Cybersecurity Final Exam Review

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which statement describes a distributed denial of service attack

An attacker builds a botnet of comprised zombies

What are three types of sensitive information

business, classified, and PII

A web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration

confidentiality

As data is being stored on a local hard disk, which method would secure the data from unauthorized access

data encryption

What are three states of data during which data is vulnerable

data in process, in transit, and stored

What three tasks are accomplished by a comprehensive security policy

defines legal consequences of violations, sets rules for expected behavior, and gives security staff the backing of management

What three design principles help to ensure high availability

detect failures as they occur, provide for a reliable crossover, and eliminate single points of failure

What technology should be implemented to verify the identity of an organization, to authenticate its website, and to provide an encrypted connection between a client and the website

digital ceritificate

What is identified by the first dimension of the cybersecurity cube

goals

What tool is used to lure an attacker so that an administrator can capture, log, and analyze the behavior of the attack

honeypot

Which technology removes direct equipment and maintenance costs from the user for data backups

if the laptop requires user authentication for file and media sharing

What are the two most effective ways to defend against malware

install and update anitvirus software and update the operating system and other application software

What is the best method to avoid getting spyware on a machine

install software only from trusted websites

What is a reason that internal security threats might cause greater damage to an organization than external security threats

internal users have direct access to the infrastructure devices

What are three access control security services

Accounting, authorization, and authentication

Which three processes are examples of logical access controls

IDS to watch for suspicious network activity, firewalls to monitor traffic, and biometrics to validate physical characteristics

Historically it has been observed that computer processing speeds tend to double every two years. This is known as

Moore's Law

Which tool is used to provide a list of open ports on network devices

Nmap

An organization allows employees to work from home two days a week. Which technology should be implemented to ensure data confidentiality as data is transmitted

VPN

Which technology removes direct equipment and maintenance costs from the user for data backups

a cloud service

An organization plans to implement security training to educate employees about security policies. What type of access control is the organization trying to implement

administrative

What is the best method to prevent Bluetooth from being exploited

always disable bluetooth when it is not actively used

An organization wants to adopt a labeling system based on the value, sensitivity, and criticality of the information. What element of risk management is recommended

asset classification

Passwords, passphrases, and PINs are examples of which security term

authentication

What are two methods that ensure confidentiality

authentication and encryption

A company is experiencing overwhelming visits to a main web server. The IT department is developing a plan to add a couple more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan

availability

An attacker is sitting in front of a store and wirelessly copies emails and contact lists from nearby unsuspecting user devices. What type of attack is this

bluesnarfing

What describes the protection provided by a fence that is 1 meter in height

it deters casual trespasses only

Which method is used by steganography to hide text in an image file

least significant bit

What term is used to describe the technology that replaces sensitive information with a nonsensitive version

masking

Why do IoT devices pose a greater risk than other computing devices on a network

most IoT devices do not receive frequent firmware updates

Which technology creates a security token that allows a user to log in to a desired web application using credentials from a social media website

open authorization

How can users working on a shared computer keep their personal browsing history hidden from other workers that may use this computer

operate the web browswer in private browsing mode

what does a rootkit modify

operating system

Which type of cybercriminal attack would interfere with established network communication through the use of constructed packets so that the packets look like they are part of the normal communication?

packet forgery

The digital divide is about how

people's access to computing and the Internet differs based on socioeconomic or geographic characteristics

What is the best approach to prevent a compromised IoT device from maliciously accessing data and devices on a local network

place all IoT devices that have access to the internet on an isolated network

What are three examples of administrative access controls

policies and procedures, background checks, and hiring practices

What type of cybersecurity laws protect you from an organization that might want to share your sensitive data

privacy

Which of the following is the most accurate statement about using search trends as predictors of future events

search trends are imperfect predictors of future events that may not fully represent society at large

Thwarting cyber criminals includes which of the following

sharing cyber intelligence information and establishing early warning systems

What is an impersonation attack that takes advantage of a trusted relationship between two systems

spoofing

What term is used to describe concealing data in another file such as a graphic, audio, or other text file

steganography

A consumer would like to print photographs stored on a cloud storage account using a third party online printing service. After successfully logging into the cloud account, the customer is automatically given access to the third party online printing service. What allowed this automatic authentication to occur

the cloud storage service is an approved application for the online printing service

When a computer scientist uses the term "Big Data" what do they typically mean

there is enough data that traditional data processing applications are inadequate

What is the main purpose of cyberwarfare

to gain advantage over adversaries

What is the name of the method in which letters are rearranged to create the ciphertext

transposition

What two methods help to ensure system availability

up-to-date operating systems and equipment maintenance

What are two ways to protect a computer from malware

use antivirus software, and keep software up to date

What are three methods that can be used to ensure confidentiality of information

username ID and password, 2 factor authentication, and data encryption

Which term describes the technology that protects software from unauthorized access or modification

watermarking

Which type of networks poses increasing challenges to cybersecurity specialists due to the growth of BYOD on campus

wireless networks

Users report that the network access is slow. After questioning the employees, the network administrator learned that one employee downloaded a third-party scanning program for the printer. What type of malware might be introduced that causes slow performance of the network

worm


Ensembles d'études connexes

Network Fundamental - Chapter 5-10

View Set

Operating System Structures CH.9

View Set

Week 3: Theories of Substance Use and Models of Addiction

View Set