3955838
Question 1
Question
Information security is made up of
Answer
-
threats
-
vulnerabilities
-
safeguards
-
targets
Question 2
Question
Threats can be human or man-made.
Answer
- True
- False
Question 3
Question
Common crimes that results in unauthorized data disclosure are
Answer
-
pretexting
-
phishing
-
spoofing
-
sniffing
-
hacking
Question 4
Question
Spoofing involves altering header information, etc. to cause the recipient to trust an email they otherwise would not.
Answer
- True
- False
Question 5
Question
Data can be changed or lost during a natural disaster due to problems recovering data.
Answer
- True
- False
Question 6
Question
the two common types of spoofing are
Answer
-
email
-
IP
Question 7
Question
Incorrect data modification can be caused by
Answer
-
procedures not followed or incorrectly designed
-
improper internal controls on systems
-
system errors
-
faulty recovery actions after a disaster
Question 8
Question
Reasons a service can become faulty are
Answer
-
incorrect data modification
-
systems working incorrectly
-
procedural mistakes
-
programming errors
-
IT installation errors
-
Usurpation
-
denial of service (unintentional)
-
denial of service (intentional)
Question 9
Question
DDOS stands for [blank_start]Distributed Denial of Service[blank_end]
Answer
-
Distributed Denial of Service
Question 10
Question
Loss of infrastructure can be caused by
Answer
-
human accidents
-
theft and terrorist events
-
a disgruntled or terminated employee
-
natural disaster
-
Advanced Persistent Threat (APT) or cyberwarfare
Question 11
Question
APT stands for [blank_start]Advanced Persistent Threat[blank_end]
Answer
-
Advanced Persistent Threat
Question 12
Question
Data theft is most serious in large companies.
Answer
- True
- False
Question 13
Question
The four most common computer crimes in 2011 were
Answer
-
criminal activity against servers
-
viruses
-
code insertion
-
data loss on a user computer
Question 14
Question
Malware infection remains the most common type of attack experienced
Answer
- True
- False
Question 15
Question
Insider abuse of internet or email remains very high
Answer
- True
- False
Question 16
Question
IDS stands for [blank_start]Intrusion Detection System[blank_end]
Answer
-
Intrusion Detection System
Question 17
Question
The number one rule in data privacy is "don't collect what you don't absolutely need"
Answer
- True
- False
Question 18
Question
A security policy must contain
Answer
-
what sensitive data may be stored
-
how sensitive data will be processed
-
what data can be shared with other organizations
-
how employees and others can obtain data about themselves
-
how employees and others can request changes to inaccurate data about themselves
-
What employees can do with their own mobile devices at work
-
what non-organizational activities an employee can take with employee-owned equipment
Question 19
Question
The five IS components are
Answer
-
hardware
-
software
-
data
-
procedures
-
people
Question 20
Question
Technical safeguards to involve hardware and software and include
Answer
-
identification and authorization
-
encryption
-
firewalls
-
malware protection
-
application design
Question 21
Question
Data safeguards includes
Answer
-
the definition of data rights and responsibilities
-
passwords
-
encryption
-
backup and recovery
-
physical security
Question 22
Question
Human safeguards involving procedures and people include
Answer
-
hiring practices
-
training
-
education
-
procedure design
-
administration
-
assessment
-
compliance
-
accountability
Question 23
Question
Identification and authentication are most often performed using a userid/password pair
Answer
- True
- False
Question 24
Question
Malware includes viruses, trojans, spyware, adware, keystroke loggers, erc.
Answer
- True
- False
Question 25
Question
SSL uses asymmetric encryption
Answer
- True
- False
Question 26
Question
SSL stands for [blank_start]Secure Sockets Layer[blank_end]
Answer
-
Secure Sockets Layer
Question 27
Question
DMZ stands for [blank_start]demilitarized zone[blank_end]
Answer
-
demilitarized zone
Question 28
Question
A common network design has servers exposed to the internet located between two firewalls in the DMZ.
Answer
- True
- False
Question 29
Question
Safeguards against malware include
Answer
-
using antivirus and antispyware programs
-
performing frequent scans
-
update malware definitions frequently
-
open email from known sources only
-
install software updates ASAP
-
browse only reputable internet neighbourhoods
Question 30
Question
SQL injection is the most common cause of data disclosure
Answer
- True
- False
Question 31
Question
SQL injections are successful when forms are poorly designed
Answer
- True
- False
Question 32
Question
Human safeguards to protect against security threats include
Answer
-
separation of duties
-
providing access based on concept of least privilege
-
classify data based on confidentiality and sensitivity
-
thorough hiring and screening practices
-
security awareness programs
-
friendly termination procedures
Question 33
Question
Security threats can be reduced through account administration by
Answer
-
having standards for account administration which include rules for modifying permissions and deletion of inactive accounts
-
requiring passwords be changed regularly
-
Help Desk policies regarding password resets etc.
Question 34
Question
All employees should be required to sign an access agreement form which states that they will follow company policies
Answer
- True
- False
Question 35
Question
Response plans for security incidents must be in place, just like disaster plans
Answer
- True
- False
Question 36
Question
A speedy response to any suspected security incident is essential
Answer
- True
- False
Question 37
Question
An Advanced Persistent Threat involves a multi-step attack usually targeted at a large business or government.
Answer
- True
- False
0 comments
Want to create your own Quizzes for free with GoConqr? Learn more.