

Frage 10

Frage
The demand for IT professionals who know how to secure networks and computers is at an all-time low.
Antworten
  • True
  • False

Frage 11

Frage
Which of the following is NOT a characteristic of Advanced Persistent Threat (APT)?
Antworten
  • a. can span several years
  • b. targets sensitive propriety information
  • c. uses advanced tools and techniques
  • d. is only used by hactivists against foreign enemies

Frage 12

Frage
Which of the following was used to describe attackers who would break into a computer system without the owner's permission and publicly disclose the vulnerability?
Antworten
  • a. white hat hackers
  • b. black hat hackers
  • c. blue hat hackers
  • d. gray hat hackers

Frage 13

Frage
Which of the following is NOT a reason why it is difficult to defend against today's attackers?
Antworten
  • a. increased speed of attacks
  • b. simplicity of attack tools
  • c. greater sophistication of defense tools
  • d. delays in security updating

Frage 14

Frage
Why can brokers command such a high price for what they sell?
Antworten
  • a. Brokers are licensed professionals.
  • b. The attack targets are always wealthy corporations.
  • c. The vulnerability was previously unknown and is unlikely to be patched quickly.
  • d. Brokers work in teams and all the members must be compensated.

Frage 15

Frage
Which phrase describes the term "security" in a general sense.
Antworten
  • a. protection from only direct actions
  • b. using reverse attack vectors (RAV) for protection
  • c. only available on hardened computers and systems
  • d. the necessary steps to protect a person or property from harm

Frage 16

Frage
____ ensures that only authorized parties can view the information.
Antworten
  • a. Confidentiality
  • b. Availability
  • c. Authorization
  • d. Integrity

Frage 17

Frage
Each of the following is a successive layer in which information security is achieved EXCEPT ____.
Antworten
  • a. products
  • b. purposes
  • c. procedures
  • d. people

Frage 18

Frage
What is a person or element that has the power to carry out a threat.
Antworten
  • a. threat agent
  • b. exploiter
  • c. risk agent
  • d. vulnerability

Frage 19

Frage
____ ensures that individuals are why they claim to be.
Antworten
  • a. Demonstration
  • b. Accounting
  • c. Authentication
  • d. Certification

Frage 20

Frage
What is the difference between a hactivist and a cyberterrorist?
Antworten
  • a. A hactivist is motivated by ideology while a cyberterrorist is not.
  • b. Cyberterrorists always work in groups while hactivists work alone.
  • c. The aim of a hactivist is not to incite panic like cyberterrorists.
  • d. Cyberterrorists are better funded than hactivists.

Frage 21

Frage
Each of the following is a goal of information security EXCEPT ____.
Antworten
  • a. avoid legal consequences
  • b. foil cyberterrorism
  • c. prevent data theft
  • d. limit access control

Frage 22

Frage
Which act requires enterprises to guard protected health information and implement policies and procedures to safeguard it?
Antworten
  • a. Hospital Protection and Insurance Association Agreement (HPIAA)
  • b. Sarbanes-Oxley (Sarbox)
  • c. Gramm-Leach-Bliley Act (GLBA)
  • d. Health Insurance Portability and Accountability Act (HIPAA)

Frage 23

Frage
Why do cyberterrorists target power plants, air traffic control centers, and water systems?
Antworten
  • a. These targets have notoriously weak security and are easy to penetrate.
  • b. They can cause significant disruption by destroying only a few targets.
  • c. These targets are government-regulated and any successful attack would be considered a major victory.
  • d. The targets are privately owned and cannot afford high levels of security.

Frage 24

Frage
What is the first step in the Cyber Kill Chain?
Antworten
  • a. weaponization
  • b. exploitation
  • c. actions on objectives
  • d. reconnaissance

Frage 25

Frage
An organization that purchased security products from different vendors is demonstrating which security principle?
Antworten
  • a. obscurity
  • b. diversity
  • c. limiting
  • d. layering

Frage 26

Frage
Each of the following can be classified an "insider" EXCEPT ____.
Antworten
  • a. business partners
  • b. contractors
  • c. stockholders
  • d. employees

Frage 27

Frage
What are attackers called who belong to a network of identity thieves and financial fraudsters?
Antworten
  • a. cybercriminals
  • b. script kiddies
  • c. hackers
  • d. brokers

Frage 28

Frage
What is an objective of state-sponsored attackers?
Antworten
  • a. to right a perceived wrong
  • b. to spy on citizens
  • c. to sell vulnerabilities to the highest bidder
  • d. fortune instead of fame

Frage 29

Frage
An example of ____ is not reveling they type of computer, operating system, software, and network connection a computer uses.
Antworten
  • a. layering
  • b. diversity
  • c. obscurity
  • d. limiting

Frage 30

Frage
The ____ is primarily responsible for accessing, managing, and implementing security.
Antworten
  • a. security administrator
  • b. security manager
  • c. security technician
  • d. chief information security officer (CISO)
Zusammenfassung anzeigen Zusammenfassung ausblenden

ähnlicher Inhalt

nsf_03
865 538
nz ns gm
Gene Miranda
nsf_02
865 538
nsf_09(11)
865 538
nsf_04(15)
865 538
nsf_05(4)
865 538
nsf_06(7)
865 538
nsf_07(8)
865 538
nsf_08(9)
865 538
Dioses
Andres Tejada
Qualitative und Quantitative Forschungsmethoden
Clarissa Müller-Stengel