Cybersecurity

Ace your homework & exams now with Quizwiz!

What does GDPR stand for?

General Data Protection Regulation

Something of value.

asset

Encrypted data.

ciphertext

GDPR is ____________________ legislation.

gdpr

The cybersecurity parable about Tim dealt primarily with which issue?

identity theft

Malware that tries to alter a system in order to prevent itself from being detected.

rootkit

Software that secretly captures and transmits a user's data, credentials, passwords, or usage behavior.

spyware

Using social media to find personally identifiable information is an example of ______________ OSINT.

technical

Make another party assume responsibility for a risk.

transfer

An attack without any days of prior warning, or a novel attack method.

zero-day

Which of the following best represents the concept of a logic bomb?

"Ambush" malware; code that waits for a particular event or circumstance to occur before it executes.

About how many people in the United States are victims of identity theft each year?

10,000,000

Which of the following best represents the concept of whitelist?

A collection of permitted or allowed actions or items.

Which of the following best represents the concept of single point of failure?

A component of a system which, if it stops functioning properly, adversely affects the entire system.

Which of the following best represents the concept of bot or zombie?

A compromised computer under the control of an attacker for the purpose of launching attacks.

In the context of risk management, which of the following best represents the concept behind the word "avoid?"

Abandon a potentially dangerous activity.

A data file used to verify a credential. This authentication method is an example of "something you have."

Certificate

Acknowledge risk without addressing it.

accept

The act of using an information system.

access

A way to regulate who or what can use a resource in an information system.

access control

Records of actions performed.

accounting

Software that displays advertisements on a computer display, or intercepts input to collect marketing data.

adware

A physical boundary between information systems, in which devices in one system are not and have never been networked to devices or data in the other system.

air gap

A mathematical procedure or recipe that may be used to transform data.

algorthim

Software or a system used to accomplish tasks is

an application

Software to detect and prevent execution of worms and viruses.

antivirus

An act that carries out a threat.

attack

The assurance/verification that a user is genuine and not an impostor.

authetication

Social pressure to obey, defer to, or respect the directions of an expert or a leader.

authority

Limited permission granted to perform an action.

authorization

The United Kingdom's National Health Service was crippled when an attack with software called "WannaCry" rendered many of their computers unusable. Over 19,000 medical appointments had to be cancelled, which caused NHS to lose over £92 million. This is an example of what type of cyber security breach?

availability

Instead of a login prompt on your computer, you get a message saying your system has been encrypted and you can no longer access it unless you follow the instructions to pay bitcoin, which will then allow you to decrypt your system. Which of the following would best allow you to recover without giving in to the hacker's demands?

backup

One phenomenon that the rise of the Internet has led to is the collection and analysis of

big data

An intrinsic body feature, such as a fingerprint or voice pattern, used to verify a credential. This authentication method is an example of "something you are."

biometric

A collection of forbidden actions or items.

blacklist

_____________ is usually used for gadgets and peripherals rather than connections to the Internet.

bluetooth

A compromised computer under the control of an attacker for the purpose of launching attacks.

bot

The threat actor in control of a botnet.

bot herder

A group of compromised "bot" computers.

botnet

Exhaustively test every possible input (usually passwords) until one is found that produces a desired result.

brute force tetx

A situation in which an amount of data to be processed exceeds the amount of memory a programmer allocated to contain that data, causing adjacent memory to be overwritten.

buffer overflow

Researchers have called ________________ a propaganda machine.

cambride analytica

An encryption algorithm that substitutes characters with other characters.

cipher

Plaintext that is transmitted clearly instead of transformed into ciphertext before transmission.

cleartext

External Internet-based information resources, which may be rented or leased.

cloud

Variation of reciprocity: social pressure to concede to a smaller request after having resisted a larger request.

concession

PCI DSS compliance is enforced through _________.

contracts

.Data saved by a web browser on behalf of a web server.

cookie

The legal control of how a creative work may be disseminated, distributed, or exhibited.

