Chapter 8 DHS
Despite the intense efforts of cybercriminals to exploit the internet for their own gain, less than 1 million people have been personally affected by cybercrime in the United States.
false
Hackers from China have attempted to access US NOAA weather satellites but as of yet have not been successful.
false
The only difference between cyberwarfare and cyberterrorism is the target.
false
Under the Cybersecurity Framework, there are four "tiers" that enable stakeholders in the public and private sectors to assess how they are managing their cyber risk and to better understand how those actions measure up to what is considered effective.
false
Which of the following is defined as the "creation, access, modification, and destruction of information"?
processing
Ransomware is a method by which psychological or other non-technical means are used to trick victims into voluntarily or unwittingly handing over their personal information, including login information and passwords.
False
The attack on which of the following companies marked a change in the nature of cyberthreats against individuals and private sector organizations?
Sony
Which of the following involves making one's email appear like one that would be trusted by the target of a phishing scheme?
Spoofing
Infrastructure is considered a source of risk.
True
Malware is a catchall name for any program that seeks to compromise, disrupt, or steal from a device or system.
True
The DHS Directorate for National Protection and Programs leads the nation's efforts to manage cyberterrorism threats.
True
The failure or loss of just one CI system can rapidly cascade across multiple infrastructure sectors.
True
Which of the following is a series of national-level exercise focused on cybersecurity?
all of the above
Which of the following is defined as "the use or destruction of computing or information technology resources aimed at harming, coercing, or intimidating others in order to achieve a greater political or ideological goal."
all of the above
Which of the following is considered a source of critical infrastructure risk?
all the above
As of the end of 2014, no known act of cyberterrorism had ever occurred.
true
Cyberterrorism can result in injuries and/or deaths.
true
DHS infrastructure programs and policies are directed by the Office of Infrastructure Protection.
true
There are beneficial uses of cookies
true
A person who controls bots is called which of the following?
Bot herder
The Edward Snowden leaks exposed US programs to conduct which of the following?
Cyberespionage
Which of the following terms is defined by US-CERT to be, "The activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and/or defended against damage, unauthorized use or modification, or exploitation"?
Cybersecurity
Which of the following is defined as "the global network of information technology infrastructure, inclusive of the internet, the telecom network, systems of servers and computers, electronic control mechanisms, and the embedded processes in microchips and other semiconductors"?
Cyberspace
The Stuxnet Worm is most likely an example of which of the following?
Cyberwarfare
Government is considered a component of critical infrastructure.
True
Approximately how many US companies experienced a cyber-breach as reported in 2014?
43%
How many critical infrastructure 'sectors' does the National Infrastructure Protection Plan recognize?
16
Which of the following is not one of the five cybersecurity functions identified under the Cybersecurity Framework?
Destroy
Which of the following is not one of the three "clusters" of cyberterrorism?
Exploitive cyberterrorism
A hospital is an example of a component in network-oriented infrastructure.
False
The National Cyber Incident Response Plan is an annex to the National Response Framework.
False
The Stuxnet Worm was developed to disrupt Iran's chemical weapons production capabilities.
False
Unlike other forms of infrastructure, critical infrastructure must be owned and operated by the government.
False
Unlike viruses, worms require human action to replicate themselves.
False
Which of the following is considered one of the most destructive and difficult cyberthreats to prevent?
Rogue Insider
Which of the following hacking methods specifically targets databases?
SQL Injection
Which of the following is a "self-organized, self-run, and self-governed private sector council consisting of owners and operators and their representatives, which interact on a wide range of sector-specific strategies, policies, activities, and issues"?
Sector-Coordinating Council
The Second Quadrennial Homeland Security Review identified three factors that explained why cyberspace is particularly difficult to secure. Which of the following is not one of those factors?
The low cost of cyberterrorism
Which of the following is a malicious program disguised to look like a useful program, which the user knowingly installs on their device, and that manipulates the manner in which a device's operating system functions?
Trojan Horse
Cybercrime is distinct from other forms of cyber-attacks in that the perpetrators seek personal gain or notoriety.
True