IST-110 Cyberspace and Cybersecurity Chapter 1 Review

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

In _____ the U.S. Congress passed the USA Freedom Act ending the practice of collecting U.S. Citizens' phone records in bulk.

2015

Securely Provision

A. conceptualizing, designing, and building secure IT systems

Match traditional data type to their descriptions: Personnel information

A. Application materials, payroll, offer letters, employee agreements

Provides real-time network monitoring, early cyber threat warnings and advisories, vulnerability identification and mitigation and incident response.

A. MS-ISAC

What type of an attack can disable a computer by forcing it to use memory or by overworking its CPU?

Algorithm

The ISACA group track law enacted related to cyber security.

All of the Above

What is the term used to identify a unique arrangement of information used to identify an attacker's attempt to exploit a known vulnerability.

Attack signatures

Analyze

B. highly specialized review and evaluation of incoming cybersecurity information to determine if it is useful for intelligence

Maintains a list of common vulnerabilities and exposures used by prominent security organizations

B. Mitre Corporation

Intellectual property

B. Patents, trademarks and new product plans

Vulnerability ____ are usually grey hat hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards.

Broker

Protect and Defend

C. identification, analysis, and mitigation of threats to internal systems and networks

Financial data

C. Income statements, balance sheets, and cash flow statements

More than 1,200 award-winning, original research papers; also develops security courses

C. SysAdmin, Audit, Network, Security (SANS) Institute

With DNS spoofing the criminal introduces false data into a DNS resolver's _____

Cache

Internal attackers may have knowledge of security _____, policies, and high levels of administrative privileges.

Countermeasures

Collect and Operate

D. specialized denial and deception operations and the collection of cybersecurity information

Provide information security certifications including the Certified Information Systems Security Professional (CISSP)

D. International Information Systems Security Certification Consortium (ISC)2

Companies such as Google, Facebook, and LinkedIn, could be considered to be data _____ in our cyber world.

Domains

The Workforce Framework categorizes cybersecurity work into seven categories. Match their descriptions: Operate and Maintain

E. providing the support, administration, and maintenance required to ensure IT system performance and security

Network security organization that hosts a security news portal, providing the latest breaking news pertaining to alerts, exploits, and vulnerabilities.

E. Information Systems Security (InfoSysSec)

Security organization that brings together a variety of computer security incident response teams from government, commercial, and educational organizations to foster cooperation and coordination

F Forum of Incident Response and Security Teams (FIRST)

Oversight and Development

F. Leadership, management, and direction to conduct cybersecurity work effectively

According to the online content review (from netacad), the greatest motivation for most cyber criminals is political.

False

An advanced persistent attack (APA) is a continuous computer hack that occurs under the radar against a specific object.

False

Another term for DNS Spoofing is DNS record poisoning.

False

Gray hat hackers are individuals who commit crimes and do arguably unethical things for personal gain.

False

The Studnet attack targeted the Supervisory Control and Data Acquisition (SCADA) system used to control and monitor industrial processes.

False

The most common way to protect _____ identity is to tie login ability to an authorized device.

Federated

_____ identity management refers to multiple enterprises that let their users use the same identification credentials gaining access to the networks of all enterprises in the group.

Federated

Next generation 911 call centers are vulnerable to distributed-denial-of-service (DDoS) attacks that use many systems to _____ the resources of the target making the target unavailable to legitimate users.

Flood

Match the listed security organizations to purpose and initiatives: U.S. federally funded initiative chartered to work with the Internet community in detecting and resolving computer security incidents

G Computer Emergency Response Team (CERT)

Investigate

G. investigation of cyber events and/or cyber crimes involving IT resources

Someone who compromises a network without permission and then discloses the vulnerability publicly.

Gray Hat

The term _____ described individuals with advanced programming skills. They used these programming skills to test the limits and capabilities of early systems. These early individuals were also involved in the development of early computer games.

Hacker

______ Make political statements to create awareness to issues that are important to them.

Hacktivist

An employee may facilitate outside attacks by connecting _____ USB media into a corporate computer system.

