Topics

Explore all topics

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

Professors

Overall Quality
-/5
c c
Overall Quality
-/5
Billt Camp
Overall Quality
-/5
mathio g
Explore all Professors
Add Browser Extension
Start Free Trial
Need Help? Contact us
title
Textbook Solutions
Step-by-step solutions verified by experts
title
24/7 Homework Help
Complete assignments with the help of our community
title
Flashcards
Stimulate your visual memory & walk into test day with confidence
title
DocuAssist
Upload your study materials and we’ll help fill in the answers.
title
Campus Reps
Become a Campus Rep and earn up to 20% commission, plus weekly and monthly cash prizes.
title
My Courses
Add the courses you're enrolled in for tailored study material to meet your requirements
Explore all services
Add Browser Extension
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
العربية
search
ai logoChat with AI
Servicesarrow
Textbook Solutions icon
Textbook Solutions
24/7 Homework Help icon
24/7 Homework Help
Flashcards icon
Flashcards
DocuAssist icon
DocuAssist
Campus Reps icon
Campus Reps
My Courses icon
My Courses
Mobile App icon
Mobile App
Explore All Services
Discoverarrow

Topics

Explore All Services

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

professors

/5
c c
/5
Billt Camp
/5
mathio g
Explore all Professors
Explore all topics
Discover more topics
HomeSchoolingAsk a question

Deck 3: Network Security

Full screen (f)
exit full mode
Question
An attack that occurs before a patch is available is called a zero-day attack.
Use Space or
up arrow
down arrow
to flip the card.
Question
The threat environment includes ________.

A)attackers
B)attacks
C)Both A and B
D)Neither A nor B
Question
Malware is a generic name for evil software.
Question
Firewalls can usually stop viruses.
Question
Viruses most commonly spread from one computer to another ________.

A)via e-mail
B)by propagating directly by themselves
C)Both A and B
D)Neither A nor B
Question
Which of the following is a propagation vector for some worms?

A)E-mail.
B)Direct propagation.
C)Both A and B
D)Neither A nor B
Question
Which of the following attach themselves to other programs?

A)Viruses.
B)Worms.
C)Both A and B
D)Neither A nor B
Question
Antivirus programs can usually stop directly-propagating worms.
Question
Which of the following can thwart directly-propagating worms?

A)Antivirus programs.
B)Firewalls.
C)Both A and B
D)Neither A nor B
Question
Which of the following sometimes uses direct propagation between computers?

A)Viruses.
B)Worms.
C)Both A and B
D)Neither A nor B
Question
Scripts may execute software when a webpage is downloaded.
Question
Universal malware requires a vulnerability to succeed.
Question
Viruses propagate within a computer by infecting other programs in that computer.
Question
A compromise is an attempted attack.
Question
Compromises also are called ________.

A)breaches
B)incidents
C)Both A and B
D)Neither A nor B
Question
Which of the following can spread more rapidly?

A)Directly-propagating viruses.
B)Directly-propagating worms.
C)Both of the above can spread with equal speed.
Question
Which phase of the plan-protect-respond cycle takes the largest amount of work?

A)Plan.
B)Protect.
C)Respond.
D)Each phase requires about equal effort.
Question
An action that will stop many viruses is ________.

A)installing a firewall
B)the use of an antivirus program
C)Both A and B
D)Neither A nor B
Question
A ________ is a flaw in a program that permits a specific attack or set of attacks against this problem.

A)malware
B)security error
C)vulnerability
D)security fault
Question
Users typically can eliminate a vulnerability in one of their programs by ________.

A)installing a patch
B)doing a zero-day installation
C)Both A and B
D)Neither A nor B
Question
In identity theft,the attacker steals credit card numbers,which he or she will use to make unauthorized purchases.
Question
Scripts are normally bad.
Question
An attack in which an authentic-looking e-mail or website entices a user to enter his or her username,password,or other sensitive information is called ________.(Select the most specific answer.)

A)phishing
B)identity theft
C)social engineering
D)a spyware attack
Question
A program that can capture passwords as you type them is ________.

A)a keystroke logger
B)data mining software
C)Both A and B
D)Neither A nor B
Question
Which of the following tends to be more damaging?

