IFMG 300 |Chapter 12

Description

Quiz on IFMG 300 |Chapter 12, created by bjduguid on 04/11/2015.
bjduguid
Quiz by bjduguid, updated more than 1 year ago
bjduguid
Created by bjduguid about 9 years ago
9
0

Resource summary

Question 1

Question
Information security is made up of
Answer
  • threats
  • vulnerabilities
  • safeguards
  • targets

Question 2

Question
Threats can be human or man-made.
Answer
  • True
  • False

Question 3

Question
Common crimes that results in unauthorized data disclosure are
Answer
  • pretexting
  • phishing
  • spoofing
  • sniffing
  • hacking

Question 4

Question
Spoofing involves altering header information, etc. to cause the recipient to trust an email they otherwise would not.
Answer
  • True
  • False

Question 5

Question
Data can be changed or lost during a natural disaster due to problems recovering data.
Answer
  • True
  • False

Question 6

Question
the two common types of spoofing are
Answer
  • email
  • IP

Question 7

Question
Incorrect data modification can be caused by
Answer
  • procedures not followed or incorrectly designed
  • improper internal controls on systems
  • system errors
  • faulty recovery actions after a disaster

Question 8

Question
Reasons a service can become faulty are
Answer
  • incorrect data modification
  • systems working incorrectly
  • procedural mistakes
  • programming errors
  • IT installation errors
  • Usurpation
  • denial of service (unintentional)
  • denial of service (intentional)

Question 9

Question
DDOS stands for [blank_start]Distributed Denial of Service[blank_end]
Answer
  • Distributed Denial of Service

Question 10

Question
Loss of infrastructure can be caused by
Answer
  • human accidents
  • theft and terrorist events
  • a disgruntled or terminated employee
  • natural disaster
  • Advanced Persistent Threat (APT) or cyberwarfare

Question 11

Question
APT stands for [blank_start]Advanced Persistent Threat[blank_end]
Answer
  • Advanced Persistent Threat

Question 12

Question
Data theft is most serious in large companies.
Answer
  • True
  • False

Question 13

Question
The four most common computer crimes in 2011 were
Answer
  • criminal activity against servers
  • viruses
  • code insertion
  • data loss on a user computer

Question 14

Question
Malware infection remains the most common type of attack experienced
Answer
  • True
  • False

Question 15

Question
Insider abuse of internet or email remains very high
Answer
  • True
  • False

Question 16

Question
IDS stands for [blank_start]Intrusion Detection System[blank_end]
Answer
  • Intrusion Detection System

Question 17

Question
The number one rule in data privacy is "don't collect what you don't absolutely need"
Answer
  • True
  • False

Question 18

Question
A security policy must contain
Answer
  • what sensitive data may be stored
  • how sensitive data will be processed
  • what data can be shared with other organizations
  • how employees and others can obtain data about themselves
  • how employees and others can request changes to inaccurate data about themselves
  • What employees can do with their own mobile devices at work
  • what non-organizational activities an employee can take with employee-owned equipment

Question 19

Question
The five IS components are
Answer
  • hardware
  • software
  • data
  • procedures
  • people

Question 20

Question
Technical safeguards to involve hardware and software and include
Answer
  • identification and authorization
  • encryption
  • firewalls
  • malware protection
  • application design

Question 21

Question
Data safeguards includes
Answer
  • the definition of data rights and responsibilities
  • passwords
  • encryption
  • backup and recovery
  • physical security

Question 22

Question
Human safeguards involving procedures and people include
Answer
  • hiring practices
  • training
  • education
  • procedure design
  • administration
  • assessment
  • compliance
  • accountability

Question 23

Question
Identification and authentication are most often performed using a userid/password pair
Answer
  • True
  • False

Question 24

Question
Malware includes viruses, trojans, spyware, adware, keystroke loggers, erc.
Answer
  • True
  • False

Question 25

Question
SSL uses asymmetric encryption
Answer
  • True
  • False

Question 26

Question
SSL stands for [blank_start]Secure Sockets Layer[blank_end]
Answer
  • Secure Sockets Layer

Question 27

Question
DMZ stands for [blank_start]demilitarized zone[blank_end]
Answer
  • demilitarized zone

Question 28

Question
A common network design has servers exposed to the internet located between two firewalls in the DMZ.
Answer
  • True
  • False

Question 29

Question
Safeguards against malware include
Answer
  • using antivirus and antispyware programs
  • performing frequent scans
  • update malware definitions frequently
  • open email from known sources only
  • install software updates ASAP
  • browse only reputable internet neighbourhoods

Question 30

Question
SQL injection is the most common cause of data disclosure
Answer
  • True
  • False

Question 31

Question
SQL injections are successful when forms are poorly designed
Answer
  • True
  • False

Question 32

Question
Human safeguards to protect against security threats include
Answer
  • separation of duties
  • providing access based on concept of least privilege
  • classify data based on confidentiality and sensitivity
  • thorough hiring and screening practices
  • security awareness programs
  • friendly termination procedures

Question 33

Question
Security threats can be reduced through account administration by
Answer
  • having standards for account administration which include rules for modifying permissions and deletion of inactive accounts
  • requiring passwords be changed regularly
  • Help Desk policies regarding password resets etc.

Question 34

Question
All employees should be required to sign an access agreement form which states that they will follow company policies
Answer
  • True
  • False

Question 35

Question
Response plans for security incidents must be in place, just like disaster plans
Answer
  • True
  • False

Question 36

Question
A speedy response to any suspected security incident is essential
Answer
  • True
  • False

Question 37

Question
An Advanced Persistent Threat involves a multi-step attack usually targeted at a large business or government.
Answer
  • True
  • False
Show full summary Hide full summary

Similar

Managing Information Systems
Clair Hat
Prefixe
biologa.dri
Multiple Choice type questions
Kingsley Enyiorj
CIS 200
Madalyn Geuke
MIS quiz
Ben Swift
IFMG Chapter 4
bjduguid
IFMG 300 Chapter 5
bjduguid
Chapter 9 quiz
bjduguid
IFMG Chapter 11 quiz
bjduguid
IFMG Chapter 10 quiz
bjduguid