CIS 110 Test 1
What is Bluetooth's rate of transmission?
1 Mbps
Data backups only protect data against computer attacks.
False
Whereas tablets are designed for performance, laptops are focused on ease of use.
False
Which of the following is NOT an element of asymmetric cryptography?
Hash Algorithm
Which technology hides the existence of data?
Steganography
What type of malware is typically added to a legitimate program but lies dormant until it is triggered by a specific event?
logic bomb
Which term is best described as a person or element that has the power to carry out a threat?
threat agent
Most Bluetooth devices have a range of only about 10 meters.
true
Which type of social engineering attack depends on the user incorrectly entering a URL?
typo squatting
Which of the following is a characteristic of a weak password?
used on multiple accounts
What are the three types of malware that have the primary traits of circulation and/or infection?
viruses, Trojans, and worms
From what term is war driving derived?
war dialing
Which type of Wi-Fi device acts as the base station for wireless devices as well as providing a gateway to the external Internet?
wireless router
In the U.S., if a consumer finds a problem on her credit report, she must first send a letter to the credit-reporting agency. Under federal law, how many days does the agency have to investigate and respond to the alleged inaccuracy and issue a corrected report?
30
Which type of web browser enhancement can change browser menus or create additional toolbars?
Add-ons
Where are you most likely to find a PKES system?
An automobile
Using which Social engineering principle might an attacker impersonate a CEO of a company?
Authority
There is a straightforward and easy solution to securing computers.
False
Using what email protocol can mail be organized into folders on the mail server and read from any device?
IMAP
How many keys are used in symmetric cryptography?
One
Which of the following is NOT true about privacy?
Privacy of any level that you desire is easily achievable today.
Which virus detection method creates a virtual environment that simulates the central processing unit (CPU) and memory of the computer?
code emulation
Terrorists who turn their attacks to the network and computer infrastructure to cause panic among citizens are known as which of the following?
cyberterrorists
Which term can be described as a publicly released software security update intended to repair a vulnerability?
patch
From January 2005 through July 2015, approximately how many electronic data records in the United States were breached, exposing to attackers a range of personal electronic data, such as address, Social Security numbers, health records, and credit card numbers?
853 million
Which of the following is NOT a privacy best practice?
Always carry your Social Security number with you
Which of the following is a risk associated with the use of private data?
Associations with groups.
Which of the following ensures that data is accessible when needed to authorized users?
Availability
Which of the following is an attack that sends unsolicited messages to Bluetooth-enabled devices?
Bluejacking
Which type of BlueTooth attack accesses unauthorized information from a wireless device through a Bluetooth connection, often between cell phones and laptop computers?
Bluesnarfing
There are two major types of wireless networks that are popular today among users. One of these networks is Wi-Fi; what is the other?
Bluetooth
What type of backup is performed continually without any intervention by the user?
Continuous Backup
What do web servers use to track whether a user has previously visited a web site?
Cookies
Which of the following is NOT a technology typically used by spyware?
Disk drive formatting software
Which technique might an attacker employ to find documents that may reveal the true level of security within an organization?
Dumpster diving
What is contained within the body of an email message as a shortcut to a website?
Embedded Hyperlink
What does a VPN use to ensure that any transmissions that are intercepted will be indecipherable?
Encryption
Which of the following is NOT a factor that contributes to difficulties faced in defending against attacks?
Enhanced encryption algorithms
Which of the following expands the normal capabilities of a web broswer for a specific webpage?
Extensions
What law contains rules regarding consumer privacy?
Fair and Accurate Credit Transactions Act
Cryptography hides the existence of data while steganography scrambles a message so that it cannot be understood.
False
IMAP users can't work with email while offline.
False
In a well-run information security program, attacks will never get through security perimeters and local defenses.
False
Malware usually enters a computer system with the user's knowledge.
False
Online data is collected for a number of activities, but not for online purchases.
False
Passwords are still considered a strong defense against attackers.
False
Script kiddies typically have advanced knowledge of computers and networks.
False
Steganography can only utilize image files to hide data.
False
Third-party cookies can be stolen and used to impersonate the user, while first-party cookies can be used to track the browsing or buying habits of a user.
False
Wi-Fi networks operate in basically the same way as cellular telephony networks that are designed, installed, and maintained by the wireless telephone carriers.
False
Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information?
GLBA
Under which law must healthcare enterprises guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format?
HIPAA
What do Web authors use to combine text, graphic images, audio, video, and hyperlinks into a single document?
