Chapter 2: MIS 362
You discover that one of your organization's computers has stopped working properly due to malware. Who is most likely responsible for the presence of malware on this machine.
A careless coworker.
Your business has a web server that has suddenly become unresponsive. When you study the server's logs there are a huge number of requests from what appear to be legitimate computers. The problem is likely because of ___.
A distributed denial of service attack.
Which of the following is the correct description of a firewall?
A software and hardware combination that limits incoming and outgoing Internet traffic.
A data breach at your business resulted in the loss of some customer data. Several angry customers have filed charges. What is a recommended course of action to prepare for future events?
Activate the forensics analysis team and prepare documentation.
You work for a company that is growing. Originally, all the users in all departments had access to the data in the database. It is considered a security risk. What is an appropriate action to reduce the risk?
Assign roles and privileges to users so that only job-relevant data is accessible to the user.
Assessing damage following a computer incident, investigating the unauthorized disclosure of corporate confidential data, and confirming or evaluating the impact of industrial espionage are tasks most appropriate for ___.
Computer forensics.
Managed security service providers primarily help organizations keep pace with ___.
Cybercriminals and new laws and regulations.
Jennifer is a programmer who develops malware and deploys it in the computer systems of her organization's competitors so that she can secretly steal data about new product plans and designs, thus gaining a competitive advantage for her organization. What type of cyberattack is Jennifer involved in?
Cyberespionage.
Someone who attempts to destroy the infrastructure components of governments is known as a ___.
Cyberterrorist.
The final step in the security risk assessment process is to ___.
Decide whether or not to implement particular countermeasures.
In computing, an attack on an information system that takes advantage of a particular system vulnerability is called a(n) ___.
Exploit.
A hacktivist is someone who ___.
Hacks computers or Web sites in an attempt to promote a political ideology.
In a denial-of-service (DDoS) attack, the perpetrator ___.
Instructs the zombie computers to send simple access requests to target computers.
Legal consequences following a successful cyberattack on a well-known organization often include ___.
Lawsuits initiated by consumers who incurred damages.
You have been hired as the new Information Security consultant at XYZ Inc. Which of these employee behaviors would be a top security concern?
Leaving laptop computers unattended in public spaces.
What is the role of an MSSP?
Monitoring, Managing, and Maintaining Computer and Network Security.
Kenneth is assisting with step 7 of his organization's security risk assessment. He and his team compare the risks of potential security breaches against the estimated costs of preventing them from happening. Why is this an important step?
No amount of resources can guarantee a perfect security system, so one must balance risks with prevention costs.
These days, the biggest threats to IT security are from ___.
Organized groups that have ample resources including money and sophisticated tools, to support their efforts.
The percentage of adults in an area who are interested in opening an account with an investment company drops significantly after the media reports on a successful cyberattack on this organization. This is most likely the result of ___.
Reputation damage related to the cyberattack.
Once a ___ is installed, the attacker can gain full access to the computer.
Rootkit.
The purpose of an advanced persistent threat usually is to ___.
Steal Data.
Assume your organization is experiencing an intruder attack. You have an intrusion detection system (IDS) set up. Which of the following events occur first?
The network router sends traffic to the firewall as well as to the IDS.
A hacker writes some programming code that will cause a computer to behave in an unexpected and undesirable manner, but disguises it as something else to make it difficult to detect. Which attack has this attacker chosen to use?
Virus.
Which of the following shortcomings may be revealed during an IT security audit?
Whether only the appropriate personnel have access to critical data.
Viruses and worms are both attack vectors, but they differ in that ___.
Worms can propagate without human intervention.
You wish to use your personal laptop computer at work, but the IT department folks will not allow this. The likely reason is that ___.
Your non-work-related use of the laptop could increase vulnerability.