A)Credit card theft.
B)Identity theft.
C)Both are about equally serious.
Question
Malware programs that masquerade as system files are called ________.

A)viruses
B)worms
C)spoofs
D)payloads
E)Trojan horses
Question
Pieces of code that are executed after the virus or worm has spread are called ________.

A)vulnerabilities
B)exploits
C)compromises
D)payloads
E)All of the above.
Question
Unsolicited commercial e-mail is better known as ________.

A)adware
B)spam
C)social engineering
D)identity theft
Question
A Trojan horse that sorts through files on the victim's computer to look for useable information is called ________.

A)a keystroke logger
B)data mining software
C)Both A and B
D)Neither A nor B
Question
Trojan horses get onto computers by ________.

A)viruses
B)hackers
C)Both A and B
D)Neither A nor B
Question
Tricking users into doing something against their interests is ________.

A)social engineering
B)hacking
C)Both A and B
D)Neither A nor B
Question
The general name for malware on a user's PC that collects sensitive information and sends this information to an attacker is ________.

A)keystroke loggers
B)adware
C)spyware
D)data mining software
Question
Trojan horses can get onto computers by ________.

A)self-propagation
B)hackers
C)Both A and B
D)Neither A nor B
Question
Credit card number thieves are called ________.(Pick the most precise answer.)

A)numbers racketeers
B)frauds
C)identity thieves
D)carders
Question
It is still hacking if a person breaks into a computer accidentally.
Question
The last stage in a hacking attack is the break-in.
Question
Scripts are likely to be dangerous only if a computer has a vulnerability.
Question
Spam can be used to ________.

A)implement a fraud
B)cause the reader to go to a website that will download malware to the victim's computer
C)Both A and B
D)Neither A nor B
Question
________ is lying to get victims to do something against their financial self interest.

A)Social engineering
B)Fraud
Question
Mobile code is another name for ________.

A)virus
B)worm
C)Both A and B
D)Neither A nor B
Question
Hacking is defined as intentionally using a computer resource without authorization.
Question
Attack programs that can be remotely controlled by an attacker are ________.

A)bots
B)DoS programs
C)exploits
D)All of the above.
Question
Which of the following can be upgraded after it is installed on a victim computer?

A)Trojan horses.
B)Bots.
C)Viruses.
D)Worms.
Question
What are the most dangerous types of employees?

A)Financial employees.
B)Manufacturing employees.
C)IT and IT security staff members.
D)Former employees.
Question
Which of the following is NOT one of the four major security planning principles?

A)Perimeter defense.
B)Risk analysis.
C)Comprehensive security.
D)Defense in depth.
Question
Hackers send probe packets to identify ________.

A)IP addresses with active hosts
B)hosts running certain applications
C)Both A and B
D)Neither A nor B
Question
What type of attacker are most attackers today?

A)Disgruntled employees and ex-employees.
B)Criminals.
C)Hackers motivated by curiosity.
D)Cyberterrorists.
Question
Which type of attack is made by national governments?

A)Cyberterror attacks.
B)Cyberwar attacks.
C)Both A and B
D)Neither A nor B
Question
It is generally illegal to write malware.
Question
What does a hacker usually do IMMEDIATELY after downloading a hacker toolkit?

A)Install a Trojan horse.
B)Create a backdoor.
C)Execute the exploit.
D)None of the above.
Question
Which of the following can be a type of backdoor?

A)A new account.
B)A Trojan horse.
C)Both A and B
D)Neither A nor B
Question
Hackers identify possible victim computers by sending ________.

A)worms
B)probe packets
C)hacks
D)exploits
E)compromises
Question
Methods that hackers use to break into computers are ________.

A)worms
B)probe packets
C)hacks
D)exploits
E)compromises
Question
Most hackers today are driven by curiosity,a sense of power,and,sometimes,a desire to increase their reputation among peers.
Question
After a break-in,the first step usually is to ________.

A)do damage manually
B)delete log files
C)create a backdoor
D)download a hacker toolkit
Question
DoS attacks attempt to ________.

