ITC EXAM 1 Review

The cyber security defense strategy and controls that should be used depend on __________. a. The source of the threat b. Industry regulations regarding protection of sensitive data c. What needs to be protected and the cost-benefit analysis d. The available IT budget

c. What needs to be protected and the cost-benefit analysis

Which of the following is not one of the basic functions of business networks? a. Relationships b. Strategic Planning c. Search d. Communication

b. Strategic Planning

When sending sensitive email, James uses a program that transforms data into unreadable text to protect it from being understood by unauthorized users. James is using ________ to protect his email communications. a. Authentication b. Defense-in-depth c. Encryption d. Hashing

c. Encryption

________ is the supervision, monitoring, and control of an organization's IT assets. a. IT governance b. Internal control c. PCI DSS d. FISMA

a. IT governance

Sometimes system failures and data or information loss can result from reasons other than an intentional attempt to breach security. Unintentional threats are all of the following except ___________. a. Political/civic unrest b. Human errors c. Environmental hazards d. Computer systems failures

a. Political/civic unrest

Which of the following statements represents the primary concerns of people who are in favor of Net Neutrality? a. They fear that ISPs will be able to block content representing controversial points of view or that access to high speed Internet transmission will be restricted to content providers who can pay for faster transmission. b. They are concerned that ISPs will become over-regulated by government agencies. c. They are concerned that ISPs will lose the ability to properly fund network expansion to accommodate the growing need for bandwidth intensive services. d. They are concerned about growing risks to privacy and the ability to transmit data securely over the Internet.

a. They fear that ISPs will be able to block content representing controversial points of view or that access to high speed Internet transmission will be restricted to content providers who can pay for faster transmission.

Facebook, YouTube, Twitter, LinkedIn, and other social networks are making IT security dangers worse. Why? a. Users invite in and build relationships with others. Cyber criminals hack into these trusted relationships using stolen log-in credentials. b. E-mail viruses and malware have been increasing for years even though e-mail security has improved. c. Communication has shifted from social networks to smartphones. d. Web filtering, user education, and strict policies cannot help prevent IT security dangers on Facebook and other social networks.

a. Users invite in and build relationships with others. Cyber criminals hack into these trusted relationships using stolen log-in credentials.

63. Business operations are controlled by apps, systems, and networks that are so interconnected that anyone's ________ is an entry point for attacks. a. mobile device b. botnet c. BYOD d. firewall

a. mobile device

All generations of networks are based on ________. a. switching b. wireless c. The cloud d. circuits

a. switching

Group activities devoted to idea generation can be hindered when members of the group are geographically dispersed, have conflicting schedules or any other reasons that prevents the group from meeting face to face. An effective solution to these problems is ____________. a. Sharing ideas by email b. Cloud brainstorming apps such as Evernote and iMindmap Online c. Posting ideas to social media sites such as YouTube, Pinterest or Twitter d. Forming workgroups with people that work in the same location or have compatible schedules.

b. Cloud brainstorming apps such as Evernote and iMindmap Online

IT professionals work hard to protect key characteristics of an asset from security breaches. One of these characteristics is ________, or the avoidance of unauthorized disclosure of information or data. a. Integrity b. Confidentiality c. Availability d. Reliability

b. Confidentiality

Bandwidth-intensive apps are important to business processes, but they also strain network capabilities and resources. One strategy for regulating a network's quality or service is to "prioritize traffic" which means: a. Allocating network resources to users based on seniority in the organization b. Data and apps that are sensitive to time-delay are given priority on the network c. Giving priority to mobile transmissions to avoid bottlenecks d. Restricting traffic from voice and video apps that disproportionally use network bandwidth to times when demand for network resources is low

b. Data and apps that are sensitive to time-delay are given priority on the network

Government and corporate officials concerned about security threats do not bring their own cell phones or laptops when traveling overseas. Instead, they bring loaner devices and follow strict security procedures including not connecting to their domestic network while out of the country. These procedures are referred to as _________. a. Black Ops procedures b. Do-Not-Carry rules c. Foreign Threat Prevention procedures d. Strict Security standards

b. Do-Not-Carry rules

The main cause of data breaches is ________, which is so successful because of ________ when management does not do enough to defend against cyber threats. a. Hacking; highly motivated hackers b. Hacking; negligence c. Malware; BYOD d. Malware; negligence

b. Hacking; negligence

Which of the following about IPv4 is false? a. It has been Internet protocol for over three decades. b. It is easy to configure and to change ISP. c. It has reached the limits of its design. d. It is being replaced with IPv6.

b. It is easy to configure and to change ISP.

