Network Security - Chapter 1

1.

1 point

Each of the following is a characteristic of cybercriminals except _______.

low motivation

better funded

more tenacious

less risk-averse

2.

1 point

Each of the following is a characteristic of cybercrime except

unauthorized access to information

exclusive use of worms and viruses

targeted attacks against financial networks

theft of personal information

3.

1 point

In a general sense “security” is _______.

only available on hardened computers and systems

using reverse attack vectors (RAV) for protection

the necessary steps to protect a person or property from harm

protection from only direct actions

4.

1 point

Utility companies, telecommunications, and financial services are considered prime targets of _____ because attackers can significantly disrupt business and personal activities by destroying a few targets.

script kiddies

computer spies

cyberterrorists

white hat hackers

5.

1 point

_____ requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information and to protect all electronic and paper containing personally identifiable financial information.

Sarbanes-Oxley Act (Sarbox)

USA Patriot Act

Gramm-Leach-Bliley Act (GLBA)

California Savings and Loan Security Act (CS&LSA)

6.

1 point

Each of the following is a goal of information security except _______.

Foil cyberterrorism

Decrease user productivity

Prevent data theft

Avoid legal consequences

7.

1 point

Each of the following can be classified as an “insider” except _______.

business partners

contractors

cybercriminals

employees

8.

1 point

By definition a(n) _____ is a person or thing that has the power to carry out a threat.

vulnerability

threat agent

exploit

risk

9.

1 point

The _____ requires that enterprises must guard protected health information and implement policies and procedures to safeguard it.

Hospital Protection and Insurance Association Agreement (HPIAA)

Gramm-Leach-Bliley Act (GLBA)

Sarbanes-Oxley Act (Sarbox)

Health Insurance Portability and Accountability Act (HIPAA)

10.

1 point

_____ ensures that the individual is who they claim to be.

Access control

Authentication

Accounting

Certification

11.

1 point

After an attacker probed a network for information the next step is to _______.

penetrate any defenses

modify security settings

circulate to other systems

paralyze networks and devices

12.

1 point

Each of the following is a successive layer in which information security is achieved except _______.

purposes

products

people

procedures

13.

1 point

_____ ensures that only authorized parties can view the information.

Confidentiality

Authorization

Availability

Integrity

14.

1 point

_____ are a network of attackers, identity thieves, and financial fraudsters.

Spies

Script kiddies

Hackers

Cybercriminals

15.

1 point

An example of _____is not revealing the type of computer, operating system, software, and network connection a computer uses.

diversity

layering

obscurity

limiting

16.

1 point

Each of the following is a reason why it is difficult to defend against today’s attackers except _______.

complexity of attack tools

weak patch distribution

greater sophistication of attacks

delays in patching hard work software products

17.

1 point

An example of a(n) _____ is a software defect in an operating system that allows an unauthorized user to gain access to a computer without a password.

vulnerability

asset exploit (AE)

threat agent

threat

18.

1 point

The term _____ is sometimes used to identify anyone who illegally breaks into a computer system.

Internet Exploiter

cyberterrorist

hacker

cyberrogue

19.

1 point

The _____ is primarily responsible for assessment, management, and implementation of security

security technician

security administrator

security manager

Chief Information Security Officer (CISO)

20.

1 point

An organization that purchased security products from different vendors is demonstrating which security principle?

limiting

obscurity

layering

diversity