A)hack a computer
B)reduce the availability of a computer
C)Both A and B
D)Neither A nor B
Question
Security is primarily a ________ issue.

A)management
B)technology
Question
What type of attacker can do the most damage?

A)Criminal attackers.
B)Hackers driven by curiosity.
C)Employees and ex-employees.
D)National governments.
Question
A way back into a system that an attacker can use to get into the compromised computer later is called a ________.(Choose the most specific answer.)

A)backdoor
B)Trojan horse
C)compromise
D)root exploit
E)rootkit
Question
In distributed DoS attacks,the attacker sends messages directly to ________.

A)bots
B)the intended victim of the DoS attack
C)backdoors
D)DOS clients
E)DOS servers
Question
Attackers only need to find a single weakness to break in.Consequently,companies must ________.

A)have comprehensive security
B)have insurance
C)do risk analysis
D)only give minimum permissions
Question
Actions that people are allowed to take on a resource comes under the heading of ________.

A)hacks
B)permissions
C)exploits
D)risks
Question
Which of the following must be followed?

A)Standards.
B)Guidelines.
C)Both A and B
D)Neither A nor B
Question
Which of the following is true?

A)Guidelines must be followed.
B)Guidelines must be considered.
C)Both A and B
D)Neither A nor B
Question
Balancing threats against protection costs is called ________.

A)economic justification
B)risk analysis
C)comprehensive security
D)defense in depth
Question
Oversight activities include ________.

A)vulnerability testing
B)creating guidelines
C)Both A and B
D)Neither A nor B
Question
Oversight helps ensure that a policy is implemented faithfully.
Question
In authentication,the ________ is the party trying to prove his or her identity.

A)supplicant
B)verifier
Question
Attacking your own firm occurs in ________.

A)vulnerability testing
B)auditing
C)Both A and B
D)Neither A nor B
Question
An attacker must break through two firewalls to get to a host.This illustrates the principle called ________.(Select the most specific answer.)

A)comprehensive security
B)having insurance
C)perimeter/internal defenses
D)defense in depth
Question
Implementation guidance is less specific than implementation.
Question
The goal of security is to eliminate risk.
Question
Authentication should be ________.

A)as strong as possible
B)appropriate for risks to the resource
C)the same for all resources,for consistency
D)All of the above.
Question
In general,people who receive access to a resource should be given maximum permissions so that they can do their jobs with few restrictions.
Question
________ is the general name for proofs of identity in authentication.

A)Permissions
B)Credentials
C)Authorizations
D)Certificates
E)Signatures
Question
Requiring someone requesting to use a resource to prove his or her identity is ________.

A)confidentiality
B)authentication
C)integrity
D)authorization
E)Both b.and d.
Question
Vulnerabilities are occasionally found in even the best security products.Consequently,companies must ________.(Select the best answer.)

A)have comprehensive security
B)have defense in depth
C)do risk analysis
D)only give minimum permissions
Question
Policies are separated by implementation to take advantage of ________.

A)implementer knowledge
B)the delegation of work principle
Question
Which of the following specifies what should be done?

A)Policies.
B)Implementation.
C)Both A and B
D)Neither A nor B
Question
Policies should drive ________.

A)implementation
B)oversight
C)Both A and B
D)Neither A nor B
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/124
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 3: Network Security
1
An attack that occurs before a patch is available is called a zero-day attack.
True
2
The threat environment includes ________.

A)attackers
B)attacks
C)Both A and B
D)Neither A nor B
C
3
Malware is a generic name for evil software.
True
4
Firewalls can usually stop viruses.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
5
Viruses most commonly spread from one computer to another ________.

A)via e-mail
B)by propagating directly by themselves
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following is a propagation vector for some worms?

A)E-mail.
B)Direct propagation.
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
7
Which of the following attach themselves to other programs?

A)Viruses.
B)Worms.
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
8
Antivirus programs can usually stop directly-propagating worms.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
9
Which of the following can thwart directly-propagating worms?

A)Antivirus programs.
B)Firewalls.
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
10
Which of the following sometimes uses direct propagation between computers?