copyright

cholastic Inc. can legally distribute the Harry Potter novels in the United States, and Warner Bros. Entertainment Inc. can legally distribute the Harry Potter films based on those novels. This is an example of what

copyright

Attempts to recover plaintext from ciphertext with limited or no knowledge of the algorithm or keys.

cryptanalysis

Software that encrypts data and offers a decryption mechanism after payment of a ransom.

crypto maware

Under GDPR, personal data is any data that can __________ you.

data

After Keiko spends some time playing an adventure game, she saves her progress and turns off the computer. She turns on the computer again to play the game the next day, and she doesn't have to restart the adventure at the beginning because the system stored or remembered her previous accomplishments. This is an example of

data at rest

Information saved to long-term storage media.

data at rest

Information being used or manipulated by a computer.

data being processed

Information being copied or moved from one machine to another.

data in transit

Using an algorithm with keys to recover encrypted data.

decryption

A stance of forbidding everything except what a whitelist specifically allows.

default deny policy

Using multiple types of controls or defenses, each of which an attacker would need to penetrate.

defense in depth

The loss of availability.

denial of service

Which kind of intellectual property law applies if a clockmaker wants to make and sell "knock-off" clocks that look identical to another clockmaker's popular clocks?

design rights

Attempt to guess a password by trying words from a dictionary or from a similar list of candidates.

dictionary attack

Security professionals are faced with more _______________ temptations due to their exposure to more data and information that most traditional employee

ethical

Principles that govern and support acceptable behavior or conduct.

ethics

To steal data; to transfer or copy data without authorization.

exfiltrate

Software or processes that take advantage of a bug or vulnerability to make a system behave in an unintended manner.

exploit

In the past few years, tapes have become a more attractive backup target than disks because of their lower cost, better reliability, and more flexibility

false

Internet of Things devices are not vulnerable to identity theft.

false

A device or software to control the kinds of transmissions that are denied (blacklisted) or permitted (whitelisted) on a network connection.

firewall

There are three steps to making friends with your ethical self. Which of the following is not one of them?

give positive affirmition

Intentionally accessing a computer system without (or in excess of) authorization.

hacking

A credential that represents an individual using an information system.

identification

Crimes in which someone wrongfully obtains and uses another person's personal dat

identituy theft

Crimes in which someone wrongfully obtains and uses another person's personal data

identity theft

Risk = Probability X

impact

Actions undertaken in the aftermath of an incident.

incedint response

An occurrence of a successful attack.

incident

ensures that the data stored on devices is correct and no unauthorized persons or malicious software has altered data.

integrety

The assurance that an information resource is correct and protected from unauthorized modification.

integrity

An idea, invention, or process derived from the work of the mind or intellect.

intellectual property

The Book of Mormon Videos are an example of ________________________ of the Church of Jesus Christ of Latter-day Saint

intellectual property

In today's society and culture, we need to ask if ______________ should be a human right.

internet access

There are lots of answers to core questions because of the "big secret." What is the big secret?

it depends

Wireless denial of service; an attempt to interfere with or overwhelm a wireless signal with a flood of extra radio frequency signal energy.

jamming

A secret collection of numbers or keystrokes used by a cryptographic algorithm.

key

Software that secretly records a user's input.

keylogger

The key to thwarting a brute-force password cracking attempt is having a password with more

length

Social pressure to emulate or seek approval of people you admire or like.

liking

"Ambush" malware; code that waits for a particular event or circumstance to occur before it executes.

logic bomb

One of the ethical principles behind the development of the Internet is the idea of ______________.

net neutrality

Reduced ability to hear due to chronic exposure to loud sounds, such as high volume audio from earbuds or headphones

noise induced hearinf loss

Shoulder surfing to observe someone's password is an example of what?

non techincal osint

Which of the following is NOT a type of intellectual property?

none of these

Variation of reciprocity: social pressure to gratefully respond after you are relieved of a burden.

obligation

General definitions of privacy state that a person is free from

observation

skills are at the top of the list for non-technical OSINT.

observational

A clothing store keeps employee records on a server in an equipment closet. This is an example of ____________ information resources

on-premise

Local information resources, owned and operated by an organization.

on-premise

s the life blood of social engineering.

osint

The legal control of how an invention may be manufactured and distributed.

patent

One way for us to regain custody and control of our data is for ____________________.

people to be paid for their data.

