Question 1

In a general sense, assurance may be defined as the necessary steps to protect a person or property from harm.

Accepted Answer

Assurance generally refers to the confidence or certainty in a process or outcome, often related to quality or reliability, rather than protection from harm.

Question 2

____ involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain.&#10;A) Cyberterrorism&#10;B) Identity theft&#10;C) Phishing&#10;D) Scam

Accepted Answer

Identity theft involves stealing personal information and using it for financial gain. Cyberterrorism involves using technology to cause harm or fear. Phishing is a type of cyber attack that involves tricking someone into giving away their personal information. A scam is a fraudulent scheme designed to deceive people.

Question 3

Weakness in software can be more quickly uncovered and exploited with new software tools and techniques.

Accepted Answer

This is true. As new software tools and techniques are developed to find and exploit weaknesses in software, they can be used to quickly identify and attack vulnerabilities that were previously unknown or difficult to exploit. This highlights the importance of ensuring that software is regularly updated and tested to prevent security breaches.

Question 4

In a ____ attack, attackers can attackers use hundreds or thousands of computers in an attack against a single computer or network.&#10;A) centered&#10;B) local&#10;C) remote&#10;D) distributed

Accepted Answer

A distributed attack, also known as a DDoS (Distributed Denial of Service) attack, involves a group of compromised computers or bots working together to flood a targeted network or computer with traffic, leading to a denial of service. This can make it difficult for the targeted system to operate properly or even crash it completely.

Question 5

The position of ____ is generally an entry-level position for a person who has the necessary technical skills.&#10;A) security technician&#10;B) security administrator&#10;C) CISO&#10;D) security manager

Accepted Answer

Security technician is generally an entry-level position that requires technical skills. A security technician is responsible for installing, maintaining and troubleshooting security systems, hardware and software. They may also monitor security systems and investigate security incidents.

Question 6

____ ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter.&#10;A) Encryption&#10;B) Authentication&#10;C) Authorization&#10;D) Accounting

Accepted Answer

Authentication is the process of verifying the identity of a user or device, ensuring that they are who they claim to be. This is typically done through the use of passwords, biometric authentication, or smart cards. The goal of authentication is to prevent unauthorized access to sensitive information or resources. Encryption (A) is a method of securing data so that it cannot be read or accessed by unauthorized parties. Authorization (C) is the process of granting or denying access to resources based on a user's identity and level of privilege. Accounting (D) refers to the tracking and logging of user activity on a system, which is often used for security and auditing purposes.

Question 7

The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.

Accepted Answer

The CompTIA Security+ Certification is indeed aimed at an IT security professional with a recommended background of a minimum of two years experience in IT administration, with a focus on security.

Question 8

Approximately ____ percent of households in the United States use the Internet for managing their finances.&#10;A) 60&#10;B) 70&#10;C) 80&#10;D) 90

Accepted Answer

According to a survey by the Federal Reserve in 2019, approximately 80% of households in the United States use the Internet for managing their finances.

Question 9

Recent employment trends indicate that employees with security certifications are in high demand.

Accepted Answer

With the increasing threat of cyber attacks and data breaches, companies are placing greater importance on their cybersecurity measures and therefore seeking candidates with security certifications.

Question 10

In information security, a loss can be ____.&#10;A) theft of information&#10;B) a delay in transmitting information that results in a financial penalty&#10;C) the loss of good will or a reputation&#10;D) all of the above

Accepted Answer

A loss in information security can refer to theft of information, a delay in transmitting information that results in a financial penalty, or the loss of good will or a reputation. Therefore, all of the given choices are correct.

Question 11

____ ensures that information is correct and that no unauthorized person or malicious software has altered that data.&#10;A) Availability&#10;B) Confidentiality&#10;C) Integrity&#10;D) Identity

Accepted Answer

The answer of ____ ensures that information is correct and...

Question 12

____ attacks are responsible for half of all malware delivered by Web advertising.&#10;A) &#34;Canadian Pharmacy&#34;&#10;B) Fake antivirus&#10;C) Melissa&#10;D) Slammer

Accepted Answer

The answer of ____ attacks are responsible for half of...

Question 13

Under the ____, health care enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format.&#10;A) HIPAA&#10;B) HLPDA&#10;C) HCPA&#10;D) USHIPA

Accepted Answer

The answer of Under the ____, health care enterprises must...

Question 14

____ ensures that only authorized parties can view information.&#10;A) Security&#10;B) Availability&#10;C) Integrity&#10;D) Confidentiality

Accepted Answer

The answer of ____ ensures that only authorized parties can...

