Review Chapter 2 NE, Security Awareness ch 1 quiz
Script kiddies typically have advanced knowledge of computers and networks.
False
Social networking.
Grouping Individuals and organizations into clusters or groups based on their likes and interests is called.
True
Passwords are not considered a strong defense against attackers.
Fair and Accurate Credit Transactions act.
The ____ of 2003 contains rules regarding consumer privacy.
True
Virtually anyone could type in person's username and pretend to be that person.
Whaling
one type of spear phishing
the goal to be free from danger as well as the process that achieves that freedom
threat agent
Social engineering
use of a telephone call instead of email to contact a potential victim
What is a flaw or weakness that allows a threat agent to bypass security?
vulnerability
From January 2005 through July 2015, approximately how many electronic data records in the United States were breached, exposing to attackers a range of personal electronic data, such as address, Social Security numbers, health records, and credit card numbers?
853 million
Dictionary
A_____ attack begins with the attacker creating digests of common dictionary words, and then comparing those in a stolen password file.
Password
Any secret combination of letters, numbers, and or symbols that serves to validate or authenticate a user by what she knows.
Where are you most likely to find a PKES system?
Automobile
Which of the following is NOT a factor that contributes to difficulties faced in defending against attacks?
Enhanced encryption algorithms
12 months.
FACTA grants consumers that right to request one free credit report from each of the three national credit-reporting firms every
In a well-run information security program, attacks will never get through security perimeters and local defenses.
False
There is a straightforward and easy solution to securing computers.
False
Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information?
GLBA
How do attackers today make it difficult to distinguish an attack from legitimate traffic?
How do attackers today make it difficult to distinguish an attack from legitimate traffic?
Which of the following involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?
Identity theft
What term is frequently used to describe the tasks of securing information that is in a digital format?
Information Security
Pharming
Instead of asking the user to visit a fraudulent web site, ______ atomically redirects the user of the fake site.
Which of the following ensures that information is correct and no unauthorized person or malicious software has altered it?
Integrity
impersonation
Social engineering_____means to create a fictitious character and then play out the role of that person on a victim.
Social networking sites
The Web sites that facilitate linking individuals with common interests and function as an online community of users are called.
Password management tool.
The best approach to establishing strong security with passwords is to use a
True
The weakness of passwords centers on human memory
Attack tools can initiate new attacks without any human participation, thus increasing the speed at which systems are attacked.
True
Today, many attack tools are freely available and do not require any technical knowledge to use.
True
Change of address.
Using standard ______form, attackers can divert all mail to their post office so that the victims never see any charges mades.
Identity theft.
____ Involves using someone's personal information, such as Social Security number, to establish bank credit card accounts that are then left unpaid, leaving the victims with the debts and ruining their credit rating.
Organizational Charts.
_____ Identify individuals within the organization who are in positions of authority.
Pretexting.
_____ Means an attacker who pretends to be from a legitimate research firm asks for personal information.
Phishing
_______is sending an e mail or displaying a Web announcement that falsely claims to be from a legitimate enterprise, in an attempt to trick the user into surrendering private information.
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information are sometimes known as ____________________.
cybercrime
What does the FBI define as any "premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents?"
cyberterrorism
Terrorists who turn their attacks to the network and computer infrastructure to cause panic among citizens are known as which of the following?
cyberterrorists
Shoulder Surfing
information entered is observed by another person
Security is ____ convenience.
inversely proportional to
It is vital to have ____________________ security on all of the personal computers to defend against any attack that breaches the perimeter.
local
Information contained on devices is protected by three layers: Two of the layers are products and policies and procedures. What is the third
products, people, & policy and procedures
Which phrase best describes security?
the goal to be free from danger as well as the process that achieves that freedom
Which of the following is a type of action that has the potential to cause harm?
threat
