ITN266 midterm
In a DoS attack, the botmaster is also known as a ________. a. handler b. rootkit c. hoax d. hacker
? but not rootkit
You receive an e-mail that seems to come from your back. Clicking on a link in the message takes you to a website that seems to be your bank's website. However, the website is fake. This is called ________. a. a hoax b. social engineering c. phishing d. spear phishing
? not spear phishing or a hoax
The book recommends that passwords be at least ________ characters long. a. 8 b. 20 c. 100 d. 6
a. 8
________ is a password-cracking method wherein the attacker compares passwords to lists of common words. a. A dictionary attack b. A hybrid dictionary attack c. A combinational attack d. Brute-force guessing
a. A dictionary attack
Which of the following is not a standard Windows privilege? a. All b. Modify c. List folder contents d. Read & execute
a. All
________ is a sophisticated computer hack usually perpetrated by a large, well-funded organization. a. An APT b. A black-market websites c. A bug bounty d. Carding
a. An APT
Which of the following is a danger created by notebook computer loss or theft? a. Both Loss of capital investment and Loss of sensitive data b. Loss of sensitive data c. Neither Loss of capital investment nor Loss of sensitive data d. Loss of capital investment
a. Both Loss of capital investment and Loss of sensitive data
Assigning security measures to groups is better than assigning security measures to individuals within groups because ________. a. Both applying security measures to groups takes less time than applying them individually and applying measures in groups reduces errors in assigning security settings b. applying security measures in groups reduces errors in assigning security settings c. applying security measures to groups takes less time than applying them individually d. Neither applying security measures to groups takes less time than applying them individually nor applying security measures in groups reduces errors in assigning security settings
a. Both applying security measures to groups takes less time than applying them individually and applying security measures in groups reduces errors in assigning security settings
________ take advantage of vulnerabilities in software. a. Bots b. Trojan horses c. Blended threats d. Direct-propagation worms
a. Bots
Which of the following is a series of standards specifically addressing IT security? a. COBIT b. ISO/IEC 27002 c. ISO/IEC 27000 d. COSO
a. COBIT
One of the first data breach notification laws in the U.S. was created in ________. a. California b. Texas c. Illinois d. New York
a. California
________ can simply be describes as a person's system of values. a. Ethics b. Best practices c. Baselines d. Procedures
a. Ethics
Who has the power to prosecute companies that fail to take reasonable precautions to protect private information? a. FTC b. GLBA c. GDPR d. HIPAA
a. FTC
ICMP Echo messages are often used in ________. a. IP address scanning b. spoofing c. port scanning d. DDoS attacks
a. IP address scanning
The ISO/IEC 27001 standard specifies how to certify organizations as being compliant with ________. a. ISO/TEC 27000 b. COSO c. COBIT d. ISO/IEC 27043
a. ISO/IEC 27000
________ is the centralized policy based management of all information required for access to corporate systems by people, machines, programs, or other resources. a. Identity management b. Directory service c. Meta-directory service d. Meta-identity management
a. Identity management
Which of the following COSO framework components encompasses the tone of the organization? a. Internal environment b. Event identification c. Objective setting d. Control activities
a. Internal environment
Which of the following is a type of spyware? a. Keystroke loggers b. Spam c. Downloaders d. Rootkits
a. Keystroke loggers
What is Trojan.POSRAM in regard to Target's data breach? a. Malware b. A virus c. Employee sabotage d. A worm
a. Malware
Which of the following is considered a trade secret? a. Product formulations b. Trade names c. Patents d. Trademarks
a. Product formulations
Which of the following compares probable losses with the costs of security protections? a. Risk analysis b. Reasonable risk c. Internal audits d. Weakest-link failure
a. Risk analysis
Microsoft's server operating system is called ________. a. Windows Server b. Both UNIX and Windows Server c. Neither UNIX nor Windows Server d. UNIX
a. Windows Server
In the classic risk analysis calculation, the countermeasure impact assesses the ________. a. benefits of a countermeasure b. number of incidents of all possible countermeasures c. costs of a countermeasure d. drawbacks of a countermeasure
a. benefits of a countermeasure
Credit card theft is also known as ________. a. carding b. click fraud c. extortion d. bug bounty
a. carding
The goal of ________ is to emphasize a firm's commitment to strong security. a. corporate security policies b. centralized security management c. acceptable use policies d. technical security architecture
