BCOR 330: Chapter 7 quiz
Who is protected by California's SB-327 for IoT Security and who is accountable for ensuring the guidelines are met?
California's SB-327 for IoT Security helps to protect consumers; the responsibility lies with makers of devices that connect with the Internet.
How does conducting an inventory of where its critical data is stored most help a business to minimize the damage from natural disasters? More than one answer may be correct.
It helps to ensure geographic data redundancy. It helps with retrieving data immediately after a disaster.
Which statement best explains why rootkits can be difficult to detect?
Many types of rootkits are designed to bypass installed security software.
TechJury compiled a list of cybersecurity statistics that show the impact of different malware and network attacks. Which three of the following are correct?
Ninety-one percent of cyberattacks are launched with a phishing email. Thirty-eight percent of malicious attachments are masked as Microsoft Office files. Eighty-five percent of daily email attachments are harmful for their intended recipient.
As reported by Andrei Ene, one of the worst malware attacks in the last 10 years is the TBT, or
Tiny Banker Trojan.
From the following list, select all the examples of cybercrimes.
Trojan horse viruses computer hacking digital identity theft
List characteristics of computer viruses. More than one answer may be correct.
Viruses can destroy programs or alter the operations of a computer or network. A computer virus is software that infects computers and is created using computer code. Computer viruses are relatively easy to detect.
What is a cybersecurity threat?
an event or condition that can lead to IT asset loss and the negative consequences of such loss
When should an organization answer the question "Is this the highest priority security risk?"
before data security strategies are created
Cybersecurity threat mitigation is best defined as the policies, procedures, and tools that help an organization
identify cybersecurity threats, prevent them from being realized, and minimize damage from them.
What does the identify (ID) function of the NIST Cybersecurity Framework focus on?
organizational understanding of how to manage cybersecurity risks
Bad actors seeking to create computer viruses primarily must know how to
program code.
Malware that encrypts a computer's data, forcing the victim to purchase a decryption code, is called
ransomware. payware. software piracy.software piracy cryptoware.
A corporation that was recently the victim of hacking that was caused by a high-level employee falling for a phishing scheme institutes a required, annual, self-paced training module that alerts employees to the most common recent phishing attacks. The institution of this new training requirement represents which phase of the plan-protect-respond cycle?
respond
In what stage of the plan-protect-respond cycle forensic analysis conducted?
responding stage
What does the General Data Protection Regulation (GDPR) strive to achieve?
to ensure EU companies protect the privacy and personal data of EU citizens
A benign Internet robot that gathers data is called a(n)
web crawler.
Which of the following are examples of spear phishing?
An email is sent to employees at a specific company, instructing them to click on a link. That link deploys malware to their device.
in a DoS attack, what happens after a hacker has established a botnet? More than one answer may be correct.
The hacker now has a group of network computers under their control. The hacker directs zombie computers to simultaneously contact a target IP address. The hacker can capture data packets sent over the Internet to steal information.
From the following list, select all the possible warning signs of social engineering attacks.
emails or web pages that request personal information in exchange for a free offer emails or texts containing links to more information or a free download strange emails from known, trusted personal contacts and organizations