HTML
What standarizes sounds and video format so plug-ins like Flash are no longer needed?
HTML5
Which of the following is an advantage of hardware encryption over software encryption?
Hardware encryption is not subject to attacks like software encryption.
In the field of computer networking and wireless communications, what is the most widely known and influential organization?
IEEE
Which of the following involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?
Identity theft
Which of the following involves using someone's personal information, such as a Social Security number, to fraudulently establish bank or credit card accounts?
Identity theft
What type of attacker is most likely to use information you have posted about yourself on a social networking site?
Identity thief
Which of the following uses graphical images of text in order to circumvent text-based filters?
Image Spam
Which of the following ensures that information is correct and no unauthorized person or malicious software has altered it?
Integrity
The ____ is a worldwide set of interconnected computers, servers, and networks.
Internet
What is it called if a user disables the built-in limitations on their Apple iOS device to provide additional functionality?
Jailbreaking
____ is a complete programming language that can be used to create stand-alone applications.
Java
____ is a scripting language that does not create standalone applications.
JavaScript
Which of the following is a legitimate responsibility of an organization regarding user private data?
Limit administrative access to personal information.
What security feature on a smartphone prevents the device from being used until a passcode is entered?
Lock Screen
What security feature can you use to cause a mobile device to be completely locked for a period of time if the passcode is entered incorrectly a number of times?
Lockout period
Which of the following can be described as a poisoned ad attack?
Malvertising
Which of the following is a general term that refers to a wide variety of damaging or annoying software programs?
Malware
Which of the following can be described as data that is used to describe the content or structure of the actual data?
Metadata
Which document identifies individuals within the organization who are in positions of authority?
Organizational charts
Which type of attacks might send an e-mail or display a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information?
Phishing
Which of the following is described as an attacker who pretends to be from a legitimate research firm who asks for personal information?
Pretexting
Using which Internet security best practice is information not saved by the browser, such as pages that are visited will not be recorded to history or the address bar?
Private Browsing
What is another name for asymmetric cryptography?
Public key cryptography
What security setting can cause a mobile device to erase installed apps and data if the passcode is incorrectly entered a number of times?
Reset to factory settings
Which type of malware will hide or remove all traces of evidence that may reveal the malware, such as log entries?
Rootkit
What serves as the network name identifier in a Wi-Fi network?
SSID
Which JavaScript defense restricts a JavaScript downloaded from Site A from accessing data that came from Site B?
Same Origin
What can be used to run JavaScript in a restricted environment and limit what resources it can access?
Sandboxing
Which term is best described as individuals who want to attack computers yet who lack the knowledge of computers and networks needed to do so?
Script kiddies
What popular online activity involves grouping individuals and organizations into clusters or groups based on their likes and interests?
Social Networking
____ look for specific words and block email messages containing those words.
Spam Filters
HTTP is based on which larger set of standards for Internet communication?
TCP/IP
Which of the following is NOT true regarding how individuals are concerned how their private data is being used?
Their personal information is no more at risk today than it was 10 years ago.
Which of the following is a program advertised as performing one activity but actually does something else?
Trojan
A worm is designed to enter a computer through the network and then take advantage of a vulnerability in an application or an operating system on the host computer.
True
Almost all viruses infect a system by inserting themselves into a computer file.
True
Attack tools can initiate new attacks without any human participation, thus increasing the speed at which systems are attacked.
True
Because a wireless signal can only be transmitted for several hundred feet, multiple APs are used to provide "cells" or areas of coverage.
True
If the URL of a web site begins with https, the server is using a digital certificate to verify the existence and identity of the organization.
True
It is recommended that a copy of a data backup be stored at an off-site location.
True
Most users actually receive only a small amount of spam in their local email inbox. The majority is blocked before it even reaches the user.
True
The Likes indicated by Facebook users can statistically reveal their sexual orientation, drug use, and political beliefs.
True
The weakness of passwords centers on human memory.
True
Today, many attack tools are freely available and do not require any technical knowledge to use.
True
Unless remote management is essential, it is recommended that this feature be disabled with a wireless router.
True
Virtually anyone could type in a person's username and pretend to be that person.
True
Web servers distribute HTML documents based on a set of standards, or protocols, known as the Hypertext Transport Protocol (HTTP).
True
When creating passwords, the most important principle is that length is more important than complexity.
True
With blocked top-level domain lists, email from entire countries or regions can be blocked and treated as spam.
True
Which of these is a characteristic of a secure hash algorithm?