Experts believe the three greatest cyber security dangers over the next few years will involve all of the following except __________. a. persistent threats b. POS attacks c. mobile computing d. the use of social media

b. POS attacks

Internal fraud prevention and detection measures are based on __________ and __________. a. A detailed recovery plan; containment, including a fault-tolerant system b. Perimeter defense technologies, such as e-mail scanners; human resource procedures, such as recruitment screening c. General controls; application controls d. Physical controls, including authorization; authentication systems

b. Perimeter defense technologies, such as e-mail scanners; human resource procedures, such as recruitment screening

A defense strategy requires several controls. ___________ protect computer facilities and resources such as computers, data centers, software, manuals, and networks. a. Application controls b. Physical controls c. General controls d. Authentication controls

b. Physical controls

John received a strange message on his computer that asked him to send a hundred dollars in Bitcoin to a link or else he would lose all the data on his computer. John is a victim of: a. Spyware b. Ransomware c. Spear phishing d. Denial-of-service

b. Ransomware

__________ is the elapsed time between when vulnerability is discovered and when it is exploited and has shrunk from months to __________. a. Time-to-exploitation; days b. Time-to-exploitation; minutes c. Denial of service; days d. Denial of service; seconds

b. Time-to-exploitation; minutes

Voice and fingerprint _______ can significantly improve the security of physical devices and provide stronger authentication for remote access or cloud services. a. cryptography b. biometrics c. encryption d. visualization

b. biometrics

After Ford Motor Company began relying on UPS Logistics Group's data networks to track millions of cars and trucks and to analyze any potential problems before they occurred, Ford realized a ________ reduction in vehicle inventory. a. $1 million b. $5 million c. $1 billion d. $5 billion

c. $1 billion

Which of the following trends or transformations was not forecast in Cisco's most recent Visual Networking Index Forecast (VNI)? a. Smartphones will reach 81% of mobile data traffic by 2020. b. Number of mobile-connected devices will exceed the world's population. c. A lot of traffic will be offloaded from cellular networks and onto public Wi-Fi networks. d. 80% of these new smartphone users will be located in Asia Pacific, the Middle East and Africa.

c. A lot of traffic will be offloaded from cellular networks and onto public Wi-Fi networks.

Access to top secret or highly secure networks associated with Homeland Security or national defense use authentication methods based on a biological feature, such as a fingerprint or retinal scan to identify a person. These methods are called _____________. a. Bio-Engineering b. Physical security c. Biometrics d. Human factors

c. Biometrics

In terms of digital transmissions, _______ transfers data in small blocks based on the destination IP address. a. Chunking b. Circuit switching c. Packet switching d. IP Streaming

c. Packet switching

Which of the following is not considered by organizations to be an advantage of using IoT? a. Ability to monitor performance, quality and reliability of products and services b. Gaining insight into new products and services c. Security of networks and data gathered d. Remote troubleshooting of products

c. Security of networks and data gathered

____________is the basic communication protocol of the Internet. This protocol is supported by every major network operating system (OS) to ensure that all devices on the Internet can communicate. a. HTML b. HTTP c. TCP/IP d. FTP

c. TCP/IP

The preferred method of hackers who want to steal trade secrets and other confidential information from business organizations is ___________. a. To bribe employees to get access codes and passwords. b. To bombard websites or networks with so much traffic that they "crash", exposing sensitive data. c. To break into employees' mobile devices and leapfrog into employers' networks—stealing secrets without a trace. d. Use a combination of sophisticated hardware tools designed to defeat IT security defenses.

c. To break into employees' mobile devices and leapfrog into employers' networks—stealing secrets without a trace.

When security issues are a special concern, companies want to take extra steps to make sure that transmissions can't be intercepted or compromised. In these situations they will use a network that encrypts the packets before they are transferred over the network. This solution is called a(n) ___________________. a. Intranet b. Extranet c. Virtual Private Network (VPN) d. SecureNet

c. Virtual Private Network (VPN)

Networking standards "802.11b", "802.11a", and "802.11g" are different types of _____________ standards. a. MIMO b. DSL c. Wi-Fi d. Bluetooth

c. Wi-Fi

In most organizations today, when the network goes down, it causes ___________. a. Little or no disruption b. Minor disruption of productivity or service c. Significant disruption of productivity or service d. Almost complete disruption of productivity or service, including lost sales, financial consequences and inability to process payroll and inventory.

d. Almost complete disruption of productivity or service, including lost sales, financial consequences and inability to process payroll and inventory.

Network capacity is measured in terms of its ________. a. Protocol b. Size c. IP version d. Bandwidth

d. Bandwidth

_____________ is a location-aware system that transmits the identity (in the form of a unique serial number) of an object or person using radio waves. It is used to track items in a supply chain or equipment in a production facility. a. RFID b. GIS c. LTE d. GSM

d. GSM

U.S. cyber security experts and government officials are increasingly concerned about breaches from __________ into corporate networks, either through mobile devices or by other means. a. Domestic terrorists b. Amateur hackers c. Organized crime syndicates based in the United States d. Other countries

d. Other countries

Mobile infrastructure consists of the integration of all of the following factors except ________. a. Devices b. Support c. Security measures d. Personnel

d. Personnel

Basic functions of business networks are all of the following except _______. a. Search b. Mobility c. Collaboration d. Routers

d. Routers

___________ is the practice of managing data transfer to ensure a certain level of performance or QoS. a. Data filtering b. Packet filtering c. Circuit switching d. Traffic shaping

d. Traffic shaping

The single-most effective fraud prevention tactic is making employees know that ________. a. fraudsters will be fired b. fraudsters will be forced to repay what they stole plus interest c. fraud could destroy the company and jobs. d. fraud will be detected by IT monitoring systems and punished by the legal system.

d. fraud will be detected by IT monitoring systems and punished by the legal system.