Which of the following is not a malware cybersecurity threat?

phishing

Understandable data, before it is encrypted or after it is decrypted.

plaintext

Duplicating a resource, to eliminate single points of failure and ensure availability.

redundanyc

How can I care for those with no power?

relationship lens

How do I use my power and resources fairly?

relationship lens

What kind of character do I want to develop?

reputation lens

How can I treat others with respect?

result

What do I really want and need to be happy?

result lens

Why am I making this choice?

right/responsibilty lens

How can I treat others as they want to be treated?

rights/repsonsinilt lens

A ________, in plain language, is a chance of something bad happening combined with how bad it would be if it did happen.

risk

A situation that involves exposure to danger.

risk

An email invites you to click on a link, and also informs you that the first 200 recipients to do so will win a gift certificate.

scarcity

Software that uses hoaxes to trick users into installing malware.

scareware

Compulsive behavior associated with cravings to use devices to connect with online media and negative psychological symptoms when unable to connect

screen addiction

An access control mechanism that prevents use of a device until an unlocking action is successfully performed.

screen lock

You are attempting to use your friend's mobile phone, but you don't know their PIN code. After three failed attempts, a message tells you that access to the mobile device has been suspended. Which of the following terms best represents the concept at play?

screenlock

Authorization to operate a computer system using a command-line or graphical user interface.

shell access

A component of a system which, if it stops functioning properly, adversely affects the entire system.

single point failure

A component of a system, which, if it stops functioning properly, adversely affects the entire system.

single point failure

A ____________ is a negative event that can lead to an undesired outcome, such as damage to, or loss of, an asset.

threat

A type of action that has the potential to cause harm

threat

A person or entity that has the power to carry out a threat.

threat actor

The following are examples of ___________. Hacktivists Cybercriminals Disgruntled insiders Nation States Careless employees

threat actors

In 2018 the company Grumpy Cat Limited defended the use of its Grumpy Cat name against another company, Granade Beverage, which tried to use the name without permission to sell Grumpy Cat branded coffee items. This is an example of what?

trademark

The legal control of how names and images representing a product, creative work, or brand may be used.

trademark

Software that disguises itself as useful, but actually contains malware.

trojan

Intellectual property is the output of innovation, new products, and technologies that are protected so that they can thrive in the marketplace.

true

Online shopping fraud is a form of identity theft

true

A collection of permitted or allowed actions or items.

whitelist

Malware that automatically spreads copies of itself to other computers over a network.

worm

Which of the following best represents the concept of advanced persistent threat?

Threat actors carrying out attacks over an extended time period without being detected.

Which of the following best represents the concept of nation state actor?

Threat actors employed by a government or military.

Requiring two different methods of authentication to verify a credential.

2FA

Which of the following best represents the concept of a procedure?

A collection of detailed plans and prescriptions for how a policy is pursued and implemented. (It answers the question, "How should it happen?")

Which of the following best represents the concept of a firewall?

A device or software to control the kinds of transmissions that are denied (blacklisted) or permitted (whitelisted) on a network connection.

Which of the following best represents the concept of jamming?

Wireless denial of service; an attempt to interfere with or overwhelm a wireless signal with a flood of extra radio frequency signal energy.

Data saved by a web browser on behalf of a web server.

a cookie

Having and being responsible for your records of actions you performed.

accountability

A threat actor engaged in carrying out a threat.

attacker

The assurance that an information resource is accessible in a timely manner.

availability

ensures network resources are readily accessible to authorized users.

availability

Abandon a potentially dangerous activity.

avoid

Software that circumvents normal security controls, in order to provide access to a computer or service.

backdoor

A copy of information system's data, to preserve it in case of loss or destruction of the system or its information.

backup

The science of transforming data in order to use, store, or transmit it securely.

cryptology

Internet-based systems hidden or obscured from traditional search engines and the public.

