Ch 1

Description

Ch. 1 midterm practice
C Danvers
Quiz by C Danvers, updated more than 1 year ago
C Danvers
Created by C Danvers over 6 years ago
230
0

Resource summary

Question 1

Question
To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack?
Answer
  • Slammer
  • Code Red
  • Love Bug
  • Nimda

Question 2

Question
Which term is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so?
Answer
  • cyberterrorist
  • cybercriminal
  • script kiddies
  • hacker

Question 3

Question
What class of attacks use innovative attack tools and once a system is infected it silently extracts data over an extended period?
Answer
  • Inside Attacks
  • Embedded Attacks
  • Advanced Persistent Threat
  • Modified Threat

Question 4

Question
Which position below is considered an entry-level position for a person who has the necessary technical skills?
Answer
  • security administrator
  • security manager
  • CISO
  • security technician

Question 5

Question
What term is used to describe state-sponsored attackers that are used for launching computer attacks against their foes?
Answer
  • nation state threats
  • state hackers
  • nation state actors
  • cyber military

Question 6

Question
Which of the three protections ensures that only authorized parties can view information?
Answer
  • confidentiality
  • integrity
  • security
  • availability

Question 7

Question
What term best describes any premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by subnational groups or clandestine agents?
Answer
  • hacking
  • cybercriminal
  • cracking
  • cyberterrorism

Question 8

Question
The CompTIA Security+ certification is a vendor-neutral credential
Answer
  • True
  • False

Question 9

Question
What type of diversity is being implemented if a company is using multiple security products from different manufacturers?
Answer
  • vendor-control security
  • manufacturer diversity
  • vendor diversity
  • multiple-product security

Question 10

Question
Which of the following is a common security framework? (Choose all that apply.)
Answer
  • ISO
  • COBIT
  • ASA
  • RFC

Question 11

Question
A vulnerability is a flaw or weakness that allows a threat to bypass security.
Answer
  • True
  • False

Question 12

Question
Successful attacks are usually not from software that is poorly designed and has architecture/design weaknesses.
Answer
  • True
  • False

Question 13

Question
The Sarbanes-Oxley Act restricts electronic and paper data containing personally identifiable financial information.
Answer
  • True
  • False

Question 14

Question
Select the term that best describes automated attack software?
Answer
  • open-source utility
  • intrusion application
  • open-source intelligence
  • insider software

Question 15

Question
What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?
Answer
  • social scam
  • cyberterrorism
  • identity theft
  • phishing

Question 16

Question
The Security Administrator reports directly to the CIO.
Answer
  • True
  • False

Question 17

Question
Which of the following are considered threat actors? (Choose all that apply.)
Answer
  • competitors
  • brokers
  • individuals
  • administrators

Question 18

Question
Under which laws are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?
Answer
  • USHIPA
  • HIPAA
  • HLPDA
  • HCPA

Question 19

Question
Smart phones give the owner of the device the ability to download security updates.
Answer
  • True
  • False

Question 20

Question
What process describes using technology as a basis for controlling the access and usage of sensitive data?
Answer
  • control diversity
  • vendor diversity
  • technical controls
  • administrative controls

Question 21

Question
Which of the following describes various supporting structures for implementing security that provides a resource of how to create a secure IT environment? (Choose all that apply.)
Answer
  • reference architectures
  • industry-standard frameworks
  • reference frameworks
  • regulatory frameworks

Question 22

Question
To mitigate risk is the attempt to address risk by making the risk less serious
Answer
  • True
  • False

Question 23

Question
What term describes a layered security approach that provides the most comprehensive protection?
Answer
  • defense-in-depth
  • diverse-defense
  • limiting-defense
  • comprehensive-security

Question 24

Question
In what kind of attack can attackers make use of millions of computers under their control in an attack against a single server or network?
Answer
  • remote
  • distributed
  • centered
  • local

Question 25

Question
One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government.
Answer
  • True
  • False

Question 26

Question
What information security position reports to the CISO and supervises technicians, administrators, and security staff?
Answer
  • security auditor
  • security manager
  • security administrator
  • security engineer

Question 27

Question
In information security, what can constitute a loss?
Answer
  • the loss of good will or reputation
  • all of the above
  • theft of information
  • a delay in transmitting information that results in a financial penalty

Question 28

Question
As security is increased, convenience is often increased.
Answer
  • True
  • False

Question 29

Question
Which of the following ensures that data is accessible to authorized users?
Answer
  • identity
  • integrity
  • confidentiality
  • availability

Question 30

Question
What term refers to an action that provides an immediate solution to a problem by cutting through the complexity that surrounds it?
Answer
  • secure solution
  • silver bullet
  • approved action
  • unicorn

Question 31

Question
Which term below is frequently used to describe the tasks of securing information that is in a digital format?
Answer
  • logical security
  • physical security
  • information security
  • network security

Question 32

Question
In information security, which of the following is an example of a threat actor?
Answer
  • all of the above
  • a force of nature such as a tornado that could destroy computer equipment
  • a virus that attacks a computer network
  • a person attempting to break into a secure computer network

Question 33

Question
Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information?
Answer
  • Sarbanes-Oxley
  • California Database Security Breach
  • USA Patriot
  • Gramm-Leach-Bliley

Question 34

Question
Select the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.
Answer
  • availability
  • identity
  • integrity
  • confidentiality

Question 35

Question
What term is used to describe a group that is strongly motivated by ideology, but is usually not considered to be well-defined and well-organized?
Answer
  • hactivists
  • hacker
  • script kiddies
  • cyberterrorist

Question 36

Question
Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?
Answer
  • $500,000
  • $50,000
  • $1,500,000
  • $250,000

Question 37

Question
What level of security access should a computer user have to do their job?
Answer
  • password protected
  • authorized access
  • limiting amount
  • least amount

Question 38

Question
Which of the following is a valid fundamental security principle? (Choose all that apply.)
Answer
  • simplicity
  • layering
  • signature
  • diversity

Question 39

Question
Brokers steal new product research or a list of current customers to gain a competitive advantage.
Answer
  • True
  • False

Question 40

Question
According to the U.S. Bureau of Labor Statistics, what percentage of growth for information security analysts is the available job outlook supposed to reach through 2024?
Answer
  • 18
  • 27
  • 10
  • 15
Show full summary Hide full summary

Similar

CCNA Security 210-260 IINS - Exam 3
Mike M
Application of technology in learning
Jeff Wall
Innovative Uses of Technology
John Marttila
Ch1 - The nature of IT Projects
mauricio5509
The Internet
Gee_0599
CCNA Answers – CCNA Exam
Abdul Demir
SQL Quiz
R M
Professional, Legal, and Ethical Issues in Information Security
mfundo.falteni
System Analysis
R A
Flash Cards Networks
JJ Pro Wrestler
EDUC260- Multimodal Literacies for a Digital Age
angelwoo2002