Sec chapter 1
As security is increased, convenience is often increased.
False
Brokers steal new product research or a list of current customers to gain a competitive advantage.
False
Smart phones give the owner of the device the ability to download security updates.
False
Successful attacks are usually not from software that is poorly designed and has architecture/design weaknesses.
False
The Sarbanes-Oxley Act restricts electronic and paper data containing personally identifiable financial information.
False
The Security Manager reports directly to the CIO.
False
A vulnerability is a flaw or weakness that allows a threat actor to bypass security.
True
One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government.
True
The CompTIA Security+ certification is a vendor-neutral credential.
True
To mitigate risk is the attempt to address risk by making the risk less serious.
True
Which of the following is a common security framework? (Choose all that apply.)
a. RFC b. ISO d. COBIT
Which of the following is a valid fundamental security principle? (Choose all that apply.)
a. simplicity c. layering d. diversity
In information security, what can constitute a loss?
all of the above
Which of the following are considered threat actors? (Choose all that apply.)
c. competitors d. brokers
What term best describes any premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by subnational groups or clandestine agents?
cyberterrorism
In what kind of attack can attackers make use of millions of computers under their control in an attack against a single server or network?
distributed
What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?
identity theft
Which term below is frequently used to describe the tasks of securing information that is in a digital format?
information security
Select the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.
integrity