Info 360 Quiz 8

uses third-party CAs to validate a user's identity.

A digital certificate system: A) uses tokens to validate a user's identity. B) uses digital signatures to validate a user's identity. C) is used primarily by individuals for personal correspondence. D) uses third-party CAs to validate a user's identity.

enforce a security policy on data exchanged between its network and the Internet.

A firewall allows the organization to: A) create an enterprise system on the Internet. B) check the content of all incoming and outgoing e-mail messages. C) enforce a security policy on data exchanged between its network and the Internet. D) check the accuracy of all transactions between its network and the Internet.

spyware

A keylogger is a type of: A) spyware. B) virus. C) Trojan horse. D) worm.

war driving

A practice in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic is referred to as: A) cybervandalism. B) war driving. C) sniffing. D) driveby tapping.

can use a person's voice as a unique, measurable trait.

Biometric authentication: A) is inexpensive. B) can use a person's voice as a unique, measurable trait. C) only uses physical measurements for identification. D) is used widely in Europe for security applications.

bogus wireless network access points that look legitimate to users.

Evil twins are: A) e-mail messages that mimic the e-mail messages of a legitimate business. B) fraudulent Web sites that mimic a legitimate business's Web site. C) Trojan horses that appears to the user to be a legitimate commercial software application. D) bogus wireless network access points that look legitimate to users.

DDoS

Using numerous computers to inundate and overwhelm the network from numerous launch points is called a(n) ________ attack. A) SQL injection B) phishing C) DDoS D) DoS

WPA2

Which of the following specifications replaces WEP with a stronger security standard that features changing encryption keys? A) WPA2 B) VPN C) TLS D) AUP

employees

You have been hired as a security consultant for a law firm. Which of the following constitutes the greatest source of security threats to the firm? A) Employees B) Authentication procedures C) Lack of data encryption D) Wireless network

controls

________ refers to all of the methods, policies, and organizational procedures that ensure the safety of the organization's assets, the accuracy and reliability of its accounting records, and operational adherence to management standards. A) "SSID standards" B) "Controls" C) "Vulnerabilities" D) "Legacy systems"