dark web

Using an algorithm with keys to transform data, making it unintelligible to everyone except intended recipients.

encryption

Software that acts against the best interests of a user.

malware

An incorrectly configured device.

misconfiguration

Make a risk less serious.

mitigate

Encrypted data is [ Select ] ["cleartext", "ciphertext", "plaintext"] . Text that is transmitted without being encrypted before transmission is called cleartext .

plaintext Answer 2:Correct!ciphertext Answer 3:Correct!cleartext

GDPR is a law passed by the European Union. It's primary purpose is to address _________.

privacy

The privilege of being free from observation or interference, to the degree that you choose.

privacy

A simple step we can take to protect ourselves from even the most sophisticated trackers is to use ________________ more.

private browsing

Information without any privacy restrictions constitute which type of data classification?

public

Software that prevents availability of a computer resource until a ransom is paid.

ransomware

Which of the following best represents the concept of air gap?

A physical boundary between information systems, in which devices in one system are not and have never been networked to devices or data in the other system.

Which of the following best represents the concept of an acceptable use policy?

A policy that defines the actions users may perform while accessing systems and network equipment.

Which of the following best represents the concept of a buffer overflow?

A situation in which an amount of data to be processed exceeds the amount of memory a programmer allocated to contain that data, causing adjacent memory to be overwritten.

Which of the following best represents the concept of risk?

A situation that involves exposure to danger.

Which of the following best represents the concept of default deny policy?

A stance of forbidding everything except what a whitelist specifically allows.

For whom am I a role model?

reputation lens

Social pressure based on the perception that resources are limited.

scarcity

Disabling unused services, changing default accounts/passwords, and updating or patching a system.

system hardening

Organizational control of confidential intellectual property.

tradesecret

Which of the following best represents the concept of hacktivist?

A threat actor that is strongly motivated by ideology.

Which of the following best represents the concept of control?

A tool to regulate or guide security efforts; can be preventive, detective, corrective, etc.

Which of the following best represents the concept of zero-day?

An attack without any days of prior warning, or a novel attack method.

Identify the type of authentication used (have/know/are) in the following spy scenario: I knock on the door and my assistant answers through the door "Who is it?" I reply "It is me"

Are

Which of the following best represents the concept of a dictionary attack?

Attempt to guess a password by trying words from a list word candidates.

Which of the following best represents the concept of cryptanalysis?

Attempts to recover plaintext from ciphertext with limited or no knowledge of the algorithm or keys.

What is the main point about the following IT security saying? "You don't have to be faster than the lion; you just have to be faster than the other guy running away from the lion."

Hackers are looking for the easiest targets when it comes to end users.

Which is probably the most recognized acronym in the information security industry?

CIA

A telephone solicitor asks you for a large amount of money for a very good cause. You say you cannot afford that much. The solicitor then asks for a small amount of money. This is an example of which principle of influence?

Concession

A company announced that it suffered an incident in which private information was stolen and disclosed. The disclosed data included names, email addresses, passwords, dates of birth, and phone numbers. This is an example of what type of cyber security breach?

Confident

The assurance that an information resource is protected from unauthorized exposure.

Confidentiality

A date on which a vendor stops supporting a product or service.

EOL

Do not ever write a password down on a piece of paper.

False

If a person tampers with an election by altering ballot data or adding additional ballots, that scenario represents a failure of which information security characteristic?

Integrity

For increased password strength, include all of the following in your password, except:

Modifier keys e.g. fn, alt, ctrl

is the life blood of social engineering.

OSINT

Which principle of influence depends social norms or expected behavior?

Obligation

Which of the following contribute to screen addiction?

Frequent stimulation from a social media app or game Operant conditioning (or "cue" sounds) from a social media app or game Unpredictable stimulation from a social media app or game

Which of the following best represents the concept of spyware?

Software that secretly captures and transmits a user's data, credentials, passwords, or usage behavior.

Which of the following best represents the concept of scareware?

Software that uses hoaxes to trick users into installing malware.

Which of the following best represents a social engineer using a hoax in order to manipulate a target?

