Term
| Tatyana is discussing with her supervisor potential reasons why a recent attack was successful against one of their systems. Which of the following configuration issues would NOT be covered? |
|
Definition
| Vulnerable business processes |
|
|
Term
| Which the following is NOT a reason why it is difficult to defend against today's attackers? |
|
Definition
| Greater sophistication of defense tools |
|
|
Term
| An organization that practices purchasing products from different vendors is demonstrating which security principle? |
|
Definition
|
|
Term
| Which of the following is an enterprise critical asset? |
|
Definition
|
|
Term
| Which of the following ensures that only authorized parties can view protected information? |
|
Definition
|
|
Term
| What are industry-standard frameworks and reference architectures that are required by external agencies known as? |
|
Definition
|
|
Term
| Why do cyberterrorists target power plants, air traffic control centers, and water systems? |
|
Definition
| They can cause significant disruption by destroying only a few targets. |
|
|
Term
| Which act requires banks and financial institutions to alert their customers of their policies in disclosing customer information? |
|
Definition
| Gramm-Leach-Bliley Act (GLBA) |
|
|
Term
| Alyona has been asked by her supervisor to give a presentation regarding reasons why security attacks continue to be successful. She has decided to focus on the issue of widespread vulnerabilities. Which of the following would Alyona NOT include in her presentation? |
|
Definition
|
|
Term
| Ian recently earned his security certification and has been offered a promotion to a position that requires him to analyze and design security solutions as well as identifying users' needs. Which of these generally recognized security positions has Ian been offered? |
|
Definition
|
|
Term
| Which tool is most commonly associated with nation state threat actors? |
|
Definition
| Advanced Persistent Threat (APT) |
|
|
Term
| Which of the following is NOT true regarding security? |
|
Definition
| Security is a war that must be won at all costs. |
|
|
Term
| What is an objective of state-sponsored attackers? |
|
Definition
|
|
Term
| Signe wants to improve the security of the small business where she serves as a security manager. She determines that the business needs to do a better job of not revealing the type of computer, operating system, software, and network connections they use. What security principle does Signe want to use? |
|
Definition
|
|
Term
| Which of the following is NOT a successive layer in which information security is achieved? |
|
Definition
|
|
Term
| Gunnar is creating a document that explains risk response techniques. Which of the following would he NOT list and explain in his document? |
|
Definition
|
|
Term
| Complete this definition of information security: That which protects the integrity, confidentiality, and availability of information _____. |
|
Definition
| through products, people, and procedures on the devices that store, manipulate, and transmit the information |
|
|
Term
| What is the category of threat actors that sell their knowledge of vulnerabilities to other attackers or governments? |
|
Definition
|
|
Term
| Adone is attempting to explain to his friend the relationship between security and convenience. Which of the following statements would he use? |
|
Definition
| Security and convenience are inversely proportional. |
|
|
Term
| What is a race condition? |
|
Definition
| When two concurrent threads of execution access a shared resource simultaneously, resulting in unintended consequences. |
|
|
Term
| Lykke receives a call while working at the helpdesk from someone who needs his account reset immediately. When Lykke questions the caller, he says, "If you don't reset my account immediately, I will call your supervisor!" What psychological approach is the caller attempting to use on Lykke? |
|
Definition
|
|
Term
| Which of these items retrieved through dumpster diving would NOT provide useful information? |
|
Definition
|
|
Term
| Linnea's father called her to say that a message suddenly appeared on his screen that says his software license has expired and he must immediately pay $500 to have it renewed before control of the computer will be returned to him. What type of malware is this? |
|
Definition
|
|
Term
| Each of these is a reason why adware is scorned EXCEPT _____. |
|
Definition
| it displays the attacker's programming skills |
|
|
Term
| How can an attacker use a hoax? |
|
Definition
| A hoax could convince a user that a bad Trojan is circulating and that he should change his security settings. |
|
|
Term
| Which variation of a phishing attack sends phishing messages only to wealthy individuals? |
|
Definition
|
|
Term
| Which of the following is NOT correct about a rootkit? |
|
Definition
| A rootkit is always the payload of a Trojan. |
|
|