Two different sets of data cannot produce the same digest
What is the best approach to establishing strong security with passwords?
Use technology for managing passwords
Which Windows feature provides information to users and obtains their approval before a program can make a change to the computer's settings?
User Account Control
Which Wi-Fi security protocol provides the optimum level of wireless security?
WPA2
Which of the following is an optional means of configuring WPA2 Personal security using a PIN?
Wi-Fi Protected Setup (WPS)
The ____ is composed of Internet server computers on networks that provide online information in a specific format
World Wide Web
Some attackers might create a peer-to-peer network that connects a wireless device directly to another wireless device, such as the victim's laptop directly to the attacker's laptop. What is this type of network called?
ad hoc
What can an attacker use that gives them access to a computer program or service that circumvents normal security protections?
backdoor
What can an attacker use to divert all mail to their post office box so that the victim is never aware that personal information has been stolen?
change-of-address form
Which of the following is a numerical measurement used by lenders to assess a consumer's creditworthiness?
credit score
What does the FBI define as any "premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents?"
cyberterrorism
A digital signature can provide which of the following benefits?
data integrity
Botnets can flood a Web server with thousands of requests and overwhelm it to the point that it cannot respond to legitimate requests. What is this called?
denying services
What type of attack begins with the attacker creating digests of common dictionary words, and then comparing those in a stolen password file?
dictionary
What is it called when unsuspecting users visit an infected website and their browsers download code that targets a vulnerability in the user's browser?
drive-by-download
How often does FACTA grants consumers the right to request one free credit report from each of the three national credit-reporting firms?
every 12 months
An attacker sets up a look-alike Wi-Fi network, tempting unsuspecting users to connect with the attacker's Wi-Fi network instead. What is this called?
evil twin
Which of the following creates a digest and does not create ciphertext that can later be decrypted?
hash alhorithm
Which type of cryptography creates a value that is primarily used for comparison purposes?
hashing
What type of attack is a false warning, often contained in an email message claiming to come from the information technology (IT) department?
hoaxes
Which of the following is a place where steganography can hide data?
in the metadata of a file
What term is frequently used to describe the tasks of securing information that is in a digital format?
information security
Which attacker category might have the objective of retaliation against an employer?
insider
Security is ____ convenience.
inversely proportional to
What type of device is inserted between the computer keyboard connection and USB port for the purposes of stealing information?
keylogger
What type of spyware silently captures and stores each keystroke that a user types on the computer's keyboard?
keylogger
Proving that a document was created by a particular user is referred to as which of the following?
nonrepudiation
What type of program lets a user create and store multiple strong passwords in a single user database file that is protected by one strong master password?
password management application
Information contained on devices is protected by three layers: Two of the layers are products and policies and procedures. What is the third layer?
people
With which type of social engineering attack are users asked to respond to an email or are directed to a website where they are requested to update personal information, such as passwords or credit card numbers?
phishing
What is data called that is input into a cryptographic algorithm for the purpose of producing encrypted data?
plaintext
What type of malware can, for example, locks up a user's computer and then display a message that purports to come from a law enforcement agency that states the user must pay a fine for illegal activity?
ransomware
Most email clients contain a ____ that allows the user to read an email message without actually opening it.
reading pane
Which of the following is NOT a protection for information that cryptography can provide?
redundancy
On tablets and smartphones, what feature can be used that can erase the contents of the device if lost or stolen?
remote wipe
Which type of malware is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms?
rootkit
What type of software update is a cumulative package of all patches and feature updates?
service pack
Whereas phishing involves sending millions of generic e-mail messages to users, which type of similar attack targets only specific users?
spear phishing
What is the most secure option for the type of passcode that can be entered to access a mobile device?
strong alphanumeric password
Which phrase best describes security?
the goal to be free from danger as well as the process that achieves that freedom
Which of the following is a type of action that has the potential to cause harm?
threat
If userA wants to send a secure message to userB using an asymmetric cryptographic algorithm, which key does userB use to decrypt the message?
userB's private key
How do attackers today make it difficult to distinguish an attack from legitimate traffic?
using common Internet protocols
What type of network uses an unsecured public network, such as the Internet, as if it were a secure private network?
virtual private network
What is a flaw or weakness that allows a threat agent to bypass security?
vulnerability
Which type of malware exploits a vulnerability on one system and then immediately searches for another computer on the network that has the same vulnerability?
worm
Which type of malware self-replicates between computers (from one computer to another)?
worm
An infected robot computer is known as a ____.
zombie