Question 15

The demand for IT professionals who know how to secure networks and computers is at an all-time low.

Accepted Answer

The answer of The demand for IT professionals who know...

Question 16

An information security ____ position focuses on the administration and management of plans, policies, and people.&#10;A) manager&#10;B) engineer&#10;C) auditor&#10;D) inspector

Accepted Answer

The answer of An information security ____ position focuses on...

Question 17

The term ____ is frequently used to describe the tasks of securing information that is in a digital format.&#10;A) network security&#10;B) information security&#10;C) physical security&#10;D) logical security

Accepted Answer

The answer of The term ____ is frequently used to...

Question 18

In information security, an example of a threat agent can be ____.&#10;A) a force of nature such as a tornado that could destroy computer equipment&#10;B) a virus that attacks a computer network&#10;C) an unsecured computer network&#10;D) both a and b

Accepted Answer

The answer of In information security, an example of a...

Question 19

A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts.&#10;A) 10 to 14&#10;B) 12 to 15&#10;C) 13 to 14&#10;D) 14 to 16

Accepted Answer

The answer of A study by Foote Partners showed that...

Question 20

Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire.&#10;A) identity&#10;B) data&#10;C) plan&#10;D) record

Accepted Answer

The answer of Business ____ theft involves stealing proprietary business...

Question 21

An example of a(n) ____________________ that information security must deal with is a software defect in an operating system that allows an unauthorized user to gain access to a computer without the user's knowledge or permission.

Accepted Answer

The answer of An example of a(n) ____________________ that information...

Question 22

Why is the speed of attacks making the challenge of keeping computers secure more difficult?

Accepted Answer

The answer of Why is the speed of attacks making...

Question 23

What is another name for unsolicited e-mail messages?&#10;A) spam&#10;B) spawn&#10;C) trash&#10;D) scam

Accepted Answer

The answer of What is another name for unsolicited e-mail...

Question 24

In a general sense, ____________________ may be defined as the necessary steps to protect a person or property from harm.

Accepted Answer

The answer of In a general sense, ____________________ may be...

Question 25

The single most expensive malicious attack was the 2000 ____, which cost an estimated $8.7 billion.&#10;A) Nimda&#10;B) Slammer&#10;C) Love Bug&#10;D) Code Red

Accepted Answer

The answer of The single most expensive malicious attack was...

Question 26

____ are a loose-knit network of attackers, identity thieves, and financial fraudsters.&#10;A) Cybercriminals&#10;B) Cyberterrorists&#10;C) Computer spies&#10;D) Hackers

Accepted Answer

The answer of ____ are a loose-knit network of attackers,...

Question 27

____________________ provides tracking of events.

Accepted Answer

The answer of ____________________ provides tracking of events....

Question 28

List and describe three of the characteristics of information that must be protected by information security?

Accepted Answer

The answer of List and describe three of the characteristics...

Question 29

Discuss why delays in patching are making information security more difficult.

Accepted Answer

The answer of Discuss why delays in patching are making...

Question 30

Security ____________________ have both technical knowledge and managerial skills and analyze and design security solutions within a specific entity.

Accepted Answer

The answer of Security ____________________ have both technical knowledge and...

Question 31

Information security is achieved through a combination of what three entities? Provide at least one example of each entity.

Accepted Answer

The answer of Information security is achieved through a combination...

Question 32

What is a hacker?

Accepted Answer

The answer of What is a hacker?...

Question 33

The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.&#10;A) Gramm-Leach-Bliley&#10;B) Sarbanes-Oxley&#10;C) California Database Security Breach&#10;D) USA Patriot

Accepted Answer

The answer of The ____ Act requires banks and financial...

Question 34

List and describe two of the four generally recognized security positions.

Accepted Answer

The answer of List and describe two of the four...

Question 35

What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it?&#10;A) $100,000&#10;B) $250,000&#10;C) $500,000&#10;D) $1,000,000

Accepted Answer

The answer of What is the maximum fine for those...

Question 36

Describe script kiddies.

Accepted Answer

The answer of Describe script kiddies....

Question 37

List three of the federal and state laws that have been enacted to protect the privacy of electronic data.

Accepted Answer

The answer of List three of the federal and state...

Question 38

_________________________ is focused on protecting the valuable electronic information of organizations and users.

Accepted Answer

The answer of _________________________ is focused on protecting the valuable...

Question 39

Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____.&#10;A) spam&#10;B) phishing&#10;C) cybercrime&#10;D) cyberterrorism

Accepted Answer

The answer of Targeted attacks against financial networks, unauthorized access...

Question 40

Briefly describe computer spies.

