Quiz 1-6

Ace your homework & exams now with Quizwiz!

CLP can use _ to more closely identify imporant data such as a Social Security number along with a name to trigger an alarm.

fingerprinting

It is sometimes necessary to tighten security during the design and coding of the OS. This is called OS _

hardening

Some attacks are _in that they can target eith a server or a client.

impartial

DLP systems also can use _ _ which is so sensitive that even if a handful of lines of source code from 10,000 lines of protected code are entered into an email message, the DLP system will identify it.

index , matching

An _ is a type of threat that can come from employees, contractors, and business partners, such as a disgruntled worker.​

insider

An attacker who manipulates the maximum size of an integer type would be oerforming what kind of attack?

integer overflow

_rights are privileges that are granted to users to access hardware and software resources

Access

Security is the goal to be free from danger as well as the process that achieves that freedom.

True

DLP _ sensors are installed on each host device and protect data in-use.

agent

Most DLP systems use _ inspection which is defined as a security analysis of the transaction within its approval context.

content

DPL examines data as it resides in any of the following states except

data in-process

Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?

$1,500,000

How many different Microsoft Windows file types can be infected with a virus?

70

In information security, an example of a threat agent can be ____.

All of the above

One technique for filtering spam on the host's email client in order to prevent it from reaching the user is called_______.

Bayesian filtering

Which of the three protections ensures that only authorized parties can view information?

Confidentiality

One means of securing data is through data loss prevention (DPL). DPL is sometimes called _

Data Leak Prevention

The security of an OS can be enhanced through the proper configuration of its built-in security features. This can be achieved through :

Develop the security policy Perform host software baselining Configure operating system security settings Deploy and manage security settings Implement patch management

When an attacker is deliberately attempting to prevent authorized users from accessing a system by overwhelming the system with requests, it is known as a(n) ________ attack

DoS

A denial of service (DoS) attack is a deliberate attempt to prevent unauthorized users from accessing a system by overwhelming that system with requests.

False

DLP involves monitoring who is using the data and how it is being accessed with the goal to protect data from any authorized users.

False

Man-in-the-middle attacks cannot be conducted on networks

False

On a computer, an integer overflow is the condition that occurs when the result of an artithmetric operation does not exceed the maximum size of the integer type used to store it.

False

Spreading similarly to a virus, a worm inserts malicious code into a program or data file

False

The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.

Gramm-Leach-Bliley

Under which law are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?

HIPAA

DLP sensors can monitor any of these protocols except

ICMP

Which term below is frequently used to describe the tasks of securing information that is in a digital format?

Information security

Select below the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.

Integrity

Select below the term that is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so

Script kiddies

What term below is used to describe a means of gathering information for an attack by relying on the weaknesses of individuals?

Social engineering

Which of the following is not one of the four methods for classifying the various types of malware?​

Source

One of the armored virus infection techniques utilizes encryption to make virus code more difficult to detect, in addition to separating virus code into different pieces and inject these pieces throughout the infected program code. What is the name for this technique?

Swiss cheese

_access is an attack involving using a third party to gain access rights

Transitive

Select below the type of malware that appears to have a legitimate use, but actually contains or does something malicious

Trojan

Which of the following is malicious computer code that reproduces itself on the same computer?

Virus

The two types of malware that require user intervention to spread are:

Viruses and trojans

DLP _ sensors are installed on the perimeter of the network to protect data in-transit by monitoring all network traffic.

network

A security _____ is a publicly released software security update intended to repair a vulnerability

patch

A(n) ____ attack uses the Internet Control Message Protocol (ICMP), which is a Network Layer protocol that is part of Transmission Control Protocol/Internet Protocol (TCP/IP) to flood a victim with packets

ping flood

A virus that infects an executable program file is known as?

program virus

The storage buffer typically contains the _________ memory location, an attacker can use to point to attacker's malicious code.

return address

What type of malware consists of a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms?

rootkit

Which of ther following is NOT true about firewall

sometimes called a HTTP filter

Many AV products scan files by attempting to match known virus patterns against potentially infected files. This is called_____

static analysis

DLP_ sensors are designed to prevent data at-rest.

storage


Related study sets

8. Disk and File System Management

View Set

Chapter 8 Racial and ethnic theories

View Set

English IV — Frankenstein Chapters 7-14

View Set

NCLEX LPN Physiological Adaptation 1

View Set

CITI training responsible conduct

View Set

RMI 3502 Topic 5 - Insurance Regulation

View Set

GOOGLE HACKING FOR PEN TESTERS, GOOGLE HACKING FOR PENETRATION TESTERS, 3RD EDITION; TOPIC GOOGLE HACKING

View Set

Network+ Chapter 5 Review Questions

View Set

Week 3 Chapter 14: Gene Expression Transcription

View Set