Fundamentals of Network Security Chapter 10, SECURITY+ GUIDE TO NETWORK SECURITY - CH1, Fundamentals of Network Security Chapter 9, Fundamentals of Network Security Chapter 8, Security - Chapter 7, Security - Chapter 6, Fundamentals of Network Securi...

Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?

1,500,000

"What PIN is considered to be the most commonly used PIN?

1234

According to the U.S. Bureau of Labor Statistics, what percentage of growth for information security analysts is the available job outlook supposed to reach through 2024?

18

"Select the item that is not considered to be a basic characteristic of mobile devices.

A removable media storage.

"A QR code can't contain which of the following items directly?

A video.

"Select the proprietary wireless network technology that is used primarily by sensors for communicating data.

ANT

What are the four different risk response techniques?

Accept, transfer, avoid, and mitigate.

What class of attacks use innovative attack tools and once a system is infected it silently extracts data over an extended period?

Advanced Persistent Threat

"A spiked collar that extends horizontally for up to 3 feet from the pole is an example of what kind of technology?

Anti-climb

"Which enterprise deployment model allows users to use their personal mobile devices for business purposes?

BYOD

"What type of filtering software divides email messages that have been received into two piles, spam and non-spam and then analyzes every word in each email and determines how frequently a word occurs in the spam pile compared to the not-spam pile?

Bayesian filtering

"Which enterprise deployment model requires employees to choose from a selection of company owned and approved devices?

COPE

"What can be enabled to prevent a mobile device from being used until a user enters the correct passcode, such as a pin or password?

Enable a lock screen

True or False: As a class, tablets are devices that closely resemble standard desktop computers.

FALSE

True or False: MDM tools cannot provide the ability to detect and restrict jailbroken and rooted devices.

FALSE

True or False: The greatest asset of a mobile device-its security.

FALSE

True or False: Virtual machines store sensitive applications and data on a remote server that is accessed through a smartphone.

FALSE

True or False: When securing a laptop, it can be placed in an office or a desk drawer.

FALSE

True or False: The testing stage is a "quality assurance" test to verify that the code functions as intended.

False

True or False: An embedded system is computer hardware and software contained within a smaller system that is designed for a specific function.

False, "contained within a lager system"

True or False: A compiled code test is used to ensure that the projected application meets all specifications at that point

False, this is model verification

"What type of technology can add geographical identification data to media such as digital photos taken on a mobile device?

GPS tagging

"Select the option that represents a wearable technology.

Google Glass

Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information?

Gramm-Leach-Bliley

"How is the coverage area for a cellular telephony network usually divided in a typical city?

Hexagon shaped cells.

"What systems control locally or at remote locations by collecting, monitoring, and processing real-time data so that machines can directly control devices such as valves, pumps, and motors without the need for human intervention?

ICS

Which of the following is a common security framework? (Choose all that apply.)

ISO, COBIT, RFC

To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack?

Love Bug

"How could an administrator initially manage applications on mobile devices using a technique called ""app wrapping?""

Mobile Application Management

"What type of management system below can help distribute and manage public and corporate apps?

Mobile Device Management

What term is used to describe state-sponsored attackers that are used for launching computer attacks against their foes?

Nation State Hackers

"What type of update service can Apple users take advantage of to update their operating systems via wireless carriers?

OTA (Over-the-Air)

"What connection technology allows a mobile device with a USB connection to act as either a host or a peripheral used for external media access?

OTG (USB On-the-Go)

"What type of software is specifically designed for a SoC in an embedded system?

RTOS (Real-time operating system)

"Which of the following is a popular type of removable data storage used on mobile devices?

SD

"A Wi-Fi enabled microSD card is an example of what type of device?

SDIO

"What security standard was introduced in conjunction with UEFI?

Secure Boot

"Which of the following frameworks requires a QR code or PIN on each IoT device for authenticating it to the network, and uses an Elliptic Curve Diffie-Hellman secure key exchange and a Transport Layer Security (TLS) tunnel?

Security 2 (S2) framework

True or False: An automated patch update service is used to manage patches within the enterprise instead of relying on the vendor's online updates.

TRUE

True or False: In the production stage the application is released to be used in its actual setting.

TRUE

True or False: Infrared light is next to the visible light on the light spectrum.

TRUE

True or False: Mobile devices using location services are at increased risk of targeted physical attacks.

TRUE

True or False: Some mobile devices can be configured so that the device automatically unlocks and stays unlocked until a specific action occurs.

TRUE

True or False: Static program analyzers are tools that examine the software without actually executing the program; instead, the source code is reviewed and analyzed.

