Question 1

Which of the following is not considered a type of biometrics?&#10;A) Voice&#10;B) Face&#10;C) Iris&#10;D) None of the above

Accepted Answer

All three options (voice, face, and iris) are considered types of biometrics, so D is the answer that is not considered a type of biometrics.

Question 2

Where do organizations typically place firewalls?&#10;A) Between a personal computer and the server&#10;B) Between a personal computer and a printer&#10;C) Between the server and the content filtering software&#10;D) Between the server and the Internet

Accepted Answer

Firewalls are typically placed between the server and the Internet to protect the server from unauthorized access and potential attacks from external sources.

Question 3

Which of the following can be completed by encryption?&#10;A) Switch the order of characters&#10;B) Replace characters with other characters&#10;C) Use a mathematical formula to convert the information into some sort of code&#10;D) All of the above

Accepted Answer

Encryption can involve switching the order of characters, replacing characters with other characters, and using mathematical formulas to convert information into a code. Therefore, all of the options are correct.

Question 4

What is the most costly and intrusive form of authentication?&#10;A) Something the user knows such as a user ID and password&#10;B) Something the user has such as a smart card or token&#10;C) Something that is part of the user such as a fingerprint or voice signature&#10;D) None of the above

Accepted Answer

Something that is part of the user, such as a fingerprint or voice signature, is the most costly and intrusive form of authentication. This usually requires specialized hardware and software, as well as additional training for users. While it may provide a higher level of security, it also presents privacy concerns and can be more difficult to implement on a large scale compared to other forms of authentication.

Question 5

What is social engineering?&#10;A) Using one's social skills to trick people into revealing access credentials or other information valuable to the attacker&#10;B) Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident&#10;C) Small electronic devices that change user passwords automatically&#10;D) A method for confirming user's identities

Accepted Answer

Social engineering is the use of psychological manipulation techniques, such as using one's social skills, to trick people into revealing access credentials or other valuable information for malicious purposes. This is done without resorting to technical exploits or hacking methods, but instead by exploiting human weaknesses and tendencies.

Question 6

Which term describes legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident?&#10;A) Hactivist&#10;B) Social engineering&#10;C) Insiders&#10;D) Virus

Accepted Answer

Insiders refer to legitimate users who have access to the company's environment but may misuse it either purposely or accidentally, causing some sort of incident that affects the business. Hactivist refers to individuals or groups who hack systems for political or social reasons, and social engineering is the use of psychological manipulation to gain access to sensitive information. Viruses are malicious software that infects a system and can cause damage or steal data.

Question 7

What is the most secure type of authentication?&#10;A) Something the user knows such as a user ID and password&#10;B) Something the user has such as a smart card or token&#10;C) Something that is part of the user such as a fingerprint or voice signature&#10;D) Combination of all of the above

Accepted Answer

The most secure type of authentication is a combination of all of the above. This means using something the user knows (such as a password), something the user has (such as a smart card), and something that is part of the user (such as a fingerprint). This is known as multi-factor authentication and provides an added layer of security to prevent unauthorized access.

Question 8

Which of the following authentication methods is 100 percent accurate?&#10;A) Smart card&#10;B) Fingerprint authentication&#10;C) User ID&#10;D) None of the above

Accepted Answer

None of the above authentication methods are 100 percent accurate.

Question 9

What occurs when an organization uses software that filters content to prevent the transmission of unauthorized information?&#10;A) Biometrics&#10;B) Encryption&#10;C) Firewalls&#10;D) None of the above

Accepted Answer

The answer of What occurs when an organization uses software...

Question 10

What is spam?&#10;A) A type of encryption&#10;B) A type of content filtering&#10;C) A form of unsolicited email&#10;D) None of the above

Accepted Answer

Spam is a form of unsolicited email, usually sent in bulk to a large number of recipients. It often contains advertisements or scam messages, and can be a nuisance or even a security threat for email users.

Question 11

What is a device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing?&#10;A) Token&#10;B) Password&#10;C) Smart card&#10;D) Biometrics

Accepted Answer

The answer of What is a device that is around...

Question 12

What is the recommended way to implement information security lines of defense?&#10;A) People first, technology second&#10;B) Technology first, people second&#10;C) None of the above&#10;D) All of the above

Accepted Answer

The answer of What is the recommended way to implement...

Question 13

What is encryption?&#10;A) Occurs when an organization uses software that filters content to prevent the transmission of unauthorized information&#10;B) Scrambles information into an alternative form that requires a key or password to decrypt the information&#10;C) Hardware and/or software that guards a private network by analyzing the information leaving and entering the network&#10;D) A form of unsolicited email

Accepted Answer

The answer of What is encryption?&#10;A) Occurs when an organization...

Question 14

What are the technologies available to help prevent and build resistance to attacks?&#10;A) Content filtering, encryption, firewalls&#10;B) Content filtering, encryption, insiders&#10;C) Encryption, firewalls, insiders&#10;D) Firewalls, social engineering, encryption

Accepted Answer

The answer of What are the technologies available to help...

