CYBR 2600 (EOM4)
__________ is a network project that preceded the Internet. -NIST -ARPANET -FIPS -DES
ARPANET
Laws, policies, and their associated penalties only deter if which of the following conditions is present? -Fear of penalty -Probability of being caught -Probability of penalty being administered -All of the above
All of the above
Which of the following functions does information security perform for an organization? -Protecting the organization's ability to function. -Enabling the safe operation of applications implemented on the organization's IT systems. -Protecting the data the organization collects and uses. -All of the above.
All of the above.
An emerging methodology to integrate the effort of the development team and the operations team to improve the functionality and security of applications is known as __________. -SDLC -DevOps -JAD/RAD -SecOps
DevOps
The __________ attempts to prevent trade secrets from being illegally shared. -Electronic Communications Privacy Act -Sarbanes-Oxley Act -Financial Services Modernization Act -Economic Espionage Act
Economic Espionage Act
What is the subject of the Computer Security Act? -Federal agency information security -Telecommunications common carriers -Cryptography software vendors -All of the above
Federal agency information security
What is the subject of the Sarbanes-Oxley Act? -Banking -Financial reporting -Privacy -Trade secrets
Financial reporting
The Computer __________ and Abuse Act of 1986 is the cornerstone of many computer-related federal laws and enforcement efforts. -Violence -Fraud -Theft -Usage
Fraud
The Council of Europe adopted the Convention of Cybercrime in 2001 to oversee a range of security functions associated with __________ activities. -online terrorist -electronic commerce -cyberactivist -Internet
Internet
__________ has become a widely accepted evaluation standard for training and education related to the security of information systems. -NIST SP 800-12 -NSTISSI No. 4011 -IEEE 802.11(g) -ISO 17788
NSTISSI No. 4011
__________ security addresses the issues necessary to protect the tangible items, objects, or areas of an organization from unauthorized access and misuse. -Physical -Personal -Object -Standard
Physical
Web hosting services are usually arranged with an agreement defining minimum service levels known as a(n) ____. -SSL -SLA -MSL -MIN
SLA
Which of the following countries reported the least tolerant attitudes toward personal use of organizational computing resources? -Australia -United States -Singapore -Sweden
Singapore
____ is any technology that aids in gathering information about a person or organization without their knowledge. -A bot -Spyware -A Trojan -A worm
Spyware
The __________ defines stiffer penalties for prosecution of terrorist crimes. -USA PATRIOT Act -Sarbanes-Oxley Act -Gramm-Leach-Bliley Act -Economic Espionage Act
USA PATRIOT Act
A subject or object's ability to use, manipulate, modify, or affect another subject or object is known as ___________. -access -assets -exploits -risk
access
____________________ is the premeditated, politically motivated attacks against information, computer systems, computer programs, and data that result in violence against noncombatant targets by subnational groups or clandestine agents. -infoterrorism -cyberterrorism -hacking -cracking
cyberterrorism
In a ____________________ attack, the attacker sends a large number of connection or information requests to disrupt a target from a small number of sources. -denial-of-service -distributed denial-of-service -virus -spam
denial-of-service
One form of online vandalism is ____________________ operations, which interfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency. -hacktivist -phreak -hackcyber -cyberhack
hacktivist
In file hashing, a file is read by a special algorithm that uses the value of the bits in the file to compute a single number called the __________ value. -result -smashing -hash -code
hash
Which of the following phases is often considered the longest and most expensive phase of the systems development life cycle? -investigation -logical design -implementation -maintenance and change
maintenance and change
The Privacy of Customer Information Section of the common carrier regulation states that any proprietary information shall be used explicitly for providing services, and not for any __________ purposes. -troubleshooting -billing -customer service -marketing
marketing
The average amount of time between hardware failures, calculated as the total amount of operation time for a specified number of units divided by the total number of failures, is known as __________. -mean time between failure (MTBF) -mean time to diagnose (MTTD) -mean time to failure (MTTF) -mean time to repair (MTTR)
mean time between failure (MTBF)
In 2002, Congress passed the Federal Information Security Management Act (FISMA), which mandates that all federal agencies __________. -provide security awareness training -periodic assessment of risk -develop policies and procedures based on risk assessments -All of the above
provide security awareness training
A short-term decrease in electrical power availability is known as a(n) ___________. -blackout -sag -brownout -fault
sag
A methodology and formal development strategy for the design and implementation of an information system is referred to as a __________. -systems design -development life project -systems development life cycle -systems schema
systems development life cycle
Acts of ____________________ can lead to unauthorized real or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to enter. -bypass -theft -trespass -security
trespass
The protection of all communications media, technology, and content is known as ___________. -communications security -network security -physical security -information security
communications security
The average amount of time until the next hardware failure is known as __________. -mean time between failure (MTBF) -mean time to diagnose (MTTD) -mean time to failure (MTTF) -mean time to repair (MTTR)
mean time to failure (MTTF)
The protection of tangible items, objects, or areas from unauthorized access and misuse is known as ___________. -communications security -network security -physical security -information security
physical security