Chapter 1 & 2

Ace your homework & exams now with Quizwiz!

Which of the following ensures that information is correct and no unauthorized person or malicious software has altered it?

Integrity

Viewing information that is entered by another person

Shoulder Surfing

The weakness of passwords centers on human memory.

True

In the U.S., if a consumer finds a problem on her credit report, she must first send a letter to the credit-reporting agency. Under federal law, how many days does the agency have to investigate and respond to the alleged inaccuracy and issue a corrected report?

30

From January 2005 through July 2015, approximately how many electronic data records in the United States were breached, exposing to attackers a range of personal electronic data, such as address, Social Security numbers, health records, and credit card numbers?

853 million

Where are you most likely to find a PKES system?

An automobile

The steps that ensure that the individual is who he or she claims to be

Authentication

Which of the following ensures that data is accessible when needed to authorized users?

Availability

A password attack in which every possible combination of letters, numbers, and characters is used to match passwords in a stolen password file

Brute force attack

A password attack that compares common dictionary words against those in a stolen password file.

Dictionary Attack

Technically speaking, the process for creating a password digital representation is based on a hash algorithm, which creates a(n) ____________________.

Digest

Which technique might an attacker employ to find documents that may reveal the true level of security within an organization?

Dumpster diving

____________________ involves digging through trash receptacles to find information that can be useful in an attack.

Dumpster diving

What is NOT a factor that contributes to difficulties faced in defending against attacks?

Enhanced encryption algorithms

What law contains rules regarding consumer privacy?

Fair and Accurate Credit Transactions Act

Describe phishing

Fake e-mails contain links to websites that only appear to be genuine and request personal information.

Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information?

GLBA

Under which law must healthcare enterprises guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format?

HIPAA

In the past, which term was commonly used to refer to a person who uses advanced computer skills to attack computers?

Hacker

A(n) ____________________ is a false warning, often contained in an e-mail message claiming to come from the IT department.

Hoax

What type of attack is a false warning, often contained in an email message claiming to come from the information technology (IT) department?

Hoaxes

Which of the following involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?

Identity theft

Which of the following involves using someone's personal information, such as a Social Security number, to fraudulently establish bank or credit card accounts?

Identity theft

What type of attacker is most likely to use information you have posted about yourself on a social networking site?

Identity thief

Which attacker category might have the objective of retaliation against an employer?

Insider

Which document identifies individuals within the organization who are in positions of authority?

Organizational charts

A secret combination of letters, numbers, and/or symbols that serves to authenticate a user by what he or she knows

Password

Which term is best described as individuals who want to attack computers yet who lack the knowledge of computers and networks needed to do so?

Script kiddies

Grouping individuals and organizations into clusters based on an affiliation

Social Engineering

Which of the following is a type of action that has the potential to cause harm?

Threat

FACTA grants consumers the right to request one free credit report from each of the three national credit-reporting firms every 12 months.

True

When creating passwords, the most important principle is that length is more important than complexity.

True

Redirecting a user to a fictitious website based on a misspelling of the URL

Typo Squatting

What is the best approach to establishing strong security with passwords?

Use technology for managing passwords

A phishing attack in which the attacker calls the victim on the telephone

Vishing

A phishing attack that targets wealthy individuals

Whaling

How do attackers today make it difficult to distinguish an attack from legitimate traffic?

by using common Internet protocols

What can an attacker use to divert all mail to their post office box so that the victim is never aware that personal information has been stolen?

change-of-address form

Which of the following is a numerical measurement used by lenders to assess a consumer's creditworthiness?

credit score

Terrorists who turn their attacks to the network and computer infrastructure to cause panic among citizens are known as which of the following?

cyberterrorists

What type of attack begins with the attacker creating digests of common dictionary words, and then comparing those in a stolen password file?

dictionary

How often does FACTA grants consumers the right to request one free credit report from each of the three national credit-reporting firms?

every 12 months

What term is frequently used to describe the tasks of securing information that is in a digital format?

information security

Security is ____ convenience.

inversely proportional to

What type of program lets a user create and store multiple strong passwords in a single user database file that is protected by one strong master password?

password management application

Information contained on devices is protected by three layers: Two of the layers are products and policies and procedures. What is the third layer?

people

With which type of social engineering attack are users asked to respond to an email or are directed to a website where they are requested to update personal information, such as passwords or credit card numbers?

phishing

What popular online activity involves grouping individuals and organizations into clusters or groups based on their likes and interests?

social networking

Which type of social engineering attack depends on the user incorrectly entering a URL?

typo squatting

Which of the following is a characteristic of a weak password?

used on multiple accounts

What is a flaw or weakness that allows a threat agent to bypass security?

vulnerability


Related study sets

Chapter 2: Psychology as a Science

View Set

Fundamentals of management ch9 assignment

View Set