Cybersecurity Principles T/F and Quizzes Part 1

¡Supera tus tareas y exámenes ahora con Quizwiz!

•Distributed denial-of-service (DDoS):

A coordinated stream of requests is launched against a target from many locations simultaneously.

•Spoofing:

A technique used to gain unauthorized access; an intruder assumes a trusted IP address.

•Denial-of-service (DoS):

An attacker sends a large number of connection or information requests to a target. •The target system becomes overloaded and cannot respond to legitimate requests for service. •It may result in a system crash or inability to perform ordinary functions.

What is security? Freedom from fear Protection from loss Keeping secrets Being secure and free from danger

Being secure and free from danger

Which group in the organization is appointed by data owners to oversee the management of a particular set of information and to coordinate with data custodians for its storage, protection, and use? a.Data owners b.Data custodian c.Data trustee d.Data user

Data Trustee

Virus: It consists of code segments that attach to existing program and take control of access to the targeted computer.

It consists of code segments that attach to existing program and take control of access to the targeted computer.

Malware (malicious code)

It includes the execution of viruses, worms, Trojan horses, and active Web scripts with the intent to destroy or steal information.

•Packet sniffer:

It monitors data traveling over a network; it can be used both for legitimate management purposes and for stealing information from a network.

Communications interception attacks include all of the following EXCEPT _____. a.sniffers b.spoofing c.pharming d.ransomware e.man-in-the-middle

RANSOMWARE

A short-term decrease in electrical power availability is known as a _____. a.surge b.spike c.sag swell

Sag

Worms:

They replicate themselves until they completely fill available resources such as memory and hard drive space

Match Term and Threat Attack Exploit Vulnerability Definition An intentional or unintentional act that can damage or otherwise compromise information and the systems that support it. A potential weakness in an asset or its defensive control system(s). A potential risk to an asset's loss of value. A technique used to compromise a system.

Threat: A potential risk to an asset's loss of value. Attack: An intentional or unintentional act that can damage or otherwise compromise information and the systems that support it. Exploit: A technique used to compromise a system. Vulnerability:A potential weakness in an asset or its defensive control system(s).

Polymorphic threat

actually evolves to elude detection

Phishing:

attempt to gain personal/confidential information; apparent legitimate communication hides embedded code that redirects user to third-party site

What title is given to the person with primary responsibility for assessment, management, and implementation of InfoSec in the organization? a.CIO b.CISO c.CEO CFO

b. CISO

Back door

gaining access to system or network using known or previously unknown/newly discovered access mechanism

•Advance-fee fraud:

indicates recipient is due money and small advance fee or personal banking information required to facilitate transfer

Virus and worm hoaxes

nonexistent malware that employees waste time spreading awareness about

Social engineering

uses social skills to convince people to reveal access credentials or other valuable information to an attacker.


Conjuntos de estudio relacionados

Chapter 1, Financial Accounting Attempts

View Set

171Qw/exp Saunders NCLEX Gastrointestinal

View Set

CHATER 9 Descriptive Statistics, Significance Levels, and Hypothesis Testing

View Set

General Psychology Module 41 Critical Thinking

View Set

Special Senses Structures and Functions

View Set