A)Viruses.
B)Worms.
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
11
Scripts may execute software when a webpage is downloaded.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
12
Universal malware requires a vulnerability to succeed.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
13
Viruses propagate within a computer by infecting other programs in that computer.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
14
A compromise is an attempted attack.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
15
Compromises also are called ________.

A)breaches
B)incidents
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
16
Which of the following can spread more rapidly?

A)Directly-propagating viruses.
B)Directly-propagating worms.
C)Both of the above can spread with equal speed.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
17
Which phase of the plan-protect-respond cycle takes the largest amount of work?

A)Plan.
B)Protect.
C)Respond.
D)Each phase requires about equal effort.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
18
An action that will stop many viruses is ________.

A)installing a firewall
B)the use of an antivirus program
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
19
A ________ is a flaw in a program that permits a specific attack or set of attacks against this problem.

A)malware
B)security error
C)vulnerability
D)security fault
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
20
Users typically can eliminate a vulnerability in one of their programs by ________.

A)installing a patch
B)doing a zero-day installation
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
21
In identity theft,the attacker steals credit card numbers,which he or she will use to make unauthorized purchases.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
22
Scripts are normally bad.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
23
An attack in which an authentic-looking e-mail or website entices a user to enter his or her username,password,or other sensitive information is called ________.(Select the most specific answer.)

A)phishing
B)identity theft
C)social engineering
D)a spyware attack
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
24
A program that can capture passwords as you type them is ________.

A)a keystroke logger
B)data mining software
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
25
Which of the following tends to be more damaging?

A)Credit card theft.
B)Identity theft.
C)Both are about equally serious.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
26
Malware programs that masquerade as system files are called ________.

A)viruses
B)worms
C)spoofs
D)payloads
E)Trojan horses
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
27
Pieces of code that are executed after the virus or worm has spread are called ________.

A)vulnerabilities
B)exploits
C)compromises
D)payloads
E)All of the above.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
28
Unsolicited commercial e-mail is better known as ________.

A)adware
B)spam
C)social engineering
D)identity theft
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
29
A Trojan horse that sorts through files on the victim's computer to look for useable information is called ________.

A)a keystroke logger
B)data mining software
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
30
Trojan horses get onto computers by ________.

A)viruses
B)hackers
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
31
Tricking users into doing something against their interests is ________.

A)social engineering
B)hacking
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
32
The general name for malware on a user's PC that collects sensitive information and sends this information to an attacker is ________.

A)keystroke loggers
B)adware
C)spyware
D)data mining software
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
33
Trojan horses can get onto computers by ________.

A)self-propagation
B)hackers
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
34
Credit card number thieves are called ________.(Pick the most precise answer.)

A)numbers racketeers
B)frauds
C)identity thieves
D)carders
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
35
It is still hacking if a person breaks into a computer accidentally.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
36
The last stage in a hacking attack is the break-in.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
37
Scripts are likely to be dangerous only if a computer has a vulnerability.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
38
Spam can be used to ________.

A)implement a fraud
B)cause the reader to go to a website that will download malware to the victim's computer
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
39
________ is lying to get victims to do something against their financial self interest.

A)Social engineering
B)Fraud
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
40
Mobile code is another name for ________.

A)virus
B)worm
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
41
Hacking is defined as intentionally using a computer resource without authorization.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
42
Attack programs that can be remotely controlled by an attacker are ________.

A)bots
B)DoS programs
C)exploits
D)All of the above.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
43
Which of the following can be upgraded after it is installed on a victim computer?

A)Trojan horses.
B)Bots.
C)Viruses.
D)Worms.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
44
What are the most dangerous types of employees?

A)Financial employees.
B)Manufacturing employees.
C)IT and IT security staff members.
D)Former employees.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
45
Which of the following is NOT one of the four major security planning principles?

A)Perimeter defense.
B)Risk analysis.
C)Comprehensive security.
D)Defense in depth.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
46
Hackers send probe packets to identify ________.

A)IP addresses with active hosts
B)hosts running certain applications
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
47
What type of attacker are most attackers today?

A)Disgruntled employees and ex-employees.
B)Criminals.
C)Hackers motivated by curiosity.
D)Cyberterrorists.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
48
Which type of attack is made by national governments?