a. corporate security policies
Stolen information is commonly used for ________. a. credit card fraud b. identity theft c. false claims d. data mismanagement
a. credit card fraud
A ________ happens when an unauthorized person is able to view, alter, or steal secured data. a. data breach b. countermeasure c. safeguard d. compromise
a. data breach
Availability means that attackers cannot change or destroy information. a. false b. true
a. false
Detective countermeasures is considered one of the security goals of computer staff. a. false b. true
a. false
The cost of computer crime is well known. a. false b. true
a. false
In ________, a perpetrator tries to obtain money or other goods by threatening to take actions that would be against the victim's interest. a. hacking b. abuse c. extortion d. fraud
a. hacking
The most common example of risk transference is ________. a. insurance b. IT security measures c. no countermeasures d. installing firewalls
a. insurance
In the military, departments do not have the ability to alter access control rules set by higher authorities in ________. a. mandatory access control b. discretionary access control c. policy-based access control d. multilevel access control
a. mandatory access control
Cyberwar consists of computer-based attacks made by ________. a. national governments b. multinational corporations c. state, regional, and local governments d. private citizens
a. national governments
Authorizations are also called ________. a. permissions b. Neither permissions nor verifications c. verifications d. Both permissions and verifications
a. permissions
UNIX command line interfaces are called ________. a. shells b. Both shells and GUIs c. Neither shells nor GUIs d. GUIs
a. shells
________ consists of activities that violate a company's IT use and/or ethics policies. a. Extortion b. Abuse c. Hacking d. Fraud
b. Abuse
UNIX allows permissions to be assigned to ________. a. everyone else b. All of these c. a group associated with the directory d. the account that owns the file or directory
b. All of these
Which of the following is considered more serious than credit card number theft? a. Spoofing b. Bank account theft c. Carding d. Click fraud
b. Bank account theft
A security assertion may contain ________. a. authenticity information b. Both authenticity information and attributes, such as spending limits for purchasers c. Neither authenticity information nor attributes, such as spending limits for purchasers d. attributes, such as spending limits for purchasers
b. Both authenticity information and attributes, such as spending limits for purchasers
A ________ card stores authentication data. a. Neither magnetic stripe nor smart b. Both magnetic stripe and smart c. smart d. magnetic stripe
b. Both magnetic stripe and smart
Which of the following focuses broadly on corporate internal and financial control? a. ISO/IEC 27000 b. COSO c. COBIT d. ISO/IEC 27002
b. COSO
The Target data breach helped impact a shift from swipe cards to ________. a. keystroke logger b. EMV-compliant smart cards c. rootkits d. POS systems
b. EMV-compliant smart cards
Computer recover software reports its ________ to recovery company that works with local police to recover the notebook. a. logical location b. IP address c. None of these d. physical location
b. IP address
When a hacker sends a first round of probe packets to find hosts that are active, the attacker is sending ________ probes. a. a chain of attack b. IP address spoofing c. piggybacking d. IP address scanning
b. IP address spoofing
Which of the following statements is not an accurate description of MMCs? a. MMCs use GUIs. b. MMCs are located under the Start / Management menu choice. c. MMCs are relatively easy to learn and use. d. MMCs are produced by Microsoft
b. MMCs are located under the Start / Management menu choice
In cyberterror, attackers are typically ________. a. national governments b. Russian and/or Chinese citizens c. terrorists or groups of terrorists d. large multinational corporations
b. Russian and/or Chinese citizens
________ includes all of a firm's technical countermeasures and how they are organized into a complete system of protection. a. Risk avoidance b. Technical security architecture c. Corporate security policy d. Implementation guidance
b. Technical security architecture
Which of the following is an EU privacy law? a. The Gramm-Leach-Bliley Act b. The General Data Protection Regulation c. The Health Insurance Portability and Accountability Act d. The Sarbanes-Oxley Act
b. The General Data Protection Regulation
Which of the following is typically considered the first step in protecting your company from data breaches? a. Hiring a qualified data security team b. Understanding how data breaches happen c. Purchasing software to prevent data breaches d. Locking up your data to prevent data breaches
b. Understanding how data breaches happen
________ are programs that attach themselves to legitimate programs. a. Direct-propagation worms b. Viruses c. Worms d. Payloads
b. Viruses