Accepted Answer

The answer of Briefly describe computer spies....

Question 41

Describe the security principle of simplicity.

Accepted Answer

The answer of Describe the security principle of simplicity....

Question 42

Match between columns&#10;                        Premises: a person who has been hired to break into a computer and steal information&#10;a person who has been hired to break into a computer and steal information&#10;a person who has been hired to break into a computer and steal information&#10;a person who has been hired to break into a computer and steal information&#10;a person who has been hired to break into a computer and steal information&#10;a person who has been hired to break into a computer and steal information&#10;a person who has been hired to break into a computer and steal information&#10;a person who has been hired to break into a computer and steal information&#10;a person who has been hired to break into a computer and steal information&#10;intended to cause panic, provoke violence, or result in a financial catastrophe&#10;intended to cause panic, provoke violence, or result in a financial catastrophe&#10;intended to cause panic, provoke violence, or result in a financial catastrophe&#10;intended to cause panic, provoke violence, or result in a financial catastrophe&#10;intended to cause panic, provoke violence, or result in a financial catastrophe&#10;intended to cause panic, provoke violence, or result in a financial catastrophe&#10;intended to cause panic, provoke violence, or result in a financial catastrophe&#10;intended to cause panic, provoke violence, or result in a financial catastrophe&#10;intended to cause panic, provoke violence, or result in a financial catastrophe&#10;an event or action that might defeat security measures in place and result in a loss&#10;an event or action that might defeat security measures in place and result in a loss&#10;an event or action that might defeat security measures in place and result in a loss&#10;an event or action that might defeat security measures in place and result in a loss&#10;an event or action that might defeat security measures in place and result in a loss&#10;an event or action that might defeat security measures in place and result in a loss&#10;an event or action that might defeat security measures in place and result in a loss&#10;an event or action that might defeat security measures in place and result in a loss&#10;an event or action that might defeat security measures in place and result in a loss&#10;plans and policies established by an organization to ensure that people correctly use the products&#10;plans and policies established by an organization to ensure that people correctly use the products&#10;plans and policies established by an organization to ensure that people correctly use the products&#10;plans and policies established by an organization to ensure that people correctly use the products&#10;plans and policies established by an organization to ensure that people correctly use the products&#10;plans and policies established by an organization to ensure that people correctly use the products&#10;plans and policies established by an organization to ensure that people correctly use the products&#10;plans and policies established by an organization to ensure that people correctly use the products&#10;plans and policies established by an organization to ensure that people correctly use the products&#10;a weakness that allows a threat agent to bypass security&#10;a weakness that allows a threat agent to bypass security&#10;a weakness that allows a threat agent to bypass security&#10;a weakness that allows a threat agent to bypass security&#10;a weakness that allows a threat agent to bypass security&#10;a weakness that allows a threat agent to bypass security&#10;a weakness that allows a threat agent to bypass security&#10;a weakness that allows a threat agent to bypass security&#10;a weakness that allows a threat agent to bypass security&#10;the likelihood that a threat agent will exploit a vulnerability&#10;the likelihood that a threat agent will exploit a vulnerability&#10;the likelihood that a threat agent will exploit a vulnerability&#10;the likelihood that a threat agent will exploit a vulnerability&#10;the likelihood that a threat agent will exploit a vulnerability&#10;the likelihood that a threat agent will exploit a vulnerability&#10;the likelihood that a threat agent will exploit a vulnerability&#10;the likelihood that a threat agent will exploit a vulnerability&#10;the likelihood that a threat agent will exploit a vulnerability&#10;something that has value&#10;something that has value&#10;something that has value&#10;something that has value&#10;something that has value&#10;something that has value&#10;something that has value&#10;something that has value&#10;something that has value&#10;to take advantage of a vulnerability&#10;to take advantage of a vulnerability&#10;to take advantage of a vulnerability&#10;to take advantage of a vulnerability&#10;to take advantage of a vulnerability&#10;to take advantage of a vulnerability&#10;to take advantage of a vulnerability&#10;to take advantage of a vulnerability&#10;to take advantage of a vulnerability&#10;a person or thing that has the power to carry out a threat&#10;a person or thing that has the power to carry out a threat&#10;a person or thing that has the power to carry out a threat&#10;a person or thing that has the power to carry out a threat&#10;a person or thing that has the power to carry out a threat&#10;a person or thing that has the power to carry out a threat&#10;a person or thing that has the power to carry out a threat&#10;a person or thing that has the power to carry out a threat&#10;a person or thing that has the power to carry out a threat

Accepted Answer

The Answer of risk and cyberterrorism and threat agent and is...

Deck 1: Introduction to Security