Question 15

What is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting?&#10;A) Smart card&#10;B) Token&#10;C) Biometrics&#10;D) Content filtering

Accepted Answer

The answer of What is the identification of a user...

Question 16

Which of the following is not one of the five steps for creating an information security plan?&#10;A) Develop the information security policies&#10;B) Communicate the information security policies&#10;C) Revise and test the information security policies&#10;D) Test and reevaluate risks

Accepted Answer

The answer of Which of the following is not one...

Question 17

Which of the following is not one of the three primary information security areas?&#10;A) Authentication and authorization&#10;B) Prevention and resistance&#10;C) Detection and resistance&#10;D) None of the above

Accepted Answer

The answer of Which of the following is not one...

Question 18

What identifies the rules required to maintain information security?&#10;A) Information security plan&#10;B) Information security policies&#10;C) Authentication&#10;D) Biometrics

Accepted Answer

The answer of What identifies the rules required to maintain...

Question 19

What is a method for confirming users' identities?&#10;A) Authentication&#10;B) Prevention&#10;C) Detection&#10;D) Response

Accepted Answer

The answer of What is a method for confirming users'...

Question 20

Which of the following is not one of the top 10 questions managers should ask regarding information security?&#10;A) Is there clear accountability for information security in our organization?&#10;B) How much is spent on information security and what is it being spent on?&#10;C) What is the impact on the organization of a serious security incident?&#10;D) How do we identify potential insiders?

Accepted Answer

The answer of Which of the following is not one...

Question 21

Which is a virus that opens a way into the network for future attacks?&#10;A) Distributed denial-of-service attack&#10;B) Worm&#10;C) Denial-of-service attack&#10;D) Backdoor programs

Accepted Answer

The answer of Which is a virus that opens a...

Question 22

What attacks computer systems by transmitting a virus hoax, with a real virus attached?&#10;A) Malicious code&#10;B) Hoaxes&#10;C) Spoofing&#10;D) Sniffer

Accepted Answer

The answer of What attacks computer systems by transmitting a...

Question 23

Who works at the request of the system owners to find system vulnerabilities and plug the holes?&#10;A) White-hat hackers&#10;B) Black-hat hackers&#10;C) Hactivists&#10;D) Script kiddies

Accepted Answer

The answer of Who works at the request of the...

Question 24

What is a type of virus that spreads itself, not just from file to file, but also from computer to computer?&#10;A) Computer virus&#10;B) Worm&#10;C) Denial-of-service attack&#10;D) None of the above

Accepted Answer

The answer of What is a type of virus that...

Question 25

If there is a security breech on your organizational information systems, which information security area is best suited to handle the breech?&#10;A) Authentication and authorization&#10;B) Prevention and resistance&#10;C) Detection and response&#10;D) Detection and resistance

Accepted Answer

The answer of If there is a security breech on...

Question 26

Who are hackers with criminal intent?&#10;A) White-hat hacker&#10;B) Black-hat hacker&#10;C) Crackers&#10;D) Cyberterrorists

Accepted Answer

The answer of Who are hackers with criminal intent?&#10;A) White-hat...

Question 27

Which of the following is a program or device that can monitor data traveling over a network?&#10;A) Malicious code&#10;B) Hoaxes&#10;C) Spoofing&#10;D) Sniffer

Accepted Answer

The answer of Which of the following is a program...

Question 28

Information security is a broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization.

Accepted Answer

The answer of Information security is a broad term encompassing...

Question 29

Who breaks into other people's computer systems and just looks around or steals and destroys information?&#10;A) White-hat hacker&#10;B) Black-hat hacker&#10;C) Hactivists&#10;D) Script kiddies

Accepted Answer

The answer of Who breaks into other people's computer systems...

Question 30

Information security policies detail how an organization will implement the information security plan.

Accepted Answer

The answer of Information security policies detail how an organization...

Question 31

Who finds hacking code on the Internet and click-and-points their way into systems to cause damage or spread viruses?&#10;A) White-hat hacker&#10;B) Black-hat hacker&#10;C) Hactivists&#10;D) Script kiddies

Accepted Answer

The answer of Who finds hacking code on the Internet...

Question 32

What is the forging of the return address on an email so that the email message appears to come from someone other than the actual sender?&#10;A) Malicious code&#10;B) Hoaxes&#10;C) Spoofing&#10;D) Sniffer

Accepted Answer

The answer of What is the forging of the return...

Question 33

The Trojan-horse virus hides inside other software, usually as an attachment or a downloadable file.

Accepted Answer

The answer of The Trojan-horse virus hides inside other software,...

Question 34

What includes a variety of threats such as viruses, worms, and Trojan horses?&#10;A) Malicious code&#10;B) Hoaxes&#10;C) Spoofing&#10;D) Sniffer

Accepted Answer

The answer of What includes a variety of threats such...