Methods that security professionals use to try and stop threats include all of the following EXCEPT ________. a. countermeasures b. breaches c. protections d. safeguards
b. breaches
The three common core goals of security are ________. a. confidentiality, integrity, and authentication b. confidentiality, integrity, and availability c. confidentiality, information, and availability d. confidentiality, information, and authorization
b. confidentiality, integrity, and availability
The most common type of IT security outsourcing is done for ________. a. all hardware b. e-mail c. all software d. laptops
b. e-mail
Corrective countermeasures identify when a threat is attacking. a. true b. false
b. false
UNIX offers ________ directory and file permissions than (as) Windows. a. None of these b. fewer c. about the same number of d. more
b. fewer
Any device with an IP address is a ________. a. client b. host c. None of these d. server
b. host
The verifier itself determines the identity of the supplicant in ________. a. Neither verification nor identification b. identification c. Both verification and identification d. verification
b. identification
Most countermeasure controls are preventative controls. a. false b. true
b. true
Which of the following is not a type of fix for vulnerabilities? a. Version upgrades b. Patches c. All of these are types of fixes for vulnerabilities d. Work-arounds
c. All of these are types of fixes for vulnerabilities
Inheritance can be modified from the ________ box in the security tab. a. Neither allow permissions nor deny permissions b. deny permissions c. Both allow permissions and deny permissions d. allow permissions
c. Both allow permissions and deny permissions
________ programs reward researchers for finding vulnerabilities. a. Black-market website b. Transshipper c. Bug bounty d. APT
c. Bug bounty
Which of the following is an outsourcing alternative? a. MSSP b. PCI-DSS c. FISMA d. ISO 27000
c. FISMA
Which is not one of these three UNIX permissions? a. Execute b. Write c. List folder contents d. Read
c. List folder contents
Which of the following is NOT an indirect cost of a major data breach? a. Abnormal customer turnover b. Loss of reputation c. Notification costs d. Increased customer acquisition activities
c. Notification costs
________ is the destruction of hardware, software, or data. a. Hacking b. Denial of service c. Sabotage d. Extortion
c. Sabotage
Iris recognition technology is ________ and ________. a. inexpensive, has low FARs b. expensive, has high FARs c. expensive, has low FARs d. inexpensive, has high FARs
c. expensive, has low FARs
One of the long-lasting effects of the data breach to Target was ________. a. loss of merchandise b. loss of money c. loss of customer confidence d. employee dissatisfaction
c. loss of customer confidence
If an attacker takes over a router, he or she will be able to ________. a. map the entire internal network b. Both map the entire internal network and reroute traffic to cause a local Dos c. reroute traffic to cause a local DoS d. Neither map the entire internal network nor reroute traffic to cause a local DoS
c. reroute traffic to cause a local DoS
The ________ gives the verifier a symmetric session key. a. Neither ticket-granting ticket nor service ticket b. Both ticket-granting ticket and service ticket c. service ticket d. ticket-granting ticket
c. service ticket
You receive an e-mail that appears to come from a frequent customer. It contains specific information about your relationship with the customer. Clicking on a link in the message takes you to a website that seems to be your customer's website. However, the website is fake. This is an example of ________. a. a hoax b. phishing c. spear phishing d. social engineering
c. spear phishing
Attackers in the Target data breach used malware and then used ______ or ______ to infect a Target third party vendor. a. spear phishing; sabotage b. viruses; worms c. spear phishing; a targeted phishing attack d. hacking; sabotage
c. spear phishing; a targeted phishing attack
The super user account has _________ control over the computer. a. no b. little c. total or nearly total d. substantial but not nearly total
c. total or nearly total
A(n) ________ is defined as an attack that comes before fixes are released. a. exploit b. anomaly attack c. zero-day attack d. worm
c. zero-day attack
More than ________ records were stolen in 2018. a. 2.2 billion b. 100,000 c. 1 million d. 5 billion
d. 5 billion
________ was the last state to implement a data breach notification law in ________. a. California; 2018 b. Georgia; 2000 c. North Dakota; 2016 d. Alabama; 2018
d. Alabama; 2018
If an attacker takes over a firewall, he or she will be able to ________. a. allow connection-opening requests that violate policy b. reroute internal data to alternate paths c. provide the false sense that the firewall is still working correctly d. All of these
d. All of these
