Info Secure Draft

An advance-fee fraud attack involves the interception of cryptographic elements to determine keys and encryption algorithms.

False

Network security focuses on the protection of physical items, objects, or areas from unauthorized access and misuse.

False

The bottom-up approach to information security has a higher probability of success than the top-down approach.

False

The primary mission of information security is to ensure that systems and their content retain their confidentiality.

False

With the removal of copyright protection mechanisms, software can be easily and legally distributed and installed.

False

The community of interest made up of IT managers and skilled professionals in systems design, programming, networks, and other related disciplines is called _____.

Information Technology Management and Professionals

The protection of the confidentiality, integrity, and availability of information assets, whether in storage, processing, or transmission, via the application of policy, education, training and awareness, and technology is known as _____.

Information security

The protection of tangible items, objects, or areas from unauthorized access and misuse is known as _____.

Physical security

_____ is any technology that aids in gathering information about a person or organization without their knowledge.

Spyware

The _____ hijacking attack uses IP spoofing to enable an attacker to impersonate another entity on the network.

TCP

A breach of possession may not always result in a breach of confidentiality.

True

A data custodian works directly with data owners and is responsible for the storage, maintenance, and protection of the information.

True

Technical mechanisms like digital watermarks and embedded code, copyright codes, and even the intentional placement of bad sectors on software media have been used to deter or prevent the theft of software intellectual property.

True

Human error or failure often can be prevented with training, ongoing awareness activities, and _____.

controls

A server would experience a(n) _____ attack when a hacker compromises it to acquire information via a remote location using a network connection.

direct

A short-term interruption in electrical power availability is known as a _____.

fault

The average amount of time until the next hardware failure is known as _____.

mean time to failure (MTTF)

Individuals who control and are responsible for the security and use of a particular set of information are known as data _____.

owners

A table of hash values and their corresponding plaintext values used to look up password values if an attacker is able to steal a system's encrypted password file is known as a(n) _____.

rainbow table

A computer is the _____ of an attack when it is used to conduct an attack against another computer.

subject