quiz 10 cis

Why are probable loss calculations important? Multiple ChoiceStatistics show that employee theft is significant.Organizations have limited funds to use toward system protections.CorrectEmployee laptops are often lost or damaged.Older equipment is part of a "planned failure" cost.

Organizations have limited funds to use toward system protections.

Why is it important to preserve the integrity of data, information, and systems? Multiple ChoiceThese assets are more vulnerable to hackers if they have been obtained in an unethical or illegal manner.These assets lose their usefulness and value if their consistency, accuracy, or dependability is compromised.CorrectThese assets are more appealing to hackers if they are not adequately protected from unauthorized use or harm.These assets can only lose integrity during transmissions, which also must be protected for other reasons.

These assets lose their usefulness and value if their consistency, accuracy, or dependability is compromised

Conrad was disturbed to find evidence of applications he did not download, system configurations unexpectedly altered, and files mysteriously that disappeared and moved. Which cybersecurity threat best explains the problems he was having? Multiple Choicespywareadwarea Trojan horsea rootkitCorrect

a rootkit

The Stored Communications Act prohibits which activity? Multiple Choiceusing a wiretap to record a phone conversation when explicit permission isn't grantedusing a computer to commit extortionemployers monitoring employee behavior while on personal mobile devicesaccessing the communications of an organization without authorizationCorrect

accessing the communications of an organization without authorizationCorrect

What are the three categories of the detect (DE) function of the NIST Cybersecurity Framework? Multiple Choicemanage, protect, maintainplanning, mitigation, corrections to systemsrestoration, corrections to procedures, communicationanalysis, observation, detectionCorrect

analysis, observation, detection

What is the "DE" function in the National Institute of Standards Technology (NIST) Cybersecurity Framework? Multiple Choicedevelop functiondeter functiondetect functionCorrectdetermine function

detect function

An email that appears to be from a legitimate company is most likely to be a social engineering cybersecurity attack if Multiple Choiceit contains a link to a free offer that seems too good to be true.Correctit makes a false claim about the company's products or services.it is a duplicate of another email that the company has previously sent.it comes from a close friend or someone you know well.

it contains a link to a free offer that seems too good to be true.Correct

Ransomware basically holds a target hostage because it Multiple Choicetakes control of a target's network.makes the target's own data inaccessible.Correctdestroys a target's data.dramatically slows functionality.

makes the target's own data inaccessible.

Which of the following acts is an example of social engineering? Multiple Choiceusing crowdsourcing to obtain valuable information and populate new databasesconstructing networks that are open to the public and secured against criminal usemanipulating people in order to obtain and misuse their personal informationCorrectdesigning secure social networks to facilitate the sharing of opinions and information

manipulating people in order to obtain and misuse their personal informationCorrect

What type of firewall would filter messages coming from a specific, predefined IP address to a spam filter? Multiple Choicecloud-based firewallNetwork Address Translation (NAT)Virtual Private Networks (VPNs)packet filterCorrect

packet filterCorrect

Bad actors seeking to create computer viruses primarily must know how to Multiple Choiceunderstand network components.set up messages to carry Trojan horses.bypass operating system guardrails.program code.Correct

program code.

What is the meaning of the term "social engineering" in the area of cybersecurity? Multiple Choicethe impersonation of trusted organizations to trick people into making online donationsthe use of online surveys or polls to gauge public sentiment and influence public opinionthe waging of misinformation campaigns through social media posts with false informationthe act of manipulating or tricking people into sharing confidential, personal informationCorrect

the act of manipulating or tricking people into sharing confidential, personal informationCorrect

What does the General Data Protection Regulation (GDPR) strive to achieve? Multiple Choiceto ensure EU companies protect the privacy and personal data of EU citizensCorrectto ensure EU workers protect the security of their company's datato ensure U.S. companies protect the privacy and personal data of U.S. citizensto ensure U.S. workers protect the security of their company's data

to ensure EU companies protect the privacy and personal data of EU citizens

What is the goal of the NIST Cybersecurity Framework Protect (PR) function? Multiple Choiceto help protect organizations from lawsuits spawned by data breaches by offering legal adviceto help protect consumers who buy and use devices that connect to the Internet by offering organizations best practice guidelinesto help protect organizations from insider trading by offering guidelines on employee ethicsto help protect an organization's IT infrastructure from security breaches by offering guidelines on IT infrastructure protectionCorrect

to help protect an organization's IT infrastructure from security breaches by offering guidelines on IT infrastructure protection

Which computer experts help an organization ensure that its information system is protected against intrusions by testing the system's security measures? Multiple Choicewhite-hat hackersCorrectcyberspecialistscyberanalystsblack-hat hackers

white-hat hackers

Ransomware is typically introduced into a network by a ________ and to an individual computer by a Trojan horse. Multiple ChoiceMitMspywarewormCorrectweb crawler

worm