ITIA-1200 QUIZ 1

What class of attacks use innovative attack tools and once a system is infected it silently extracts data over an extended period? A. Modified Threat B. Advanced Persistent Threat C. Inside Attacks D. Embedded Attacks

ADVANCED PERSISTENT THREAT

In information security, what can constitute a loss? A). a delay in transmitting information that results in a financial penalty B). The loss of good will or a reputation C). theft of information D). all of the above

ALL THE ABOVE

In information security, which of the following is an example of a threat actor? A.) all of the above B.) a virus that attacks a computer network C.) a person attempting to break into a secure computer network D.) a force of nature such as a tornado that could destroy computer equipment

ALL THE ABOVE

Which of the following are considered threat actors? (Choose all that apply.) A. administrators B. competitors C. brokers D. regular users

COMPETITORS & BROKERS

Which of the three protections ensures that only authorized parties can view information? A. integrity B. security C. confidentiality D. availability

CONFIDENTIALITY

The Sarbanes-Oxley Act restricts electronic and paper data containing personally identifiable financial information. ( TRUE OR FALSE)

FALSE

Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information? A. Gramm-Leach-Bliley B. California Database Security Breach C. USA Patriot D. Sarbanes-Oxley

GRAMM-LEACH-BLILEY

What term is used to describe a group that is strongly motivated by ideology, but is usually not considered to be well-defined and well-organized? A. cyberterrorist B. hactivists C. script kiddies D. hacker

HACTIVISTS

Under which laws are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format? A.) HLPDA B.) HIPAA C.) HCPA D.) USHIPA

HIPPA

What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain? A. phishing B. cyberterrorism C. social scam D. identity theft

IDENTITY THEFT

Which term below is frequently used to describe the tasks of securing information that is in a digital format? A. information security B. logical security C. physical security D. network security

INFORMATION SECURITY

A vulnerability is a flaw or weakness that allows a threat to bypass security. (TRUE or FALSE )

TRUE

One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government. ( TRUE OR FALSE)

TRUE

To mitigate risk is the attempt to address risk by making the risk less serious. ( TRUE OR FALSE)

TRUE

What type of diversity is being implemented if a company is using multiple security products from different manufacturers? A. vendor diversity B. multiple-product security C. manufacturer diversity D. vendor-control security

VENDOR DIVERSITY

What threat actors are generally believed to be the most dangerous threat actors? Explain your answer.

YOUR OWN WORDS. WRITTEN STATEMENT. - INSIDERS .