connect9

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

What distinguishes multi-factor authentication (MFA) from two-factor authentication (2FA)?

- MFA can include biometrics, security tokens, or SMS codes - MFA requires two or more verification factors

Which of the following is an example of data in transit? More than one answer may be correct.

- a person uses an app on their smartphone to check their bank balance - at home, a person sends a photo taken on their smartphone to display on their smart TV

How does a rootkit pose a cybersecurity threat? More than one answer may be correct.

- a range of malicious actions is possible because the invader has the same access as the computer's owner or user - installed on a computer's operating system, a rootkit bypasses security functions

From the following list, select all the examples of internal threats to cybersecurity.

- an attack by an authorized user - an accidental erasure of data - the leakage of sensitive information

When employers deactivate former employees' username and passwords, they are using which tool that ensures confidentiality? More than one answer may be correct.

- authentication - access control

Remote employees of a corporation are required to log into their company's virtual private network (VPN) before accessing files on the corporation's shared drive where corporate data are unreadable to unauthorized users. This is an example of which of the following tools that ensure confidentiality? More than one answer may be correct.

- authentication - access control - encryption - (entering a valid username and password for the VPN authenticates the employee, allowing them to access the files that live behind the VPN) - (only authorized users will have a username and password for the VPN, which controls who is able to access the files that live behind the VPN) - (data that live behind VPNs are scrambled so that only authorized personnel are able to access and read it)

Which of the following statements explain why a computer virus is so named? More than one answer may be correct.

- computer viruses have the ability to reproduce themselves within a system - an invaded computer inadvertently plays host to the malware

Select all options that describe the goals of the National Institute of Standards Technology (NIST) Cybersecurity Framework.

- create an atmosphere where organizations can effectively discuss cybersecurity risks internally and with those outside of the organization - give guidance to organizations who wish to understand potential security breaches - help organizations develop appropriate policies and procedures to mitigate data breaches

Which of the following is prohibited by the Computer Fraud and Abuse Act? More than one answer may be correct

- cyber blackmail - intentionally destroying a computer

Which of the following is an example of a task that might be completed during the planning stage of the plan-protect-respond cycle? More than one answer may be correct.

- having an authorized user attempt to hack into the system to determine vulnerabilities - determine what security flaws exist - determine the degree of vulnerability that exists

Which of the following are responsibilities of a CISO?

- identifying, evaluating, and reporting on information security risks - leadership of the information security team to ensure alignment with the strategic direction of the business - ensuring that disaster recovery plans are in place and tested regularly

Which 3 of the following are assets that can be impacted by a cybersecurity threat?

- information - hardware - software

Which of the following are true regarding the use of GenAI in cybersecurity?

- it can be utilized by cybercriminals to design attacks that evade detection - it can analyze data trends to anticipate cybersecurity vulnerabilities - it helps develop cybersecurity professionals' skills through realistic simulations

Which of the following statements refer to programs known as spiders, web crawlers, and bots? More than one answer may be correct.

- malicious bots create security risks by compromising a user's control of the computer - "good bots" have diverse functions and do not pose security risks - internet robots are used for both legitimate and malicious purposes

What are the potential applications of GenAI in cybersecurity and cyber defense?

- predicting and preventing cyberattacks before they happen - generating and updating security policies based on new threats

Which of the following statements accurately describes spyware? More than one answer may be correct.

- spyware captures private information by monitoring how users interact online - downloading software or documents from unvetted sources is one way spyware can be installed

For a cybersecurity plan to succeed, which of the following must remain confidential? Select all correct answer options.

- the logins and passwords of authorized users - the organization's digital or computer systems - private or sensitive data and information

Members of a project team at a mid-size company are trained in online safety, and their network is protected by a firewall. But the worst-case scenario has happened: a competitor has obtained protected information, possibly directly from a member's computer. George, the firm's system manager, sees some evidence of a Trojan horse that was engineered to steal passwords. What first steps should he and his security team take to uncover the source? More than one answer may be correct.

- they should comb through emails with an eye to a message with a clickable link - the security team should examine everyone's activity log, looking for any downloaded files or programs - (the malware may have been introduced through a message that appeared safe) - a trojan horse may be attached to a download

Which of the following browsing situations may reveal that adware is at work? More than one answer may be correct.

- you have been looking for a new winter coat, and 3 out of 5 ads popping up on your browser currently show the type of coat you have been considering - in searching the term "database management", the first item you see in the results list is an ad for a particular online database - shortly after you buy and download a writing enhancement program, you begin seeing ads for special keyboards, styluses, and other assistive technology

Who performs probable maximum loss calculations?

a company's cybersecurity analysts

To get to the bottom of the odd computer problems she was having, Priya listed these symptoms: files mysteriously disappearing, system configurations unexpectedly altered, and two icons showing up for applications she did not download. What malware could have been installed on Priya's computer?

a rootkit (these symptoms point to an outside user controlling the computer through its operating system)

The purpose of spyware is to ______.

capture the user's account data, passwords, key strokes, and more

The essential function of malicious bots is to ______.

control an individual computer by self-replicating and connecting to a central server

A Trojan horse achieves its purposes through ______.

deceptive access

Ransomware basically holds a target hostage because it ___ .

encrypts the victim's data

The main characteristics that define cybersecurity threats are ______.

events that can lead to IT asset loss, conditions that can lead to IT asset loss, and the consequences of such loss (this is the National Institute of Standards and Technology's (NIST) definition of cybersecurity threats)

In cybersecurity, the probable maximum loss (PML) is used to______.

help determine spending needed to adequately secure an organization's IT infrastructure

The need to keep sensitive data, information, and systems confidential ______.

is both a major goal and a requirement for cybersecurity

Which of the following surveillance technologies relies on how data are entered into a system?

keyloggers

A computer virus is______.

malware that, when executed, adversely affects performance or damages programs

Where are data in transit found?

on a cellular network

Adware specifically functions to ______.

present advertisements to users based on their browsing behaviors

Malware that encrypts the victims data files and then demands that a payment is made to the hacker is called __.

ransomware

Which of these threats to cybersecurity typically comes from an external source and usually request payment in return for a decryption program?

ransomware

A keylogger can be accurately described as ______.

technology that captures keyboard input on several types of devices to glean confidential information

What is the National Institute of Standards Technology (NIST) Cybersecurity Framework?

the NIST Cybersecurity Framework is a voluntary guide that helps organizations understand and protect themselves against cybersecurity risks

Accessing the communications of an organization without authorization was made a criminal violation by which federal cybersecurity law?

the stores communications act

What is a primary responsibility of a CISO in relation to the information security team?

to leas the information security team ensuring alignment with the business's strategic direction

Which authentication method uses auto-generated tokens to represent a user's identity during a session?

token-based authentication

What is the goal of the planning phase of the plan-protect-respond cycle?

understand the steps needed to design effective information security architecture

Tingnan ang lahat ng mga set ng pag-aaral

Kaugnay na mga set ng pag-aaral

What are three types of partnerships?? What are the key differences between them??

View Set

Types of Irony; Sarcasm Examples

View Set

Ch 26: Assessing Male Genitalia and Rectum

View Set

Next Experience Navigation and Access Module Notes

View Set

UNIT SEVEN AP WORLD HISTORY ESSAY TEST

View Set