Practice Exam 01

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which of the following organizations put forth a code of ethics designed primarily for InfoSec professionals who have earned their certifications? The code includes the canon: Provide diligent and competent service to principals.

(ISC)2

The use of cryptographic certificates to establish Secure Sockets Layer (SSL) connections is an example of which process?

Authentication

A ____________ overflow is an application error that occurs when the system can't handle the amount of data that is sent.

Buffer

Which of the following is a C.I.A. characteristic that ensures that only those with sufficient privileges and a demonstrated need may access certain information?

Confidentiality

Attempting to reverse-calculate a password is called ____________________.

Cracking

Which of the following is an international effort to reduce the impact of copyright, trademark, and privacy infringement, especially via the removal of technological copyright protection measures?

DMCA

Which type of attack involves sending a large number of connection or information requests to a target?

Denial of Service

Which of the following is the study of the rightness or wrongness of intentions and motives as opposed to the rightness or wrongness of the consequences and is also known as duty- or obligation-based ethics?

Deontological ethics

Which of the following is the best method for preventing an illegal or unethical activity? Examples include laws, policies and technical controls.

Deterrence

A device (or a software program on a computer) that can monitor data traveling on a network is known as a socket sniffer. _________________________

False

Corruption of information can occur only while information is being stored.

False

DoS attacks cannot be launched against routers.

False

Ethics carry the sanction of a governing authority.

False

One form of e-mail attack that is also a DoS attack is called a mail spoof, in which an attacker overwhelms the receiver with excessive quantities of e-mail. _________________________

False

"Shoulder spying" is used in public or semi-public settings when individuals gather information they are not authorized to have by looking over another individual's shoulder or viewing the information from a distance. _________________________

False Surfing

Information ambiguation occurs when pieces of non-private data are combined to create information that violates privacy. _________________________

False aggregation

The macro virus infects the key operating system files located in a computer's start up sector. _________________________

False boot virus

​A signaling law specifies a requirement for organizations to notify affected parties when they have experienced a specified type of loss of information. ____________

False breach

​ It is the responsibility of InfoSec professionals to understand state laws and standards. ____________

False regulations

The penalties for offenses related to the National Information Infrastructure Protection Act of 1996 depend on whether the offense is judged to have been committed for one of the following reasons except which of the following?

For political advantage

Which act requires organizations that retain health care information to use InfoSec mechanisms to protect this information, as well as policies and procedures to maintain them?

HIPAA

One form of online vandalism is ____________________ operations, which interfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency.

Hacktivist

The three levels of planning are strategic planning, tactical planning, and ____________________ planning.

Operational

Which of the following is the principle of management dedicated to the structuring of resources to support the accomplishment of objectives?

Organization

Which of the following is the principle of management that develops, creates, and implements strategies for the accomplishment of objectives?

Planning

Which of the following functions of Information Security Management seeks to dictate certain behavior within the organization through a set of organizational guidelines?

Policy

A momentary low voltage is called a(n) ____________________.

Sag

Acts of ____________________ can lead to unauthorized real or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to enter.

Trespass

A worm may be able to deposit copies of itself onto all Web servers that the infected system can reach, so that users who subsequently visit those sites become infected.

True

The Secret Service is charged with the detection and arrest of any person committing a U.S. federal offense relating to computer fraud, as well as false identification crimes.

True

​ The Gramm-Leach-Bliley (GLB) Act (also known as the Financial Services Modernization Act of 1999) contains a number of provisions that affect banks, securities firms, and insurance companies. ___________

True

​Due diligence requires that an organization make a valid and ongoing effort to protect others. ____________

True

Ethics are based on ___________________, which are the relatively fixed moral attitudes or customs of a societal group.

cultural mores

The branch of philosophy that considers nature, criteria, sources, logic, and the validity of moral judgment is known as ___________.

ethics

An organization increases its _____________ if it refuses to take measures—due care—to make sure that every employee knows what is acceptable and what is not, and the consequences of illegal or unethical actions.

liability


Kaugnay na mga set ng pag-aaral

ACE Exam Study: Program Progression and Modification

View Set

ETA Fiber Certification Technician (FOT) WOAC

View Set

Cognitive Psychology 2341 Chapter 5: Memory Structures

View Set

Old People Questions (Chp 32 Foundations)

View Set