A hoax could convince a user that a virus is circulating, and that he should reset his email security settings to protect his computer system.

is a calculated network attack on any organization. These threats occur when a hacker, or group of hackers, establishes a foothold inside of an enterprise network. They go undetected for prolonged periods of time, allowing for sensitive data to be mined.

An APT (advanced persistent threat)

A hotel is able to increase the number of customers who reuse towels by putting a note in their room telling that most of their other customers also share towels. This is an example of which principle of influence?

Consensus

Someone makes a small request of you and you grant it. Then they make a similar, but larger request of you and you feel obligated to grant it too. This is an example of which principle of influence?

Consistency

The following are examples of APTs (advance persistent threats), except:

DDOS (distributed denial of service)

An attempt to overwhelm a service with a flood of traffic from many computers or a botnet.

DDos

All of the following are types of password attacks except:

Denial of service attacks

Which of the following best represents the concept of system hardening?

Disabling unused services, changing default accounts/passwords, and updating or patching a system.

CompTIA recommends changing passwords how often?

Every three months.

Identify the type of authentication used (have/know/are) in the following spy scenario: I walk into the back room of a pawn shop and am met by a brawny thug carrying a gun. He tells me to get lost. I reply "Skinny Joe sent me." He lets me in.

Know

When negotiating business contracts, agreements were nearly twice as likely when negotiators took time to establish relationships. This is an example of which principle of influence?

Liking

If the company you work for loses data due to a backup failure, what factors should you consider when you estimate how badly the lost data will cost your business?

Lost time Lost orders Lower morale Diminished reputation Lost customers

Requiring more than one method of authentication to verify a credential.

MFA

Who are the two types of employees when it comes to IT security? (Choose two)

Major risk employees Minimal risk employees

Which of the following best represents the concept of mitigation?

Making a risk less serious.

Which of the following best represents the concept of a worm?

Malware that automatically spreads copies of itself to other computers over a network.

Which of the following best represents the concept of a virus?

Malware that spreads copies of itself to other computers when it is executed by a user.

What does OSINT stand for?

Open Source Intelligence

Phishing is a cybersecurity threat used for all of the following except:

Password cracking.

PCI DSS?

Payment Card Industry Data Security Standard

Software that disguises itself as useful, but actually provides a backdoor.

Rat

Which of the following best represents the concept of ransomware?

Software that prevents availability of a computer resource until a ransom is paid.

Which of these is NOT an alternative term or synonym for "information security?"

Risk Management

A man dressed as a telephone repairman was able to gain unauthorized access to the business' server room based on the pretense that he had just checked the "Internet problem" at the businesses on either side and that they checked out okay. This is an example of which principle of influence?

Social proof

When we are lost, confused, or unsure, we generally look to others to see how they are acting for cues for what we should be doing. This is an example of which principle of influence?

Social proof

Which of the following best represents the concept of a backdoor?

Software that circumvents normal security controls, in order to provide access to a computer or service.

Which of the following best represents the concept of RAT (remote access trojan)?

Software that disguises itself as useful, but actually provides a backdoor.

Which of the following best represents the concept of adware?

Software that displays advertisements on a computer display, or intercepts input to collect marketing data.

When it come to to online trackers, we have developed a ________________ mentality.

Stockholm syndrome

All of the following are good ways to thwart password attacks except:

Stop clicking on suspicious links.

Which of the following best represents the concept of external threat?

The potential of someone outside an organization to be a threat actor.

Which of the following definitions best matches the concept of Two Factor Authentication from a security standpoint?

The process of requiring two different methods to verify a creditial

Identity theft is a crime in which someone wrongfully obtains and uses another person's personal data.

True

The strongest passwords will have a combination of the following characteristics, except:

Use a common password

All of the following are good ways to manage passwords on multiple Web sites, except:

Use a very strong password that is long and randomly generated on all your Web sites

All of the following are good ways to thwart rogue software attacks except:

Use encrypted wireless access points.

All of the following are good ways to thwart man in the middle attacks except:

Use lengthy passwords made up of random characters.

