Chapter 13

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which of the following is the correct description of a firewall? Group of answer choices It is a software and hardware combination that limits the incoming and outgoing Internet traffic. ​It is a software that deletes viruses from attachments. ​It is hardware that prevents unauthorized data to enter the private network. ​It is a concept used in developing security policies.

It is a software and hardware combination that limits the incoming and outgoing Internet traffic.

You have been hired as the new Information Security consultant at XYZ Inc. Which of these employee behaviors would be a top security concern? Group of answer choices ​Banging on the keyboard, when the computer is running slow Drinking water or coffee while working on computers ​Using office computers for personal e-mails Leaving laptop computers unattended in public spaces

Leaving laptop computers unattended in public spaces

This harmful malware is triggered by a specific event, such as Friday the 13th. Group of answer choices Worm Logic bomb Trojan bomb ​Virus

Logic bomb

Assume your organization is experiencing an intruder attack. You have an intrusion detection system (IDS) set up. Which of the following events occurs first? Group of answer choices Network security team decides to block traffic from that IP address The network router sends traffic to the firewall as well as to the IDS ​Messages from the IDS are routed to the network security team ​The IDS warns the firewall of suspicious traffic

The network router sends traffic to the firewall as well as to the IDS

A company's risk assessment process can include numerous threats to the computers and networks. Which of the following can be considered an adverse event? Group of answer choices Email attachment with harmful worm All of the above ​Distributed denial-of-service attack Harmful virus

All of the above

You work for a company that is growing. Originally, all the users in all departments had access to all the data in the database. It is considered a security risk. What is an appropriate action to reduce the risk? Group of answer choices Install and provide stronger anti-virus software on the users' computers ​Install a two-step login procedure, where the user has to key in additional information for logging in Assign roles and privileges to users so that only job-relevant data is accessible to the user. Tweak the firewall parameters so that outgoing traffic can be better controlled

Assign roles and privileges to users so that only job-relevant data is accessible to the user.

Your business has a web server that has suddenly become unresponsive. When you study the server's logs there are a huge number of requests from what appear to be legitimate computers. The problem is likely because of _____. Group of answer choices a logic bomb too many Spam emails a CAPTCHA issue a denial-of-service attack

a denial-of-service attack

There has been a data breach at your business and the business has lost some customer data. It has led to angry customers who have filed charges. What is a recommended course of action to prepare for future events? Group of answer choices activate the forensics analysis team and prepare documentation none of these answers ​meet with your lawyers to prepare to counter-sue the customers settle with the customers, however much it may cost

activate the forensics analysis team and prepare documentation

A hacktivist is someone who _______. Group of answer choices attempts to destroy the infrastructure components of governments hacks computers or Web sites in an attempt to promote a political ideology ​attempts to gain financially and/or disrupt a company's information systems and business operations violates computer or Internet security maliciously or for illegal personal gain

hacks computers or Web sites in an attempt to promote a political ideology

You had used an online service to apply for a credit card. As part of the process, you submitted your personal information such as SSN, date of birth, employer information, etc. Soon after you started receiving bills for items you did not purchase. You have become a victim of ________. Group of answer choices ​cyberterrorism cyber espionage ​ransomware identity theft

identity theft

The second phase of an Advanced Persistent Threat attack is _____. Group of answer choices ​discovery incursion reconnaissance ​capture

incursion

In a denial-of-service (DDoS) attack, the perpetrator ____. Group of answer choices changes the configuration information of the infected computers instructs the zombie computers to send simple access requests to target computers ​refuses to accept any email from any sender ​sends out a huge number of spam emails to all of those in your contacts list

instructs the zombie computers to send simple access requests to target computers

These days, the biggest threats to IT security are from ________. Group of answer choices "geeks" working on their own and motivated by the desire to gain some degree of notoriety international drug cartels terrorist organizations organized groups that have ample resources, including money and sophisticated tools, to support their efforts

organized groups that have ample resources, including money and sophisticated tools, to support their efforts

The purpose of Advanced Persistent Threat (APT) usually is to ____. Group of answer choices steal data ​steal money interrupt service ​annoy the users

steal data

Which of the following shortcoming may be revealed during an IT security audit? Group of answer choices whether only a limited number of people have access to critical data or not ​whether the IT budget is adequate or not ​whether the users are satisfied with IT services or not whether the firewall is tall enough

whether only a limited number of people have access to critical data or not

Which of the following subject areas does the USA Patriot Act cover? Group of answer choices ​Identity theft Transmitting virus programs ​Cyberterrorism Credit card fraud

​Cyberterrorism

Which of the following laws covers false claims regarding unauthorized use of credit cards? Group of answer choices ​Computer Fraud and Abuse Act ​Fraud and Related Activity in Connection with Access Devices Statute Stored Wire and Electronic Communications and Transactional Records Access Statutes Identity Theft and Assumption Deterrence Act

​Fraud and Related Activity in Connection with Access Devices Statute

Which of the following is NOT a popular vendor of firewall software? Group of answer choices ​Red Hat ​Total Defense ​Kaspersky ​Check Point

​Red Hat

Which of these organizations offers guidelines on developing security policies? Group of answer choices ​IBM ​DHS ​SANS ​CISCO

​SANS

The US-CERT incident reporting system is used to ____. Group of answer choices ​alert the Department of Homeland Security about information security incidents alert the Border Patrol about undocumented workers alert the government about missing computers ​alert the bank about stolen credit cards

​alert the Department of Homeland Security about information security incidents

Someone who violates computer or Internet security maliciously or for illegal personal gain is known as a(n) _______. Group of answer choices industrial spy hacktivist ​cyberterrorist ​black hat hacker

​black hat hacker

Once a _____ is installed, the attacker can gain full access to the computer. Group of answer choices ​botnet ​worm ​rootkit zombie

​botnet

A botnet is a ____. Group of answer choices ​network of computers that send out access requests to servers repeatedly network of robots that control an assembly line at a factory ​network of devices that are used for managing security network of servers that exchange traffic data

​network of computers that send out access requests to servers repeatedly

On the back of a credit card the three-digit number above the signature panel is used to _____. Group of answer choices ​track your transactions for rewards program purposes ​verify the card is legitimate and not a stolen card number ​verify the identity of the credit card holder ​enter your account into a raffle

​verify the card is legitimate and not a stolen card number

You wish to use your personal laptop computer at work. However, the IT department folks are unwilling to allow you. The likely reason is ______. Group of answer choices ​you will use your laptop for non-work related activity ​your productivity could not be measured correctly ​your non-work related use of the laptop could increase vulnerability ​your activities could not be monitored

​your non-work related use of the laptop could increase vulnerability


Kaugnay na mga set ng pag-aaral

American Literature - Catcher in the Rye Ch. 1-13

View Set

Lecture 8: Interpersonal Relationships, Work, & Home

View Set

Scenario-based Cyber Security Interview Questions

View Set

containment and the iron curtain

View Set

HIV- AIDS DRUGS -Pharmacy Week E

View Set

Lesson 1 Operating Systems Computer Literacy

View Set