TRUE

True or False: Tethering may allow an unsecured mobile device to infect other tethered mobile devices or the corporate network.

TRUE

True or False: The transmission time needed to repeat a signal from one earth station to another is approximately 250 milliseconds.

TRUE

"Which of the following selections is not one of the features provided by a typical MDM?

Track stolen devices

"Which of the following is NOT an Android Smart Lock configuration option?

User device detection, should be Trusted devices detection

"How can an area be made secure from a non-secured area via two interlocking doors to a small room?

Using a mantrap

In information security, what can constitute a loss?

all of the above

"What specific software can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus?

antivirus

"What type of OS in firmware is designed to manage a specific device like a video game console?

appliance OS

Which of the following ensures that data is accessible to authorized users?

availability

Which of the following are considered threat actors? (Choose all that apply.)

brokers, competitors

Which of the three protections ensures that only authorized parties can view information?

confidentiality

"Which management system is used to support the creation and subsequent editing and modification of digital content by multiple employees?

content management

"Which option allows a mobile device to be configured so that the device automatically unlocks and stays unlocked until a specific action occurs?

context-aware authentication

What term best describes any premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by subnational groups or clandestine agents?hat term best describes any premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by subnational groups or clandestine agents?

cyberterrorism

What term describes a layered security approach that provides the comprehensive protection?

defense-in-depth

In what kind of attack can attackers make use of millions of computers under their control in an attack against a single server or network?

distributed

Which of the following is a valid fundamental security principle? (Choose all that apply.)

diversity, simplicity, layering

As security is increased, convenience is often increased.

false

Brokers steal new product research or a list of current customers to gain a competitive advantage.

false

Smart phones give the owner of the device the ability to download security updates.

false

Successful attacks are usually not from software that is poorly designed and has architecture/design weaknesses.

false

The Sarbanes-Oxley Act restricts electronic and paper data containing personally identifiable financial information.

false

The Security Administrator reports directly to the CIO.

false

"What type of update does not allow a user to refuse or delay security updates?

forced

What term is used to describe a group that is strongly motivated by ideology, but is usually not considered to be well-defined and well-organized?

hactivists

"Which AV approach uses a variety of techniques to spot the characteristics of a virus instead of attempting to make matches?

heuristic monitoring

Under which laws are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?

hipaa

"What mobile operating system below requires all applications to be reviewed and approved before they can be made available in the App store?

iOS

What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?

identity theft

"Which of the following is NOT a benefit of using the CYOD enterprise deployment model for an enterprise?

increased internal service

Which term below is frequently used to describe the tasks of securing information that is in a digital format?

information security

"Which of the following can replace using radio frequency (RF) for the communication media?

infrared

Select the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.

integrity

"What process gives a user access to a file system on a mobile device with full permissions, essentially allowing the user to do anything on the device?

jailbreaking

What level of security access should a computer user have to do their job?

least amount

"Mobile devices with global positioning system (GPS) abilities typically make use of:

location services

"What monitors emails for spam and other unwanted content to prevent these messages from being delivered?

mail gateway

Select the term that best describes automated attack software?

open-source intelligence

"What publicly released software security update is intended to repair a vulnerability?

patch

Which of the following describes various supporting structures for implementing security that provides a resource of how to create a secure IT environment? (Choose all that apply.)

reference architectures, industry-standard frameworks

"Which of the following systems is located in a satellite and regenerates a signal that is sent back to earth at another frequency?

repeater

Which term is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so?

script kiddies

"In Microsoft Windows, what type of templates are a collection of security configuration settings?

security

What information security position reports to the CISO and supervises technicians, administrators, and security staff?

security manager

Which position below is considered an entry-level position for a person who has the necessary technical skills?

security technician

What term refers to an action that provides an immediate solution to a problem by cutting through the complexity that surrounds it?

silver bullet

"A computer that uses SSD drives and is smaller than a standard notebook is an example of what type of a portable computer?

subnotebook

"What portable computing devices, designed for user convenience, have a sensor called an accelerometer that senses vibrations and movements that can determine the orientation of the device?

tablets

What process describes using technology as a basis for controlling the access and usage of sensitive data?

technical controls

A vulnerability is a flaw or weakness that allows a threat to bypass security.

true

One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government.

true

The CompTIA Security+ certification is a vendor-neutral credential.

true

To mitigate risk is the attempt to address risk by making the risk less serious.

true

What type of diversity is being implemented if a company is using multiple security products from different manufacturers?

vendor diversity

"Which application development life-cycle model uses a sequential design process?

waterfall

"Select the computing device that uses a limited version of an operating system and uses a web browser with an integrated media player.

web-based