Chapter 1 & 2
Which of the following ensures that information is correct and no unauthorized person or malicious software has altered it?
Integrity
Viewing information that is entered by another person
Shoulder Surfing
The weakness of passwords centers on human memory.
True
In the U.S., if a consumer finds a problem on her credit report, she must first send a letter to the credit-reporting agency. Under federal law, how many days does the agency have to investigate and respond to the alleged inaccuracy and issue a corrected report?
30
From January 2005 through July 2015, approximately how many electronic data records in the United States were breached, exposing to attackers a range of personal electronic data, such as address, Social Security numbers, health records, and credit card numbers?
853 million
Where are you most likely to find a PKES system?
An automobile
The steps that ensure that the individual is who he or she claims to be
Authentication
Which of the following ensures that data is accessible when needed to authorized users?
Availability
A password attack in which every possible combination of letters, numbers, and characters is used to match passwords in a stolen password file
Brute force attack
A password attack that compares common dictionary words against those in a stolen password file.
Dictionary Attack
Technically speaking, the process for creating a password digital representation is based on a hash algorithm, which creates a(n) ____________________.
Digest
Which technique might an attacker employ to find documents that may reveal the true level of security within an organization?
Dumpster diving
____________________ involves digging through trash receptacles to find information that can be useful in an attack.
Dumpster diving
What is NOT a factor that contributes to difficulties faced in defending against attacks?
Enhanced encryption algorithms
What law contains rules regarding consumer privacy?
Fair and Accurate Credit Transactions Act
Describe phishing
Fake e-mails contain links to websites that only appear to be genuine and request personal information.
Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information?
GLBA
Under which law must healthcare enterprises guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format?
HIPAA
In the past, which term was commonly used to refer to a person who uses advanced computer skills to attack computers?
Hacker
A(n) ____________________ is a false warning, often contained in an e-mail message claiming to come from the IT department.
Hoax
What type of attack is a false warning, often contained in an email message claiming to come from the information technology (IT) department?
Hoaxes
Which of the following involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?
Identity theft
Which of the following involves using someone's personal information, such as a Social Security number, to fraudulently establish bank or credit card accounts?
Identity theft
What type of attacker is most likely to use information you have posted about yourself on a social networking site?
Identity thief
Which attacker category might have the objective of retaliation against an employer?
Insider
Which document identifies individuals within the organization who are in positions of authority?
Organizational charts
A secret combination of letters, numbers, and/or symbols that serves to authenticate a user by what he or she knows
Password
Which term is best described as individuals who want to attack computers yet who lack the knowledge of computers and networks needed to do so?
Script kiddies
Grouping individuals and organizations into clusters based on an affiliation
Social Engineering
Which of the following is a type of action that has the potential to cause harm?
Threat
FACTA grants consumers the right to request one free credit report from each of the three national credit-reporting firms every 12 months.
True
When creating passwords, the most important principle is that length is more important than complexity.
True
Redirecting a user to a fictitious website based on a misspelling of the URL
Typo Squatting
What is the best approach to establishing strong security with passwords?
Use technology for managing passwords
A phishing attack in which the attacker calls the victim on the telephone
Vishing
A phishing attack that targets wealthy individuals
Whaling
How do attackers today make it difficult to distinguish an attack from legitimate traffic?
by using common Internet protocols
What can an attacker use to divert all mail to their post office box so that the victim is never aware that personal information has been stolen?
change-of-address form
Which of the following is a numerical measurement used by lenders to assess a consumer's creditworthiness?
credit score
Terrorists who turn their attacks to the network and computer infrastructure to cause panic among citizens are known as which of the following?
cyberterrorists
What type of attack begins with the attacker creating digests of common dictionary words, and then comparing those in a stolen password file?
dictionary
How often does FACTA grants consumers the right to request one free credit report from each of the three national credit-reporting firms?
every 12 months
What term is frequently used to describe the tasks of securing information that is in a digital format?
information security
Security is ____ convenience.
inversely proportional to
What type of program lets a user create and store multiple strong passwords in a single user database file that is protected by one strong master password?
password management application
Information contained on devices is protected by three layers: Two of the layers are products and policies and procedures. What is the third layer?
people
With which type of social engineering attack are users asked to respond to an email or are directed to a website where they are requested to update personal information, such as passwords or credit card numbers?
phishing
What popular online activity involves grouping individuals and organizations into clusters or groups based on their likes and interests?
social networking
Which type of social engineering attack depends on the user incorrectly entering a URL?
typo squatting
Which of the following is a characteristic of a weak password?
used on multiple accounts
What is a flaw or weakness that allows a threat agent to bypass security?
vulnerability
