Chapter 1
Finding solutions for problems diagnosed by a technician
A security manager's duty should involve which of the following? Finding solutions for problems diagnosed by a technician Providing technical support for problematic software and hardware Pinpointing user's needs and discovering solutions for issues Surveying existing security systems and their infrastructure
Authorization
A user's supervisor directed him to update a file. When the user opened the file on a shared drive he was denied access to the file. The user was denied access because of which security protection? Authentication Confidentiality Accounting Authorization
d) Exploited a vulnerability through a threat vector
An attacker who has obtained a confidential USB flash drive from an administrator's desk through social engineering has accomplished which of the following? a) Used a threat agent to steal information b) Has utilized risk avoidance to be undetected c) Has avoided risk deterrence to carry out data theft d) Exploited a vulnerability through a threat vector
obscurity
An example of ________ is not revealing the type of computer, operating system, software, and network connection a computer uses. obscurity limiting diversity layering
diversity
An organization that purchased security products from different vendors is demonstrating which security principle? layering diversity obscurity limiting
stockholders
Each of the following can be classified as an "insider" EXCEPT . business partners stockholders employees contractors
avoid legal consequences
Each of the following is a goal of information security EXCEPT . avoid legal consequences prevent data theft limit access control foil cyberterrorism
purposes
Each of the following is a successive layer in which information security is achieved EXCEPT . products people procedures purposes
User confusion
If a user installs an add-on from an unknown vendor, this security risk is caused by what? Cybercriminals User account control User confusion Phishing
chief information security officer (CISO)
The _______ is primarily responsible for assessing, managing, and implementing security. security administrator security technician chief information security officer (CISO) security manager
cybercriminals
What are attackers called who belong to a network of identity thieves and financial fraudsters? cybercriminals script kiddies hackers brokers
threat agent
What is a person or element that has the power to carry out a threat? vulnerability threat agent exploiter risk agent
Disconnect a device from the internet
What is a very simple way to limit your attack surface? Perform operations through the command prompt. Disconnect a device from the internet Install Flash Player Set all of your services to automatically start up
to spy on citizens
What is an objective of state-sponsored attackers? to sell vulnerabilities to the highest bidder to spy on citizens to right a perceived wrong fortune instead of fame
The aim of a hactivist is not to incite panic like cyberterrorists.
What is the difference between a hactivist and a cyberterrorist? Cyberterrorists are better funded than hactivists. A hactivist is motivated by ideology while a cyberterrorists is not. Cyberterrorists always work in groups while hactivists work alone. The aim of a hactivist is not to incite panic like cyberterrorists.
reconnaissance
What is the first step in the Cyber Kill Chain®? actions on objectives reconnaissance exploitation weaponization
There is no silver bullet solution to IT security
What silver bullet is a fail-safe solution that addresses IT security? There is no silver bullet solution to IT security cloud software online software grid software
exploit kit
What tool would most likely be used by a script kiddie? super computer exploit kit threat agent packet analyzer
Health Insurance Portability and Accountability Act (HIPAA)
Which act requires enterprises to guard protected health information and implement policies and procedures to safeguard it? Health Insurance Portability and Accountability Act (HIPAA) Sarbanes-Oxley Act (Sarbox) Gramm-Leach-Bliley Act (GLBA) Hospital Protection and Insurance Association Agreement (HPIAA)
is only used by hactivists against foreign enemies
Which of the following is NOT a characteristic of Advanced Persistent Threat (APT)? is only used by hactivists against foreign enemies can span several years targets sensitive proprietary information uses advanced tools and techniques
It was created to safeguard only electronic health information
Which of the following is NOT true about HIPPA? One could be sentenced up to ten years in prison It was created to safeguard only electronic health information HIPPA laws apply to third party business associates One could be fined up to $50,000 for each violation
gray hat hackers
Which of the following was used to describe attackers who would break into a computer system without the owner's permission and publicly disclose the vulnerability? white hat hackers gray hat hackers black hat hackers blue hat hackers
the necessary steps to protect a person or property from harm
Which phrase describes the term "security" in a general sense? only available on hardened computers and systems protection from only direct actions using reverse attack vectors (RAV) for protection the necessary steps to protect a person or property from harm
d)Availability
Which term gives the appropriate parties the ability to obtain information security (securely)? a)Communication b)Authentication c)Confidentiality d)Availability
greater sophistication of defense tools
Which the following is NOT a reason why it is difficult to defend against today's attackers? greater sophistication of defense tools delays in security updating increased speed of attacks simplicity of attack tools
The vulnerability was previously unknown and is unlikely to be patched quickly.
Why can brokers command such a high price for what they sell? Brokers are licensed professionals. Brokers work in teams and all the members must be compensated. The vulnerability was previously unknown and is unlikely to be patched quickly. The attack targets are always wealthy corporations.
They can cause significant disruption by destroying only a few targets.
Why do cyberterrorists target power plants, air traffic control centers, and water systems? These targets are government-regulated and any successful attack would be considered a major victory. The targets are privately owned and cannot afford high levels of security. These targets have notoriously weak security and are easy to penetrate. They can cause significant disruption by destroying only a few targets.
To tamper with the integrity of the operating system
Why would an attacker make changes to the registry of a system? To eliminate availability of data for the organization To manipulate files on the C drive To tamper with the integrity of the operating system To damage sectors on the hard drive
Authentication
_____ ensures that individuals are who they claim to be. Accounting Certification Demonstration Authentication
Confidentiality
_____ ensures that only authorized parties can view the information. Confidentiality Integrity Authorization Availability
