Information Security Final Review

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

LSO

A(n) ____________ is also called a Flash cookie, named after Adobe Flash.

Signature

AV software on a computer must have its ____ files regularly updated by downloads from the Internet.

Evil Twin

An attacker sets up a look-alike Wi-Fi network, tempting unsuspecting users to connect with the attacker's Wi-Fi network instead. What is this called?

Zombie

An infected robot computer is known as a ____.

True

Attack tools can initiate new attacks without any human participation, thus increasing the speed at which systems are attacked.

Denying Services

Botnets can flood a Web server with thousands of requests and overwhelm it to the point that it cannot respond to legitimate requests. What is this called?

true

FACTA grants consumers the right to request one free credit report from each of the three national credit-reporting firms every 12 months.

853 million

From January 2005 through July 2015, approximately how many electronic data records in the United States were breached, exposing to attackers a range of personal electronic data, such as address, Social Security numbers, health records, and credit card numbers?

War Dialing

From what term is war driving derived?

TCP/IP

HTTP is based on which larger set of standards for Internet communication?

by using common internet protocols

How do attackers today make it difficult to distinguish an attack from legitimate traffic?

every 12 months

How often does FACTA grants consumers the right to request one free credit report from each of the three national credit-reporting firms?

False

In a well-run information security program, attacks will never get through security perimeters and local defenses.

IEEE

In the field of computer networking and wireless communications, what is the most widely known and influential organization?

Hacker

In the past, which term was commonly used to refer to a person who uses advanced computer skills to attack computers?

People

Information contained on devices is protected by three layers: Two of the layers are products and policies and procedures. What is the third layer?

Reading Pane

Most email clients contain a ____ that allows the user to read an email message without actually opening it.

Remote Wipe

On tablets and smartphones, what feature can be used that can erase the contents of the device if lost or stolen?

false

Passwords are still considered a strong defense against attackers.

False

Script kiddies typically have advanced knowledge of computers and networks.

inversely Proportional to

Security is ____ convenience.

cyberterrorists

Terrorists who turn their attacks to the network and computer infrastructure to cause panic among citizens are known as which of the following?

Internet

The ____ is a worldwide set of interconnected computers, servers, and networks.

World Wide Web

The ____ is composed of Internet server computers on networks that provide online information in a specific format.

true

The weakness of passwords centers on human memory.

Bluetooth

There are two major types of wireless networks that are popular today among users. One of these networks is Wi-Fi; what is the other?

False

There is a straightforward and easy solution to securing computers.

True

Today, many attack tools are freely available and do not require any technical knowledge to use.

HIPPA

Under which law must healthcare enterprises guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format?

IMAP

Using what email protocol can mail be organized into folders on the mail server and read from any device?

Private Browsing

Using which Internet security best practice is information not saved by the browser, such as pages that are visited will not be recorded to history or the address bar?

Authority

Using which Social engineering principle might an attacker impersonate a CEO of a company?

true

Virtually anyone could type in a person's username and pretend to be that person.

Viruses, Trojans, and Worms

What are the three types of malware that have the primary traits of circulation and/or infection?

Backdoor

What can an attacker use that gives them access to a computer program or service that circumvents normal security protections?

change of address form

What can an attacker use to divert all mail to their post office box so that the victim is never aware that personal information has been stolen?

Sandboxing

What can be used to run JavaScript in a restricted environment and limit what resources it can access?

Cookies

What do web servers use to track whether a user has previously visited a web site?

Encryption

What does a VPN use to ensure that any transmissions that are intercepted will be indecipherable?

Cyberterrorism

What does the FBI define as any "premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents?"

1 Mbps

What is Bluetooth's rate of transmission?

Vulnerability

What is a flaw or weakness that allows a threat agent to bypass security?

Embedded Hyperlink

What is contained within the body of an email message as a shortcut to a website?

Jailbreaking

What is it called if a user disables the built-in limitations on their Apple iOS device to provide additional functionality?

Drive-by-Download

What is it called when unsuspecting users visit an infected website and their browsers download code that targets a vulnerability in the user's browser?

use password manager

What is the best approach to establishing strong security with passwords?

Strong Alphanumeric Password

What is the most secure option for the type of passcode that can be entered to access a mobile device?

Fair Credit Reporting Act

What law contains rules regarding consumer privacy?

Social Networking

What popular online activity involves grouping individuals and organizations into clusters or groups based on their likes and interests?

Lockout period

What security feature can you use to cause a mobile device to be completely locked for a period of time if the passcode is entered incorrectly a number of times?

Lock Screen

What security feature on a smartphone prevents the device from being used until a passcode is entered?

Reset to factory

What security setting can cause a mobile device to erase installed apps and data if the passcode is incorrectly entered a number of times?

SSID

What serves as the network name identifier in a Wi-Fi network?

HTML5

What standarizes sounds and video format so plug-ins like Flash are no longer needed?

Information Security

What term is frequently used to describe the tasks of securing information that is in a digital format?

Dictionary

What type of attack begins with the attacker creating digests of common dictionary words, and then comparing those in a stolen password file?