________ are descriptions of what the best firms in the industry are doing about security. a. Baselines b. Procedures c. Standards d. Best practices
d. Best practices
Which of the following are elements of host hardening? a. Read operating system log files b. Neither Encrypting data on the host nor Read operating system log files c. Encrypting data on the host d. Both Encrypting data on the host and Read operating system log files
d. Both Encrypting data on the host and Read operating system log files
Which of the following security protections are provided by recent version of Windows Server? a. Server software firewalls b. Neither Server software firewalls not The ability to encrypt data c. The ability to encrypt data d. Both Server software firewalls and The ability to encrypt data
d. Both Server software firewalls and The ability to encrypt data
________ is being able to manage security technologies from a single security management console or at least from a relatively few consoles. a. Technical security architecture b. A single point of vulnerability c. Defense in depth d. Centralized security management
d. Centralized security management
Which of the following is NOT a type of countermeasure? a. Detective b. Preventative c. Corrective d. Cyberwar
d. Cyberwar
Sending packets with false IP source addresses is known as ________. a. spear phishing b. hacking c. sabotage d. IP address spoofing
d. IP address spoofing
What does a central logging server of an MSSP on a network do? a. It uploads the number of times that employees have logged into - or attempted to log into - questionable sites b. It calculates the amount of processing ability needed for a system c. It automatically creates a firewall when questionable activity is detected d. It uploads a firm's event log data
d. It uploads a firm's event log data
________ is a version of ________ for PCs. a. Neither LINUX, UNIX nor UNIX, LINUX b. Both LINUX, UNIX and UNIX, LINUX c. UNIX, LINUX d. LINUX, UNIX
d. LINUX, UNIX
MMCs are administrative used to manage ________ servers. a. All of these b. Apple c. UNIX d. Microsoft
d. Microsoft
________ refers to the intention to minimize lost productivity and attempt not slow innovation. a. Technical security architecture b. A single point of vulnerability c. Defining the weakest link d. Minimizing security burdens
d. Minimizing security burdens
Which of the following is NOT a general guideline to handling exceptions? a. Each exception must be carefully documented in terms of specifically what was done and who did each action. b. The person who requests an exception must never be the same person who authorizes the exception c. Only some people should be allowed to requests exceptions d. More people should be allowed to authorize exceptions than can requests exceptions
d. More people should be allowed to authorize exceptions than can request exceptions
What is the name for a small program that fixes a particular vulnerability? a. Service pack b. Version upgrade c. Work-around d. Patch
d. Patch
________ take advantage of flawed human judgement by convincing a victim to take actions that are counter to security policies. a. Phishing attacks b. Spear phishing attacks c. Hoaxes d. Social engineering attacks
d. Social engineering attacks
Which of the following is NOT a COSO framework component? a. Risk assessment b. Event identification c. Internal environment d. Training practices
d. Training practices
Which of the following companies experienced the largest data breach in history in 2016? a. Facebook b. Amazon c. First American Corp. d. Yahoo! Inc.
d. Yahoo! Inc.
A program that gives an attacker remote access control of your computer is known as ________. a. spyware b. a Trojan horse c. a cookie d. a RAT
d. a RAT
It is common for companies to require users to read and sign a(n) ________. a. e-mail policy b. personally identifiable information policy c. corporate security policy d. acceptable use policy
d. acceptable use policy
A(n) ________ is a statement from Firm A that Firm B should accept as true if Firm B trusts Firm A. a. attribute b. certification c. certificate d. assertion
d. assertion
When a threat succeeds in causing harm to a business, this is known as a(n) ________. a. CIA b. unintended access c. PII d. breach
d. breach
A ________ is a small program that, after installed, downloads a larger attack program. a. rootkit b. keystroke logger c. Trojan horse d. downloader
d. downloader
The ________ of the classic risk analysis calculation is the percentage of an asset's value that would be lost in a breach. a. countermeasure impact b. single loss expectancy c. annualized loss expactancy d. exposure factor
d. exposure factor
An advantage to using MSSP is ________. a. cost b. constant internal control c. control of employees d. independence
d. independence
Inheritance ________ labor costs in assigning permissions. a. increases b. None of these c. inheritance does not significantly change the labor costs in assigning permissions d. reduces
d. reduces
