Quiz #2

¡Supera tus tareas y exámenes ahora con Quizwiz!

True

Failing to prevent and attack all but invites an attack

Urgency

An attacker attempting to break into a facility pulls the alarms to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using

Stimulation testing

As a follow up to her annual testing, Holly would like to conduct quarterly disaster recovery tests that introduce as much realism as possible but do not require the technology resources. What type of test should Holly conduct?

Evil Twin

Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifies (SSID) of an open network owned by the coffee shop in the lobby. Which type of attack is likely taking place?

80

Bob is using a port scanner to identify open ports on a server in his environment. He is scanning a web server that uses Hypertext Transfer Protocol (HTTP). Which port should Bob expect to be open to support this service

False

Continuity of critical business functions and operations is the balanced business continuity plan

warm site

Dawn is selecting an alternative processing facility for her organizations primary data center. She would like to have a facility that balances cost and switchover time. What would be the best option in this situation?

Opportunity cost

Maria's company recently experienced a major system outage due to the failure of a critical component. During the time period the company did not register any sales through its online site. Which type of loss did the company experience?

True

Rootkits are malicious software programs designed to be hidden from normal methods of detection?

False

Spam is some act intended to deceive or trick the receiver, normally in email messages

True

The Government Information Security Reform Act (Security Reform Act) of 2000 focuses on management and evaluation of the security of unclassified and national security systems.

True

The term risk management describes the process of identifying, assessing, prioritizing and addressing risks

True

The tools for conducting a risk analysis can include the documents that define, categorize and rank risks.

The first step in creating a comprehensive disaster recovery plan (DRP) is to document likely impact scenarios

True

Spim

Users throughout Alison's organization have been receiving unwanted messages over the organizations instant messaging program. What type of attack is taking place

Safety

What is not one of the three tenets of information security?

Firewalls

Which controls is not designed to combat malware?

Risk = Threat x Vulnerability

Which formula is typically used to describe the components of information security risks?

data ownership

Which item in a BYOD policy helps resolve intellectual property issues that may arise as the result of business use of personal devices?

Fabrication

Which type of attack involves the creation of some deception in order to trick unsuspecting users?


Conjuntos de estudio relacionados

HCD Fluid/Electrolytes and Nutrition

View Set

Chapter 31: Drug Therapy for Nasal Congestion and Cough

View Set

Chapter 24: Nursing Care of the Child With an Integumentary Disorder (and alteration in tissue integrity)

View Set

Ch. 3 and 4: Measures of Central Tendency and Variability; Standard Scores and the Normal Distribution

View Set

Chapter 12: Wrist and Hand Complex

View Set

IST 3343 Exam 1 Test Bank Chapters 1-4

View Set

Ch. 10 Commercial Auto Coverage - Random Questions 1 - MI P&C Licensing

View Set