Identity theft

What type of attacker is most likely to use information you have posted about yourself on a social networking site?

keylogger

What type of device is inserted between the computer keyboard connection and USB port for the purposes of stealing information?

Ransomware

What type of malware can, for example, locks up a user's computer and then display a message that purports to come from a law enforcement agency that states the user must pay a fine for illegal activity?

Logic Bomb

What type of malware is typically added to a legitimate program but lies dormant until it is triggered by a specific event?

Virtual Private Network

What type of network uses an unsecured public network, such as the Internet, as if it were a secure private network?

Password Manager

What type of program lets a user create and store multiple strong passwords in a single user database file that is protected by one strong master password?

Service Pack

What type of software update is a cumulative package of all patches and feature updates?

Keylogger

What type of spyware silently captures and stores each keystroke that a user types on the computer's keyboard?

true

When creating passwords, the most important principle is that length is more important than complexity.

Automobile

Where are you most likely to find a PKES system?

Spear Phishing

Whereas phishing involves sending millions of generic e-mail messages to users, which type of similar attack targets only specific users?

Same Origin

Which JavaScript defense restricts a JavaScript downloaded from Site A from accessing data that came from Site B?

WPA2

Which Wi-Fi security protocol provides the optimum level of wireless security?

User Account Control

Which Windows feature provides information to users and obtains their approval before a program can make a change to the computer's settings?

Insider

Which attacker category might have the objective of retaliation against an employer?

organizational charts

Which document identifies individuals within the organization who are in positions of authority?

GLBA

Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information?

Sleep Time

Which mobile device setting regulates when the device goes into hibernation mode?

Malvertising

Which of the following can be described as a poisoned ad attack?

Availability

Which of the following ensures that data is accessible when needed to authorized users?

Integrity

Which of the following ensures that information is correct and no unauthorized person or malicious software has altered it?

Extensions

Which of the following expands the normal capabilities of a web broswer for a specific webpage?

Identity Theft

Which of the following involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?

Identity Theft

Which of the following involves using someone's personal information, such as a Social Security number, to fraudulently establish bank or credit card accounts?

Enhanced encryption algorithms

Which of the following is NOT a factor that contributes to difficulties faced in defending against attacks?

Disk Drive Formatting Software

Which of the following is NOT a technology typically used by spyware?

used on mulitple accounts

Which of the following is a characteristic of a weak password?

Malware

Which of the following is a general term that refers to a wide variety of damaging or annoying software programs?

Credit Score

Which of the following is a numerical measurement used by lenders to assess a consumer's creditworthiness?

Trojan

Which of the following is a program advertised as performing one activity but actually does something else?

Threat

Which of the following is a type of action that has the potential to cause harm?

Bluejacking

Which of the following is an attack that sends unsolicited messages to Bluetooth-enabled devices?

WPS

Which of the following is an optional means of configuring WPA2 Personal security using a PIN?

Pretexting

Which of the following is described as an attacker who pretends to be from a legitimate research firm who asks for personal information?

Image Spam

Which of the following uses graphical images of text in order to circumvent text-based filters?

the goal to be free from danger as well as the process that achieves that freedom

Which phrase best describes security?

Dumpster Diving

Which technique might an attacker employ to find documents that may reveal the true level of security within an organization?

Patch

Which term can be described as a publicly released software security update intended to repair a vulnerability?

Threat Agent

Which term is best described as a person or element that has the power to carry out a threat?

Bluesnarfing

Which type of BlueTooth attack accesses unauthorized information from a wireless device through a Bluetooth connection, often between cell phones and laptop computers?

Wireless router

Which type of Wi-Fi device acts as the base station for wireless devices as well as providing a gateway to the external Internet?

Phishing

Which type of attacks might send an e-mail or display a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information?

Worm

Which type of malware exploits a vulnerability on one system and then immediately searches for another computer on the network that has the same vulnerability?

Rootkit

Which type of malware is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms?

Worm

Which type of malware self-replicates between computers (from one computer to another)?

Rootkit

Which type of malware will hide or remove all traces of evidence that may reveal the malware, such as log entries?

Typo Squatting

Which type of social engineering attack depends on the user incorrectly entering a URL?

Add-ons

Which type of web browser enhancement can change browser menus or create additional toolbars?

Code Emulation

Which virus detection method creates a virtual environment that simulates the central processing unit (CPU) and memory of the computer?

Phishing

With which type of social engineering attack are users asked to respond to an email or are directed to a website where they are requested to update personal information, such as passwords or credit card numbers?

JavaScript

___ is a scripting language that does not create standalone applications.

Java

____ is a complete programming language that can be used to create stand-alone applications.

Spam Filters

____ look for specific words and block email messages containing those words.


Ensembles d'études connexes

3.1-3.6 Topic Question Quiz Practice

View Set

Bio 224 - Unit 5 - CH 17 (Endocrine System)

View Set

POL. SCI: Classics in American Government

View Set

Civil War (Who,What,When,Where,Why)

View Set

Differential & Selective Media, Chemical Control, Antibiotics

View Set

WSC Art/Music, Literature, and Science 2018

View Set

CH 14, 15, & 22 Practice questions

View Set

Chap 15-Financial Planning and Forecasting

View Set