Test 1 Cyber Intro: Chapter 1
Legion of Doom
One of the most infamous hacker groups goes by the name _____________________.
Securely Provision
conceptualizing, designing, and building secure IT systems
True
Some state-sponsored cyber criminals are members of their nations' armed forces.
Information Systems Security (InfoSysSec)
Network security organization that hosts a security news portal, providing the latest breaking news pertaining to alerts, exploits, and vulnerabilities.
Voice-over-IP
Next generation 911 call centers are vulnerable to cyberattacks because they use ____________________________ systems rather than traditional landlines
Flood
Next generation 911 call centers are vulnerable to distributed-denial-of-service (DDoS) attacks that use many systems to __________ the resources of the target making the target unavailable to legitimate users.
Computer Emergency Response Team (CERT)
U.S. federally funded initiative chartered to work with the Internet community in detecting and resolving computer security incidents
Analyze
highly specialized review and evaluation of incoming cybersecurity information to determine if it is useful for intelligence
Protect and Defend
identification, analysis, and mitigation of threats to internal systems and networks
Investigate
investigation of cyber events and/or cyber crimes involving IT resources
Oversight and Development
leadership, management, and direction to conduct cybersecurity work effectively
telephone
A ______________________ denial of service (TDoS) attack uses phone calls against a target telephone network tying up the system and preventing legitimate calls from getting through.
Portable
A cybersecurity specialist's career is also highly _____________. Jobs exist in almost every geographic location.
Operate and Maintain
providing the support, administration, and maintenance required to ensure IT system performance and security
domains
Companies such as Google, Facebook, and LinkedIn, could be considered to be data _____________ in our cyber world
Collect and Operate
specialized denial and deception operations and the collection of cybersecurity information
Products
Cisco and Microsoft are examples of companies with certifications that test knowledge of their ________________.
SysAdmin, Audit, Network, Security (SANS) Institute
More than 1,200 award-winning, original research papers; also develops security courses
False
According to the online content review (from netacad), the greatest motivation for most cyber criminals is political.
False
An advanced persistent attack (APA) is a continuous computer hack that occurs under the radar against a specific object.
Infected
An employee may facilitate outside attacks by connecting _____________ USB media into a corporate computer system.
True
An employee or contract partner can accidentally mishandle confidential data
False
Another term for DNS Spoofing is DNS record poisoning
a Volume b Velocity c Types
Big data poses both challenges and opportunities based on three dimensions: The ____[a]____or amount of data The ____[b]____ or speed of data The variety or range of data ____[c]____ and sources
cybercrime
Cyber criminals are hackers who are either self-employed or working for large _________________ organizations.
law, emergency
Cybersecurity specialists provide a necessary service to their organizations, countries, and societies, very much like __[a]__ enforcement or _____[b]_____responders
True
Governments and industries are introducing more regulations and mandates that require better data protection and security controls to help guard big data
True
Hacktivists may perform distributed denial of service (DDoS) attacks.
2015
In __________ the U.S. Congress passed the USA Freedom Act ending the practice of collecting U.S. Citizens' phone records in bulk.
National Security Agency
In the U.S., the ___________________________________________ is responsible for intelligence collection and surveillance activities.
National Institute of Standards and Technologies
In the U.S., the ______________________________________________________________________ created a framework for companies and organizations in need of cybersecurity professionals. (six word answer)
countermeasures
Internal attackers may have knowledge of security ______________________________, policies, and higher levels of administrative privileges.
Mitre Corporation
Maintains a list of common vulnerabilities and exposures used by prominent security organizations
True
Many countries have established cyber intelligence agencies to collaborate worldwide in combating major cyberattacks.
a personal b corporate c state
On a _____[a]_____ level, everyone needs to safeguard his or her identity, data, and computing devices. At the _____[b]_____ level, it is the employees' responsibility to protect the organization's reputation, data, and customers. At the _____[c]_____ level, national security and the citizens' safety and well-being are at stake
sniffers
Packet ______________ works by monitoring and recording all information coming across a network
forgery
Packet ______________interferes with an established network communication by constructing packets to appear as if they are part of a communication.
Medical, Financial, Education, Employment
Pick four types of records that cyber criminals would be interested in stealing from organizations (based upon your reading):
International Information Systems Security Certification Consortium (ISC)2
Provide information security certifications including the Certified Information Systems Security Professional (CISSP)
MS-ISAC
Provides real-time network monitoring, early cyber threat warnings and advisories, vulnerability identification and mitigation and incident response.
Forum of Incident Response and Security Teams (FIRST)
Security organization that brings together a variety of computer security incident response teams from government, commercial, and educational organizations to foster cooperation and coordination
All of the Above
The ISACA group track law enacted related to cyber security. Examples of these laws include:
Information Security
The ISO 27000 series of standards have been specifically reserved by ISO for _______________ matters . (two word answer)
False
The Studnet attack targeted the Supervisory Control and Data Acquisition (SCADA) system used to control and monitor industrial processes.
InfraGard
The __________________ program is a partnership between the Federal Bureau of Investigation and the private sector. The participants are dedicated to sharing information and intelligence to prevent hostile cyberattacks.
National Common Vulnerabilities and Exposures
The __________________________________________ National Database was developed to provide a publicly available database of all know vulnerabilities.
Federated
The most common way to protect _______________ identity is to tie login ability to an authorized device.
Hacker
The term _______________ described individuals with advanced programming skills. They used these programming skills to test the limits and capabilities of early systems. These early individuals were also involved in the development of early computer games.
mobile
The term bring-your-own-device is used to describe _____________ devices such as iPhones, smartphones, tablets, and other devices,
Brokers
Vulnerability _____________ are usually grey hat hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards
What is an example of an Internet data domain?
Vulnerability Databases
What is the term used to identify a unique arrangement of information used to identify an attacker's attempt to exploit a known vulnerability.
Script Kiddie
What name is given to a amateur hacker?
algorithm
What type of an attack can disable a computer by forcing it to use memory or by overworking its CPU?
penetration
White hat hackers may perform network __________________ tests in an attempt to compromise networks and systems by using their knowledge of computer security systems to discover network vulnerabilities.
cache
With DNS spoofing the criminal introduces false data into a DNS resolver's _____________.
Federated
___________________ identity management refers to multiple enterprises that let their users use the same identification credentials gaining access to the networks of all enterprises in the group.
Hacktivists
_____________________ make political statements to create awareness to issues that are important to them.