CSS150 Chapter 1
Which of the following of the CIA Triad ensures that the information is correct, and no unauthorized person has altered it?
Integrity
What is the term used to describe the connectivity between an organization and a third party?
System integration
How do vendors decide which should be the default settings on a system?
Those settings that provide the means by which the user can immediately begin to use the product.
Which type of hacker will probe a system for weaknesses and then privately provide that information back to the organization?
White hat hackers
Complete this definition of information security: That which protects the integrity, confidentiality, and availability of information _____.
through products, people, and procedures on the devices that store, manipulate, and transmit the information
Which tool is most commonly associated with state actors?
Advanced Persistent Threat (APT)
Luna is reading a book about the history of cybercrime. She read that the very first cyberattacks that occurred were mainly for what purpose?
Fame
Which of the following is not used to describe those who attack computer systems?
Malicious agent
Which of the following is not a reason why a legacy platform has not been updated?
No compelling reason for any updates
Which of the following groups have the lowest level of technical knowledge?
Script kiddies
Which of the following is true regarding the relationship between security and convenience?
Security and convenience are inversely proportional.
Which of the following is not true regarding security?
Security is a war that must be won at all costs.
After Bella earned her security certification, she was offered a promotion. As she reviewed the job responsibilities, she saw that in this position she will report to the CISO and will be a supervisor over a group of security technicians. Which of these generally recognized security positions has she been offered?
Security manager
Which of the following groups use Advanced Persistent Threats?
State actors
What is the category of threat actors that sell their knowledge of vulnerabilities to other attackers or governments?
Brokers
Which of the following ensures that only authorized parties can view protected information?
Confidentiality
Which of the following is not a recognized attack vector?
On-prem
Which of the following is not an issue with patching?
Patches address zero-day vulnerabilities
Which of the following is false about the CompTIA Security+ certification?
Professionals who hold the Security+ certification earn about the same or slightly less than security professionals who have not achieved this certification.
What is an objective of state-sponsored attackers?
To spy on citizens
