Chat with AI
Deck 7: Information Security
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/24
Play
Full screen (f)
Deck 7: Information Security
1
Which of the following factors contributes to the increasing vulnerability of organizational information resources?
A) Today's interconnected, interdependent, wirelessly networked business environment
B) Smaller, faster, cheaper computers and storage devices
C) Decreasing skills necessary to be a computer hacker
D) All of these options
A) Today's interconnected, interdependent, wirelessly networked business environment
B) Smaller, faster, cheaper computers and storage devices
C) Decreasing skills necessary to be a computer hacker
D) All of these options
D
2
Which if the following is NOT a common risk mitigation strategy?
A) Risk analysis
B) Risk limitation
C) Risk acceptance
D) Risk transference
A) Risk analysis
B) Risk limitation
C) Risk acceptance
D) Risk transference
A
3
The three major types of information security controls are:
A) access controls, physical controls, and communication controls.
B) risk controls, software controls, and access controls.
C) risk controls, application controls, and communication controls.
D) physical controls, biometric controls, and anti-malware controls.
A) access controls, physical controls, and communication controls.
B) risk controls, software controls, and access controls.
C) risk controls, application controls, and communication controls.
D) physical controls, biometric controls, and anti-malware controls.
A
4
The purpose of risk management is to _____.
A) train employees to follow security procedures to prevent potential software attacks
B) save money by not getting involved in expensive investigations to try to find the attacker that may not be successful
C) reduce risk to an acceptable level
D) eliminate risks at all costs
A) train employees to follow security procedures to prevent potential software attacks
B) save money by not getting involved in expensive investigations to try to find the attacker that may not be successful
C) reduce risk to an acceptable level
D) eliminate risks at all costs
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
5
The lower the level of employee, the greater the threat he or she poses to information security.
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
6
Unintentional threats to information systems include all of the following except:
A) discarding old computer hardware without completely wiping the memory.
B) choosing and using strong passwords.
C) accidentally losing or misplacing a company's laptop.
D) opening e-mails from someone unknown.
A) discarding old computer hardware without completely wiping the memory.
B) choosing and using strong passwords.
C) accidentally losing or misplacing a company's laptop.
D) opening e-mails from someone unknown.
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
7
An information resource's vulnerability is _____.
A) any danger to an information resource
B) the potential loss or damage to an information resource
C) the possibility that the system will be harmed by a threat
D) the processes designed to protect an organization's information systems
A) any danger to an information resource
B) the potential loss or damage to an information resource
C) the possibility that the system will be harmed by a threat
D) the processes designed to protect an organization's information systems
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
8
Which of the following types of remote software attack does not require user action?
A) Virus
B) Worm
C) Phishing attack
D) Denial-of-service attack
A) Virus
B) Worm
C) Phishing attack
D) Denial-of-service attack
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
9
Which of the following is NOT a social engineering technique?
A) Tailgating
B) Shoulder surfing
C) Careless Internet surfing
D) Attacker posing as an exterminator
A) Tailgating
B) Shoulder surfing
C) Careless Internet surfing
D) Attacker posing as an exterminator
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
10
Information security controls designed by a company can protect data, software, and hardware, but they cannot protect networks as the Internet is not under the control of the company.
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
11
Which of the following is a remote software attack from outside the system that requires a user inside the system to take some type of action?
A) The attacker has a back door into the system with a password created by a programmer and known only to him or her.
B) A computer programmer hides a Trojan horse in a program that will activate at a later time.
C) A worm is attached to a regular program that performs the malicious actions when a file or link is opened.
D) The attacker uses zombies or bots from many computers to request information from the company's computer.
A) The attacker has a back door into the system with a password created by a programmer and known only to him or her.
B) A computer programmer hides a Trojan horse in a program that will activate at a later time.
C) A worm is attached to a regular program that performs the malicious actions when a file or link is opened.
D) The attacker uses zombies or bots from many computers to request information from the company's computer.
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
12
Organizational employees are a weak link in information security.
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
13
A threat is _____.