All of the following are good ways to thwart malvertising attacks except:

Use secure connections to web sites (such as https).

All of the following are good password strategies to keep you safe, except:

Use short passwords so you will be able to remember them..

Which of the following best represents the concept of encryption?

Using an algorithm with keys to transform data, making it unintelligible to everyone except intended recipients.

Malware that spreads copies of itself to other computers by user interaction.

Virus

A flaw or weakness that allows a threat actor to bypass security.

Vulnerability

A wireless local area network

WLAN

The original set of protections from the WiFi Alliance designed to address both encryption and authentication.

WPA

Currently, the most secure model for protecting WiFi communications.

WPA2

Which of these are acceptably correct descriptions of the concept of privacy?

Your privacy is self-determination of how much public attention you attract. Your privacy is your privilege to be left alone as much as you choose. Your privacy is your right to be free of attention, observation, or interference, basd on your decision.

A centrally located WLAN connection device that can send and receive information, or a node that connects wireless endpoints with another network.

AP (access point)

A low power, energy efficient wireless technology, usually used for gadgets and peripherals rather than connections to the Internet

Bluetooth

The CIA triad applies to information that is in storage and in transit, but not in processing.

False

Identify the type of authentication used (have/know/are) in the following spy scenario: As I begin some high-level negotiations, I offer my hand to shake. My opponent recognizes the ring I am wearing which identifies me as a member of his secret society. Based on this association, he gives me some top-secret information.

Have

Which of the following definitions best matches the concept of accountability from a security standpoint?

Having or being responsible to your records of actions you performed

A secret sequence of numbers used to verify a credential. This authentication method is an example of "something you know."

PIN

At a restaurant, a waiter gives you a free desert because "you are awesome," in the hopes that you might give a better tip. This is an example of which principle of influence?

Reciprocity

Food companies often provide free samples because they know people are more likely to buy their product after receiving a free sample. This is an example of which principle of influence?

Reciprocity

Which principle of influence depends on creating feelings of debt?

Reciprocity

The most common overuse injuries related to computer and device use are to

Wrists

You check a box on a web site affirming that you have read and understood its privacy policy, and the web site software keeps a record that you checked the box. This is an example of which access control principle?

accountability

Which of these best describes the task or purpose of "backup" in the world of computers and cybersecurity?

an extra copy of data from a computer

The door to Batman's bat cave requires a voice command (something he is), his key (something he has), and a pattern on a keypad (something he knows) in order to get inside. This is an example of multi-factor _____________________.

authentication

Social pressure to go along with the behavior of people you are with.

consesus

The loss of confidentiality

disclosure

Hassan posted an opinion on a social media platform that made John angry. John found Hassan's cell phone number and copied it in a comment to the post, asking everyone to flood Hassan with phone calls and text messages letting him know how ashamed he should be for his objectionable opinion.

doxxing

Sarah's parents were standing in the hall outside of a meeting room, in which adult ward leaders met to discuss the ideas that the young men and young women had proposed for a summer youth activity. They overheard one leader share his opinion that he considered Sarah's activity idea to be strange.

eavesdropping

The tool most commonly used to achieve confidentiality is

encryption

Which of these is a tool used to protect data integrity?

error checking methods

A stranger dressed in an electrician's work uniform contacted Wally at his apartment, and said that he was there to do a safety check on all of the electrical outlets. Wally invited him in. While pretending to check the power outlet behind Wally's computer station, he distracted Wally long enough to secretly insert a flash drive into a port on the back of the computer. The flash drive proceeded to automatically install malicious software.

impersonation

Salima wants to join the church, but her parents insist that if she does so she will no longer be considered to be part of their family.

manipulation by intimidation

A clothing store keeps employee records on a server in an equipment closet. This is an example of ____________ information resources.

on premise

A secret sequence of characters used to verify a credential. This authentication method is an example of "something you know."

password

The loss of integrity.

tampering

Which of the following definitions best matches the concept of authentication from a security standpoint?

Assurance that a user is genuine and not an imposter

ensures that only authorized parties with sufficient privileges may view the information.

