Week 3 Quiz

¡Supera tus tareas y exámenes ahora con Quizwiz!

A successful business impact analysis (BIA) maps the context, the critical business functions, and the processes on which they rely.

True

Fencing and mantraps are examples of physical controls.

True

In a chosen-ciphertext attack, cryptanalysts submit data coded with the same cipher and key they are trying to break to the decryption device to see either the plaintext output or the effect the decrypted message has on some system.

True

What is NOT a valid encryption key length for use with the Blowfish algorithm?

512 bits

What a key principle of risk management programs?

Don't spend more to protect an asset than it is worth

A private key cipher is also called an asymmetric key cipher.

False

Nancy performs a full backup of her server every Sunday at 1 A.M. and differential backups on Mondays through Fridays at 1 A.M. Her server fails at 9 A.M. Wednesday. How many backups does Nancy need to restore?

2

Kim is the risk manager for a large organization. She is evaluating whether the organization should purchase a fire suppression system. She consulted a variety of subject matter experts and determined that there is a 1 percent chance that a fire will occur in a given year. If a fire occurred, it would likely cause $2 million in damage to the facility, which has a $10 million value. Given this scenario, what is the exposure factor?

20 percent

What mathematical problem forms the basis of most modern cryptographic algorithms?

Factoring large primes

Deterrent controls identify that a threat has landed in your system.

False

In an incremental backup, you start with a full backup when network traffic is light. Then, each night, you back up only that day's changes.

False

You must always use the same algorithm to encrypt information and decrypt the same information.

False

What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature?

Hash

Adam's company recently suffered an attack where hackers exploited an SQL injection issue on their web server and stole sensitive information from a database. What term describes this activity?

Incident

When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?

Nonrepudiation

Which approach to cryptography provides the strongest theoretical protection?

Quantum cryptography

Alan is the security manager for a mid-sized business. The company has suffered several serious data losses when mobile devices were stolen. Alan decides to implement full disk encryption on all mobile devices. What risk response did Alan take?

Reduce

A person demonstrates anonymity when posting information to a web discussion site without authorities knowing who he or she is.

True

A substitution cipher replaces bits, characters, or blocks of information with other bits, characters, or blocks.

True

Forensics and incident response are examples of __________ controls.

corrective


Conjuntos de estudio relacionados

Disasters, Mass Casualty Incidents, and Complex Emergencies 2a

View Set

GEOG 101! 04 Chapter 12 Study Guide

View Set

Functional Area 13: Risk Management

View Set