Ch.1 Quiz - Information Security

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Describe the security principle of simplicity. (Write from Memory)

A secure system should be simple for those on the inside to understand but complex from the outside because attacks can come in many ways.

What are the four different risk response techniques? (Written from Memory)

Accept, transfer, avoid, and mitigate.

What class of attacks use innovative attack tools and once a system is infected it silently extracts data over an extended period? - Inside Attacks - Advanced Persistent Threat - Embedded Attacks - Modified Threat

Advanced Persistent Threat

As security is increased, convenience is often increased. - True - False

False

Smart phones give the owner of the device the ability to download security updates. - True - False

False

Successful attacks are usually not from software that is poorly designed and has architecture/design weaknesses. - True - False

False

Under which laws are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format? - HIPAA - HLPDA - HCPA - USHIPA

HIPAA

One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government. - True - False

True

To mitigate risk is the attempt to address risk by making the risk less serious. - True - False

True

In information security, what can constitute a loss? - theft of information - a delay in transmitting information that results in a financial penalty - the loss of good will or a reputation - all of the above

all of the above

Which of the following ensures that data is accessible to authorized users? - availability - confidentiality - integrity - identity

availability

Which of the following are considered threat actors? (Choose all that apply.) - brokers - competitors - administrators - individuals

brokers competitors

What term describes a layered security approach that provides the comprehensive protection? - comprehensive-security - diverse-defense - limiting-defense - defense-in-depth

defense-in-depth

In what kind of attack can attackers make use of millions of computers under their control in an attack against a single server or network? - centered - local - remote - distributed

distributed

Which of the following is a valid fundamental security principle? (CHOOSE ALL THAT APPLY.) - signature - diversity - simplicity - layering

diversity simplicity layering

What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain? - cyberterrorism - identity theft - phishing - social scam

identity theft

Which term below is frequently used to describe the tasks of securing information that is in a digital format? - network security - information security - physical security - logical security

information security

Select the term that best describes automated attack software? - open-source utility - insider software - open-source intelligence - intrusion application

open-source intelligence

Which term is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so? - cybercriminal - hacker - script kiddies - cyberterrorist

script kiddies

What term refers to an action that provides an immediate solution to a problem by cutting through the complexity that surrounds it? - unicorn - approved action - secure solution - silver bullet

silver bullet


Ensembles d'études connexes

APUSH - Learning Curve Chapter 16

View Set

CRJU 1068 Crim Law Crim Just Final

View Set

AP Bio Unit 10 Recommended Review

View Set

Spanish 3: Lesson 6- Recapitulación

View Set