Security Fundamentals - Ch1 Unit 1 Quiz
_____ ensures that individuals are who they claim to be. Demonstration Certification Authentication Accounting
Authentication
_____ ensures that only authorized parties can view the information. Integrity Authorization Confidentiality Availability
Confidentiality
_____ requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information and to protect all electronic and paper containing personally identifiable financial information. Gramm-Leach-Bliley Act (GLBA) Sarbanes-Oxley Act (Sarbox) California Savings and Loan Security Act (CS&LSA) USA Patriot Act
Gramm-Leach-Bliley Act (GLBA)
The _____ requires that enterprises must guard protected health information and implement policies and procedures to safeguard it. Health Insurance Portability and Accountability Act (HIPAA) Hospital Protection and Insurance Association Agreement (HPIAA) Gramm-Leach-Bliley Act (GLBA) Sarbanes-Oxley Act (Sarbox)
Health Insurance Portability and Accountability Act (HIPAA)
What is the difference between a hactivist and a cyberterrorist? Cyberterrorists always work in groups while hactivists work alone. The aim of a hactivist is not to incite panic like cyberterrorists. Cyberterrorists are better funded than hactivists. A hactivist is motivated by ideology while a cyberterrorist is not.
The aim of a hactivist is not to incite panic like cyberterrorists.
Why can brokers command such a high price for what they sell? Brokers are licensed professionals. Brokers work in teams and all the members must be compensated. The attack targets are always wealthy corporations. The vulnerability they uncover was previously unknown and is unlikely to be patched quickly.
The vulnerability they uncover was previously unknown and is unlikely to be patched quickly.
Each of the following is a reason why it is difficult to defend against today's attackers except __________. complexity of attack tools user confusion greater sophistication of attacks faster detection of vulnerabilities
complexity of attack tools
Each of the following can be classified as an "insider" except _______. cybercriminals employees contractors business partners
cybercriminals
The motivation of _____ is attacking for the sake of their principles or beliefs. cyberterrorists computer spies script kiddies insiders
cyberterrorists
Each of the following is a characteristic of cybercrime except______. exclusive use of worms and viruses theft of personal information targeted attacks against financial networks unauthorized attempts to access to information
exclusive use of worms and viruses
_____ ensures that the information is correct and no unauthorized person or malicious software has altered that data. integrity layering obscurity confidentiality
integrity
Each of the following is a characteristic of cybercriminals except _______. better funded more tenacious less risk averse low motivation
low motivation
Keeping backup copies of important data stored in a safe place is an example of blocking attacks layering minimizing losses sending secure information
minimizing losses
Protecting information is accomplished by reducing risk factors protecting the devices on which the information is found securing only local servers hiring an Information Security Officer (CISO)
protecting the devices on which the information is found
Each of the following is a successive layer in which information security is achieved except _______. people purposes policies and procedures products
purposes
In a general sense "security" is _______. protection from only direct actions the steps necessary to protect a person or property from harm only available on specialized computers something that can be relatively easy to achieve
the steps necessary to protect a person or property from harm
What is a person or element that has the power to carry out a threat? exploiter hazard element threat agent risk agent
threat agent
What is an objective of state-sponsored attackers? fortune over fame to right a perceived wrong to sell vulnerabilities to the highest bidder to spy on citizens
to spy on citizens
An example of a(n) _____ is a software defect in an operating system that allows an unauthorized user to gain access to a computer without a password. vulnerability asset exploit (AE) threat agent threat
vulnerability
In information security terminology a(n) _____ is a flaw or weakness that allows an attacker to bypass security protections. worm hole access access control vulnerability
vulnerability
