nsf_01

Description

intro
865 538
Quiz by 865 538, updated more than 1 year ago
865 538
Created by 865 538 almost 8 years ago
41
0

Resource summary

Question 1

Question
The single most expensive malicious attack was the 2000 __, which cost an estimated $8.7 billion.
Answer
  • a. Love Bug
  • b. Nimda
  • c. Slammer
  • d. Code Red

Question 2

Question
The __ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.
Answer
  • a. USA Patriot
  • b. Gramm-Leach-Bliley
  • c. California Database Security Breach
  • d. Sarbanes-Oxley

Question 3

Question
Under the __, health care enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format.
Answer
  • a. HLPDA
  • b. USHIPA
  • c. HIPAA
  • d. HCPA

Question 4

Question
What is another name for unsolicited e-mail messages?
Answer
  • a. trash
  • b. scam
  • c. spawn
  • d. spam

Question 5

Question
__ ensures that information is correct and that no unauthorized person or malicious software has altered that data
Answer
  • a. Identity
  • b. Confidentiality
  • c. Integrity
  • d. Availability

Question 6

Question
__ ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter.
Answer
  • a. Encryption
  • b. Authentication
  • c. Accounting
  • d. Authorization

Question 7

Question
A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts.
Answer
  • a. 10 to 14
  • b. 14 to 16
  • c. 12 to 15
  • d. 13 to 14

Question 8

Question
In information security, an example of a threat agent can be ____.
Answer
  • a. a force of nature such as a tornado that could destroy computer equipment
  • b. a virus that attacks a computer network
  • c. Both a and d
  • d. an unsecured computer network

Question 9

Question
Weakness in software can be more quickly uncovered and exploited with new software tools and techniques.
Answer
  • True
  • False

Question 10

Question
The demand for IT professionals who know how to secure networks and computers is at an all-time low.
Answer
  • True
  • False

Question 11

Question
Which of the following is NOT a characteristic of Advanced Persistent Threat (APT)?
Answer
  • a. can span several years
  • b. targets sensitive propriety information
  • c. uses advanced tools and techniques
  • d. is only used by hactivists against foreign enemies

Question 12

Question
Which of the following was used to describe attackers who would break into a computer system without the owner's permission and publicly disclose the vulnerability?
Answer
  • a. white hat hackers
  • b. black hat hackers
  • c. blue hat hackers
  • d. gray hat hackers

Question 13

Question
Which of the following is NOT a reason why it is difficult to defend against today's attackers?
Answer
  • a. increased speed of attacks
  • b. simplicity of attack tools
  • c. greater sophistication of defense tools
  • d. delays in security updating

Question 14

Question
Why can brokers command such a high price for what they sell?
Answer
  • a. Brokers are licensed professionals.
  • b. The attack targets are always wealthy corporations.
  • c. The vulnerability was previously unknown and is unlikely to be patched quickly.
  • d. Brokers work in teams and all the members must be compensated.

Question 15

Question
Which phrase describes the term "security" in a general sense.
Answer
  • a. protection from only direct actions
  • b. using reverse attack vectors (RAV) for protection
  • c. only available on hardened computers and systems
  • d. the necessary steps to protect a person or property from harm

Question 16

Question
____ ensures that only authorized parties can view the information.
Answer
  • a. Confidentiality
  • b. Availability
  • c. Authorization
  • d. Integrity

Question 17

Question
Each of the following is a successive layer in which information security is achieved EXCEPT ____.
Answer
  • a. products
  • b. purposes
  • c. procedures
  • d. people

Question 18

Question
What is a person or element that has the power to carry out a threat.
Answer
  • a. threat agent
  • b. exploiter
  • c. risk agent
  • d. vulnerability

Question 19

Question
____ ensures that individuals are why they claim to be.
Answer
  • a. Demonstration
  • b. Accounting
  • c. Authentication
  • d. Certification

Question 20

Question
What is the difference between a hactivist and a cyberterrorist?
Answer
  • a. A hactivist is motivated by ideology while a cyberterrorist is not.
  • b. Cyberterrorists always work in groups while hactivists work alone.
  • c. The aim of a hactivist is not to incite panic like cyberterrorists.
  • d. Cyberterrorists are better funded than hactivists.

Question 21

Question
Each of the following is a goal of information security EXCEPT ____.
Answer
  • a. avoid legal consequences
  • b. foil cyberterrorism
  • c. prevent data theft
  • d. limit access control

Question 22

Question
Which act requires enterprises to guard protected health information and implement policies and procedures to safeguard it?
Answer
  • a. Hospital Protection and Insurance Association Agreement (HPIAA)
  • b. Sarbanes-Oxley (Sarbox)
  • c. Gramm-Leach-Bliley Act (GLBA)
  • d. Health Insurance Portability and Accountability Act (HIPAA)

Question 23

Question
Why do cyberterrorists target power plants, air traffic control centers, and water systems?
Answer
  • a. These targets have notoriously weak security and are easy to penetrate.
  • b. They can cause significant disruption by destroying only a few targets.
  • c. These targets are government-regulated and any successful attack would be considered a major victory.
  • d. The targets are privately owned and cannot afford high levels of security.

Question 24

Question
What is the first step in the Cyber Kill Chain?
Answer
  • a. weaponization
  • b. exploitation
  • c. actions on objectives
  • d. reconnaissance

Question 25

Question
An organization that purchased security products from different vendors is demonstrating which security principle?
Answer
  • a. obscurity
  • b. diversity
  • c. limiting
  • d. layering

Question 26

Question
Each of the following can be classified an "insider" EXCEPT ____.
Answer
  • a. business partners
  • b. contractors
  • c. stockholders
  • d. employees

Question 27

Question
What are attackers called who belong to a network of identity thieves and financial fraudsters?
Answer
  • a. cybercriminals
  • b. script kiddies
  • c. hackers
  • d. brokers

Question 28

Question
What is an objective of state-sponsored attackers?
Answer
  • a. to right a perceived wrong
  • b. to spy on citizens
  • c. to sell vulnerabilities to the highest bidder
  • d. fortune instead of fame

Question 29

Question
An example of ____ is not reveling they type of computer, operating system, software, and network connection a computer uses.
Answer
  • a. layering
  • b. diversity
  • c. obscurity
  • d. limiting

Question 30

Question
The ____ is primarily responsible for accessing, managing, and implementing security.
Answer
  • a. security administrator
  • b. security manager
  • c. security technician
  • d. chief information security officer (CISO)
Show full summary Hide full summary

Similar

nsf_03
865 538
nz ns gm
Gene Miranda
nsf_02
865 538
nsf_09(11)
865 538
nsf_04(15)
865 538
nsf_05(4)
865 538
nsf_06(7)
865 538
nsf_07(8)
865 538
nsf_08(9)
865 538
Dioses
Andres Tejada
Physics: Energy resources and energy transfer
katgads