A) any danger to which an information resource may be exposed
B) the potential loss or damage to an information resource
C) the possibility that an information resource will be lost or damaged
D) the processes designed to protect an organization's information systems
A) any danger to which an information resource may be exposed
B) the potential loss or damage to an information resource
C) the possibility that an information resource will be lost or damaged
D) the processes designed to protect an organization's information systems
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
14
Which of the following would be an example of a SCADA attack?
A) Bank accounts are hacked post purchases on the Internet.
B) Social security numbers are deleted from a company's database.
C) Computer viruses are introduced into the electrical company's systems resulting in a shutdown of the company's power plant.
D) E-mail accounts are hacked and kinky messages are sent to all of the user's contacts.
A) Bank accounts are hacked post purchases on the Internet.
B) Social security numbers are deleted from a company's database.
C) Computer viruses are introduced into the electrical company's systems resulting in a shutdown of the company's power plant.
D) E-mail accounts are hacked and kinky messages are sent to all of the user's contacts.
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
15
Protecting an organization's information is becoming increasingly difficult due to the number of small devices, such as flash drives, that thieves can use to steal data.
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
16
Which of the following statements about information technology (IT) is accurate?
A) IT benefits only organizations and not individuals.
B) IT cannot be misused.
C) IT has made businesses more efficient and responsive to consumers.
D) IT is not important to small businesses.
A) IT benefits only organizations and not individuals.
B) IT cannot be misused.
C) IT has made businesses more efficient and responsive to consumers.
D) IT is not important to small businesses.
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
17
_____ drafted several players who were instrumental to the Cardinals victory in the 2011 World Series.
A) Pete Dunn
B) Shodan Redbird
C) Jeff Luhnow
D) Greg Moore
A) Pete Dunn
B) Shodan Redbird
C) Jeff Luhnow
D) Greg Moore
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
18
In the context of protecting information resources, it is easy to conduct a cost-benefit justification for controls before an attack occurs because it is easy to assess the impact of a hypothetical attack.
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
19
Which of the following employees typically pose the most significant threat to information security?
A) Janitors
B) Contract labor
C) Consultants
D) Human resources employees
A) Janitors
B) Contract labor
C) Consultants
D) Human resources employees
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
20
All remote software attacks require user action.
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
21
Communications controls consist of _____.
A) authentication, passwords, and authorization
B) motion detectors, locked doors, guards, and temperature sensors
C) firewalls, anti-malware systems, and virtual private networks
D) input, processing, and output controls
A) authentication, passwords, and authorization
B) motion detectors, locked doors, guards, and temperature sensors
C) firewalls, anti-malware systems, and virtual private networks
D) input, processing, and output controls
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
22
Evidence of the breaches related to the United States Office of Personnel Management appears to have been discovered accidentally during a product demonstration by network security company _____.
A) Ponemon Institute
B) Sony Pictures Entertainment
C) Houston Astros
D) CyTech Services
A) Ponemon Institute
B) Sony Pictures Entertainment
C) Houston Astros
D) CyTech Services
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
23
Which of the following hacker groups successfully attacked Sony Pictures Entertainment on November 24, 2014?
A) Guardians of Peace
B) Sunshine Cinema
C) Scambusters
D) Carmike
A) Guardians of Peace
B) Sunshine Cinema
C) Scambusters
D) Carmike
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
24
Which of the following statements is true?
A) Multifactor authentication is more reliable and less expensive than single-factor authentication.
B) Multifactor authentication is more reliable and more expensive than single-factor authentication.
C) Multifactor authentication is less reliable and less expensive than single-factor authentication.
D) Multifactor and single-factor authentications have the same degree of reliability.
A) Multifactor authentication is more reliable and less expensive than single-factor authentication.
B) Multifactor authentication is more reliable and more expensive than single-factor authentication.
C) Multifactor authentication is less reliable and less expensive than single-factor authentication.
D) Multifactor and single-factor authentications have the same degree of reliability.
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 24 flashcards in this deck.