Confidentiality

An airline announced they would discontinue a flight that was no longer profitable. The very next day, bookings for that flight increased dramatically. This is an example of which principle of influence?

Scarcity

A caller on the telephone tells you that there is a new virus spreading through advertisement banners on web pagers, and that you should reset your web browser to its default security settings in order to protect yourself. But when you independently try to verify the caller's claims, you can find no evidence about any such new virus. Which of these is most likely?

The caller was using a hoax, hoping to convince you to weaken your browser's security.

A good rule of thumb to avoid noise induced hearing loss: If you are listening to music using headphones or earbuds while having a conversation with someone about an arm's-length away, but you can't understand that person unless they raise their voice, then your music device's volume is too loud.

True

Intellectual property is the output of innovation, new products, and technologies that are protected so that they can thrive in the marketplace.

True

A trademark of the WiFi Alliance, which certifies devices that use wireless networking technologies to connect to the Internet

Wifi

An arrangement in which a person may use computer or network services.

account

You use your correct password when you log into Amazon.com, so the web site trusts that you are the valid account holder. This is an example of which access control principle?

authentication

If banking customers are unable to check their balance or withdraw their funds in a timely manner because of a computer problem, the situation is a failure of

availability

A cybersecurity event that results in a loss of confidentiality, integrity, or availability.

breach

The Jones family keeps a shared document on the grandmother's Google Drive, on which each child and grandchild plans the food they want to bring to the next family reunion potluck dinner. This is an example of ____________ information resources

cloud

Social pressure to increase your loyalty to a decision once a choice has been made.

consistency

Scholastic Inc. can legally distribute the Harry Potter novels in the United States, and Warner Bros. Entertainment Inc. can legally distribute the Harry Potter films based on those novels. This is an example of what?

copywright

A BYU-Idaho student's financial account suffered a loss of over $900.00; the funds were transferred to an account not belonging to the student. This is an example of what type of cyber security breach?

integrity

Until 2019, the company GlaxoSmithKline had the sole legal right to manufacture and sell the asthma treatment drug Advair. This is an example of what

patent

A computer running Microsoft's Windows operating system has at least one "Administrator" account with elevated privileges. This is an example of a

priveleged account

An account with additional authorization beyond a regular user's account.

priveleged account

Social pressure to feel the need to respond in kind when you are given a gift or favor.

reciprocity

Painful injury to muscles and nerves, caused by cumulative damage from repetitive movements.

repetitive strain injury

Jane's system access lets her run just about any software utility installed on her computer, either by selecting a program from a menu or by typing the program's name at a command prompt. This is an example of a

shell account

This involves tricking people by using their natural human tendencies or behaviors.

social engineering

In emergency situations, it has been observed that if only one bystander is nearby to respond to the emergency, then that bystander will almost always either stop to help, or call or find someone else to help. But it has also been observed that, if there are a crowd of witnesses to the emergency situation, each individual in the crowd will almost always pause and wait to see what the rest of the bystanders will do, or wait to see if some other person in the crowd will help or call somebody. What social engineering principle does this illustrate?

social proof (or "consensus")

A device used to verify a credential. This authentication method is an example of "something you have."

token

The owners of a catering business carefully guard their recipe for breaded dutch-oven chicken, so that nobody else can make and sell the same food. This is an example of what?

trade secret

Which kind of intellectual property is not protected by any IP laws after being revealed or disclosed?

trade secret

Variation of liking: social pressure to cooperate with people with whom you have built a rapport.

trust

An email invites you to click on a link to receive a free gift, and also informs you that you must do so before Friday night at midnight before the offer expires.

urgency

Variation of scarcity: social pressure based on the perception that time is limited.

urgency


Related study sets

FE Other Disciplines Conceptual Questions

View Set

Chapter 11 - Business Analytics and Predictive Modeling Overview - Review Questions

View Set

Chapter 44: Introduction to the Gastrointestinal System and Accessory Structures

View Set

Section 4. Ear, Nose, and Throat Problems

View Set