Question 35

What is the most common type of defense within detection and response technologies?&#10;A) Malicious code&#10;B) Token&#10;C) User ID&#10;D) Antivirus software

Accepted Answer

The answer of What is the most common type of...

Question 36

Tokens are small electronic devices that change user passwords automatically.

Accepted Answer

The answer of Tokens are small electronic devices that change...

Question 37

Insiders are illegitimate users who purposely or accidentally misuse their access to the environment to do business.

Accepted Answer

The answer of Insiders are illegitimate users who purposely or...

Question 38

What floods a website with so many requests for service that it slows down or crashes the site?&#10;A) Computer virus&#10;B) Worm&#10;C) Denial-of-service attack&#10;D) None of the above

Accepted Answer

The answer of What floods a website with so many...

Question 39

Which of the following does a firewall perform?&#10;A) Examines each message that wants entrance to the network&#10;B) Blocks messages without the correct markings from entering the network&#10;C) Detects computers communicating with the Internet without approval&#10;D) All of the above

Accepted Answer

The answer of Which of the following does a firewall...

Question 40

Who are those who seek to cause harm to people or to destroy critical systems or information and use the Internet as a weapon of mass destruction?&#10;A) White-hat hacker&#10;B) Black-hat hacker&#10;C) Crackers&#10;D) Cyberterrorists

Accepted Answer

The answer of Who are those who seek to cause...

Question 41

The most common type of defense within detection and response technologies is _________ software.

Accepted Answer

The answer of The most common type of defense within...

Question 42

A(n) information security ____________ details how an organization will implement the information security policies.

Accepted Answer

The answer of A(n) information security ____________ details how an...

Question 43

Tokens are small electronic devices that change user passwords __________.

Accepted Answer

The answer of Tokens are small electronic devices that change...

Question 44

____________ is the identification of a user based on a physical characteristic.

Accepted Answer

The answer of ____________ is the identification of a user...

Question 45

Malicious code includes a variety of threats such as ______________, worms, and Trojan horses.

Accepted Answer

The answer of Malicious code includes a variety of threats...

Question 46

Intrusion detection software (IDS) searches out patterns in information and network traffic to indicate __________ and quickly respond to prevent any harm.

Accepted Answer

The answer of Intrusion detection software (IDS) searches out patterns...

Question 47

Spoofing is the forging of the _________ address on an email so teat the email message appears to come from someone other than the actual sender.

Accepted Answer

The answer of Spoofing is the forging of the _________...

Question 48

Obtain ___________ support is the last step for creating an information security plan.

Accepted Answer

The answer of Obtain ___________ support is the last step...

Question 49

_________ scrambles information into an alternative form that requires a key or password to decrypt the information.

Accepted Answer

The answer of _________ scrambles information into an alternative form...

Question 50

___________ diving is a form of social engineering when a hacker looks through people's trash to find personal information.

Accepted Answer

The answer of ___________ diving is a form of social...

Question 51

A(n) _________ is hardware and/or software that guards a private network by analyzing the information leaving and entering the network.

Accepted Answer

The answer of A(n) _________ is hardware and/or software that...

Question 52

____________ security is a broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization.

Accepted Answer

The answer of ____________ security is a broad term encompassing...

Question 53

Smart card is a(n) ___________ that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing.

Accepted Answer

The answer of Smart card is a(n) ___________ that is...

Question 54

___________ attack computer systems by transmitting a virus hoax, with a real virus attached.

Accepted Answer

The answer of ___________ attack computer systems by transmitting a...

Question 55

Information security ______________ identify the rules required to maintain information security.

Accepted Answer

The answer of Information security ______________ identify the rules required...

Question 56

___________ is a method for confirming users' identities.

Accepted Answer

The answer of ___________ is a method for confirming users'...

Question 57

Social engineering is using one's __________ skills to trick people into revealing access credentials or other information valuable to the attacker.

Accepted Answer

The answer of Social engineering is using one's __________ skills...

Question 58

Content filtering, _________, and firewalls are the three types of prevention and resistance technologies.

Accepted Answer

The answer of Content filtering, _________, and firewalls are the...

Question 59

Develop the information security policies is the ________________ step for creating an information security plan.

Accepted Answer

The answer of Develop the information security policies is the...

Question 60

_________ filtering occurs when an organization uses software that filters content to prevent the transmission of unauthorized information.

Accepted Answer

The answer of _________ filtering occurs when an organization uses...

Question 61

List and describe the three primary security areas.

Accepted Answer

The answer of List and describe the three primary security...

Question 62

A(n) _________ is software written with malicious intent to cause annoyance or damage.

Accepted Answer

The answer of A(n) _________ is software written with malicious...

Question 63

_________ programs are viruses that open a way into the network for future attacks.

Accepted Answer

The answer of _________ programs are viruses that open a...

Question 64

_________ hat hackers work at the request of the system owners to find system vulnerabilities and plug the holes.

Accepted Answer

The answer of _________ hat hackers work at the request...

Deck 6: Information Security