3955838
Pregunta 1
Pregunta
Information security is made up of
Respuesta
-
threats
-
vulnerabilities
-
safeguards
-
targets
Pregunta 2
Pregunta
Threats can be human or man-made.
Respuesta
- True
- False
Pregunta 3
Pregunta
Common crimes that results in unauthorized data disclosure are
Respuesta
-
pretexting
-
phishing
-
spoofing
-
sniffing
-
hacking
Pregunta 4
Pregunta
Spoofing involves altering header information, etc. to cause the recipient to trust an email they otherwise would not.
Respuesta
- True
- False
Pregunta 5
Pregunta
Data can be changed or lost during a natural disaster due to problems recovering data.
Respuesta
- True
- False
Pregunta 6
Pregunta
the two common types of spoofing are
Respuesta
-
email
-
IP
Pregunta 7
Pregunta
Incorrect data modification can be caused by
Respuesta
-
procedures not followed or incorrectly designed
-
improper internal controls on systems
-
system errors
-
faulty recovery actions after a disaster
Pregunta 8
Pregunta
Reasons a service can become faulty are
Respuesta
-
incorrect data modification
-
systems working incorrectly
-
procedural mistakes
-
programming errors
-
IT installation errors
-
Usurpation
-
denial of service (unintentional)
-
denial of service (intentional)
Pregunta 9
Pregunta
DDOS stands for [blank_start]Distributed Denial of Service[blank_end]
Respuesta
-
Distributed Denial of Service
Pregunta 10
Pregunta
Loss of infrastructure can be caused by
Respuesta
-
human accidents
-
theft and terrorist events
-
a disgruntled or terminated employee
-
natural disaster
-
Advanced Persistent Threat (APT) or cyberwarfare
Pregunta 11
Pregunta
APT stands for [blank_start]Advanced Persistent Threat[blank_end]
Respuesta
-
Advanced Persistent Threat
Pregunta 12
Pregunta
Data theft is most serious in large companies.
Respuesta
- True
- False
Pregunta 13
Pregunta
The four most common computer crimes in 2011 were
Respuesta
-
criminal activity against servers
-
viruses
-
code insertion
-
data loss on a user computer
Pregunta 14
Pregunta
Malware infection remains the most common type of attack experienced
Respuesta
- True
- False
Pregunta 15
Pregunta
Insider abuse of internet or email remains very high
Respuesta
- True
- False
Pregunta 16
Pregunta
IDS stands for [blank_start]Intrusion Detection System[blank_end]
Respuesta
-
Intrusion Detection System
Pregunta 17
Pregunta
The number one rule in data privacy is "don't collect what you don't absolutely need"
Respuesta
- True
- False
Pregunta 18
Pregunta
A security policy must contain
Respuesta
-
what sensitive data may be stored
-
how sensitive data will be processed
-
what data can be shared with other organizations
-
how employees and others can obtain data about themselves
-
how employees and others can request changes to inaccurate data about themselves
-
What employees can do with their own mobile devices at work
-
what non-organizational activities an employee can take with employee-owned equipment
Pregunta 19
Pregunta
The five IS components are
Respuesta
-
hardware
-
software
-
data
-
procedures
-
people
Pregunta 20
Pregunta
Technical safeguards to involve hardware and software and include
Respuesta
-
identification and authorization
-
encryption
-
firewalls
-
malware protection
-
application design
Pregunta 21
Pregunta
Data safeguards includes
Respuesta
-
the definition of data rights and responsibilities
-
passwords
-
encryption
-
backup and recovery
-
physical security
Pregunta 22
Pregunta
Human safeguards involving procedures and people include
Respuesta
-
hiring practices
-
training
-
education
-
procedure design
-
administration
-
assessment
-
compliance
-
accountability
Pregunta 23
Pregunta
Identification and authentication are most often performed using a userid/password pair
Respuesta
- True
- False
Pregunta 24
Pregunta
Malware includes viruses, trojans, spyware, adware, keystroke loggers, erc.
Respuesta
- True
- False
Pregunta 25
Pregunta
SSL uses asymmetric encryption
Respuesta
- True
- False
Pregunta 26
Pregunta
SSL stands for [blank_start]Secure Sockets Layer[blank_end]
Respuesta
-
Secure Sockets Layer
Pregunta 27
Pregunta
DMZ stands for [blank_start]demilitarized zone[blank_end]
Respuesta
-
demilitarized zone
Pregunta 28
Pregunta
A common network design has servers exposed to the internet located between two firewalls in the DMZ.
Respuesta
- True
- False
Pregunta 29
Pregunta
Safeguards against malware include
Respuesta
-
using antivirus and antispyware programs
-
performing frequent scans
-
update malware definitions frequently
-
open email from known sources only
-
install software updates ASAP
-
browse only reputable internet neighbourhoods
Pregunta 30
Pregunta
SQL injection is the most common cause of data disclosure
Respuesta
- True
- False
Pregunta 31
Pregunta
SQL injections are successful when forms are poorly designed
Respuesta
- True
- False
Pregunta 32
Pregunta
Human safeguards to protect against security threats include
Respuesta
-
separation of duties
-
providing access based on concept of least privilege
-
classify data based on confidentiality and sensitivity
-
thorough hiring and screening practices
-
security awareness programs
-
friendly termination procedures
Pregunta 33
Pregunta
Security threats can be reduced through account administration by
Respuesta
-
having standards for account administration which include rules for modifying permissions and deletion of inactive accounts
-
requiring passwords be changed regularly
-
Help Desk policies regarding password resets etc.
Pregunta 34
Pregunta
All employees should be required to sign an access agreement form which states that they will follow company policies
Respuesta
- True
- False
Pregunta 35
Pregunta
Response plans for security incidents must be in place, just like disaster plans
Respuesta
- True
- False
Pregunta 36
Pregunta
A speedy response to any suspected security incident is essential
Respuesta
- True
- False
Pregunta 37
Pregunta
An Advanced Persistent Threat involves a multi-step attack usually targeted at a large business or government.
Respuesta
- True
- False
¿Quieres crear tus propios Tests gratis con GoConqr? Más información.