A)Cyberterror attacks.
B)Cyberwar attacks.
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
49
It is generally illegal to write malware.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
50
What does a hacker usually do IMMEDIATELY after downloading a hacker toolkit?

A)Install a Trojan horse.
B)Create a backdoor.
C)Execute the exploit.
D)None of the above.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
51
Which of the following can be a type of backdoor?

A)A new account.
B)A Trojan horse.
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
52
Hackers identify possible victim computers by sending ________.

A)worms
B)probe packets
C)hacks
D)exploits
E)compromises
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
53
Methods that hackers use to break into computers are ________.

A)worms
B)probe packets
C)hacks
D)exploits
E)compromises
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
54
Most hackers today are driven by curiosity,a sense of power,and,sometimes,a desire to increase their reputation among peers.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
55
After a break-in,the first step usually is to ________.

A)do damage manually
B)delete log files
C)create a backdoor
D)download a hacker toolkit
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
56
DoS attacks attempt to ________.

A)hack a computer
B)reduce the availability of a computer
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
57
Security is primarily a ________ issue.

A)management
B)technology
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
58
What type of attacker can do the most damage?

A)Criminal attackers.
B)Hackers driven by curiosity.
C)Employees and ex-employees.
D)National governments.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
59
A way back into a system that an attacker can use to get into the compromised computer later is called a ________.(Choose the most specific answer.)

A)backdoor
B)Trojan horse
C)compromise
D)root exploit
E)rootkit
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
60
In distributed DoS attacks,the attacker sends messages directly to ________.

A)bots
B)the intended victim of the DoS attack
C)backdoors
D)DOS clients
E)DOS servers
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
61
Attackers only need to find a single weakness to break in.Consequently,companies must ________.

A)have comprehensive security
B)have insurance
C)do risk analysis
D)only give minimum permissions
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
62
Actions that people are allowed to take on a resource comes under the heading of ________.

A)hacks
B)permissions
C)exploits
D)risks
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
63
Which of the following must be followed?

A)Standards.
B)Guidelines.
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
64
Which of the following is true?

A)Guidelines must be followed.
B)Guidelines must be considered.
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
65
Balancing threats against protection costs is called ________.

A)economic justification
B)risk analysis
C)comprehensive security
D)defense in depth
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
66
Oversight activities include ________.

A)vulnerability testing
B)creating guidelines
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
67
Oversight helps ensure that a policy is implemented faithfully.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
68
In authentication,the ________ is the party trying to prove his or her identity.

A)supplicant
B)verifier
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
69
Attacking your own firm occurs in ________.

A)vulnerability testing
B)auditing
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
70
An attacker must break through two firewalls to get to a host.This illustrates the principle called ________.(Select the most specific answer.)

A)comprehensive security
B)having insurance
C)perimeter/internal defenses
D)defense in depth
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
71
Implementation guidance is less specific than implementation.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
72
The goal of security is to eliminate risk.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
73
Authentication should be ________.

A)as strong as possible
B)appropriate for risks to the resource
C)the same for all resources,for consistency
D)All of the above.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
74
In general,people who receive access to a resource should be given maximum permissions so that they can do their jobs with few restrictions.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
75
________ is the general name for proofs of identity in authentication.

A)Permissions
B)Credentials
C)Authorizations
D)Certificates
E)Signatures
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
76
Requiring someone requesting to use a resource to prove his or her identity is ________.

A)confidentiality
B)authentication
C)integrity
D)authorization
E)Both b.and d.
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
77
Vulnerabilities are occasionally found in even the best security products.Consequently,companies must ________.(Select the best answer.)

A)have comprehensive security
B)have defense in depth
C)do risk analysis
D)only give minimum permissions
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
78
Policies are separated by implementation to take advantage of ________.

A)implementer knowledge
B)the delegation of work principle
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
79
Which of the following specifies what should be done?

A)Policies.
B)Implementation.
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
80
Policies should drive ________.

A)implementation
B)oversight
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 124 flashcards in this deck.
QuizPlus
surly
Quizplus
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App
surly
English
English
العربية
Scan to downloadDownload the App
qr-code

English
English
العربية
Copyright © 2025 Quizplus LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree