Sec chapter 1

As security is increased, convenience is often increased.

False

Brokers steal new product research or a list of current customers to gain a competitive advantage.

False

Smart phones give the owner of the device the ability to download security updates.

False

Successful attacks are usually not from software that is poorly designed and has architecture/design weaknesses.

False

The Sarbanes-Oxley Act restricts electronic and paper data containing personally identifiable financial information.

False

The Security Manager reports directly to the CIO.

False

A vulnerability is a flaw or weakness that allows a threat actor to bypass security.

True

One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government.

True

The CompTIA Security+ certification is a vendor-neutral credential.

True

To mitigate risk is the attempt to address risk by making the risk less serious.

True

Which of the following is a common security framework? (Choose all that apply.)

a. RFC b. ISO d. COBIT

Which of the following is a valid fundamental security principle? (Choose all that apply.)

a. simplicity c. layering d. diversity

In information security, what can constitute a loss?

all of the above

Which of the following are considered threat actors? (Choose all that apply.)

c. competitors d. brokers

What term best describes any premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by subnational groups or clandestine agents?

cyberterrorism

In what kind of attack can attackers make use of millions of computers under their control in an attack against a single server or network?

distributed

What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?

identity theft

Which term below is frequently used to describe the tasks of securing information that is in a digital format?

information security

Select the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.

integrity