Infected

The ISO 27000 series of standards have been specifically reserved by ISO for _____ matters.

Information Security

The _____ program is a partnership between the Federal Bureau of Investigation and the private sector. The participants are dedicated to sharing information and intelligence to prevent hostile cyberattacks.

Infragard

Packet _____ interferes with an established network communication by constructing packets to appear as if they are part of a communication. (one word answer)

Injection

The _____ (IoT) is the collection of technologies that enable the connection of various devices to the Internet. (3 word answer)

Internet of Things

One of the most infamous hacker groups goes by the name _____. (Three word answer)

Legion of Doom

What is an example of an internet data domain?

LinkedIn

Hijacking an authorized connection or denying an individual's ability to use certain network services is often referred to as "man in the _____ " attack by Cyber professionals.

Middle

The term bring-your-own device is used to describe _____ devices such as iPhones, smartphones, tablets, and other devices.

Mobile

The _____ National Database was developed to provide a publicly available database of all known vulnerabilities.

National Common Vulnerability

In the U.S., the ______ created a framework for companies and organizations in need of cybersecurity professionals. (six word answer)

National Institute of Standards and Technologies

In the U>S>, the _____ is responsible for intelligence collection and surveillance activities.

National Security Agency

White hat hackers may perform network _____ tests in an attempt to compromise networks and systems by using their knowledge of computer secuirty systems to discover network vulnerabilities.

Penetration

A cybersecurity specialist's career is also highly _____. Jobs exist in almost every geographic location.

Portable

What name is given to a amateur hacker?

Script kiddie

Packet _____ works by monitoring and recording all information coming across a network.

Sniffing

Cybersecurity specialists provide a necessary service to their organizations, countries, and societies, very much like __[a]__ enforcement or _____[b]_____responders.

Specified Answer for: a law Specified Answer for: b emergency

Cybersecurity is the ongoing effort to protect networked systems and data from unauthorized access. On a _____[a]_____ level, everyone needs to safeguard his or her identity, data, and computing devices. At the _____[b]_____ level, it is the employees' responsibility to protect the organization's reputation, data, and customers. At the _____[c]_____ level, national security and the citizens' safety and well-being are at stake

Specified Answer for: a personal Specified Answer for: b corporate Specified Answer for: c state

Big data is the result of data sets that are large and complex, making traditional data processing applications inadequate. Big data poses both challenges and opportunities based on three dimensions: The ____ (A)____ amount of data The ____(B)____ or speed of data The variety or range of data ____(C)____ and sources

Specified Answer for: a volume Specified Answer for: b velocity Specified Answer for: c types

A _____ denial of service (TDoS) attack uses phone calls against a target telephone network tying up the system and preventing legitimate calls from getting through.

Telephony

An employee or contract partner can accidentally mishandle confidential data.

True

Cyber experts now have the technology to track the movement and behavior of people, animals, and objects in real time.

True

Governments and industries are introducing more regulations and mandates that require better data protection and security controls to help guard big data.

True

Hacktivist may perform distributed denial of service (DDoS) attacks.

True

Many countries have established cyber intelligence agencies to collaborate worldwide in combating major cyberattacks.

True

Some state-sponsored cyber criminals are members of their nations' armed forces.

True

Next generation 911 call centers are vulnerable to cyberattacks because they use _____ systems rather than traditional landlines.

Voice over IP infrastructure

Cyber criminals are hackers who are either self-employed or working for large _____ organizations.

cybercrime

Pick four types of records that cyber criminals would be interested in stealing from organizations (based upon your reading):

medical employment financial game

Cisco and Microsoft are examples of companies with certifications that test knowledge of their _____

products


Ensembles d'études connexes

Java Chapter4A quiz: decisions/conditionals

View Set

Interactions of the Earth, Moon, and Sun: Tutorial

View Set

Psychology 101 Test 2: Chapter 7 Memory

View Set

BIOL 230 Cell and Molecular Final Study Guide

View Set

Summary of each article of the Constitution

View Set

4- Probability Distributions and Binomial Distributions

View Set

NUR410 PrepU PEDS Chapter 18 Care of The School Aged Child

View Set