Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Power Point And U Certify > Chapt 9 > Flashcards

Chapt 9 Flashcards

1
Q

what type of bio-metric sensor is on newer mobile devices?

A

fingerprint scanner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

when someone goes through the trash to obtain sensitive info, that is called ?

A

dumpster diving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

asking users to reveal sensitive or personal info over the phone is referred to as ______ _______?

A

social engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

looking at someone’s computer to see sensitive info they type in or display is called what?

A

shoulder surfing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

a problem in the coding of software that is used by an attacker is called what?

A

exploit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

malware that attaches itself to an executable program and does damage to your computer is called what?

A

virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

malware that self-replicates and carries a payload of other malware is called what?

A

worm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

a program that appears to be beneficial but is actually malware is called what?

A

trojan horse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

malware that tracks your internet activity and sells that info to marketers is called what?

A

spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

malware that extorts those infected to pay a fee to remove the malware is called what?

A

ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

excessive, unwanted email is referred to as what?

A

spam

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

if you forget a password, what type of software can help you recover it?

A

password cracker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

the three types of intellectual property protection are what?

A

copyright, trade mark, patents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

a(n) _____ is used for intellectual property protection of a logo, word or words

A

trademark

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

a(n) ____ is used for intellectual property protection of a book or a song.

A

copyright

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

a(n) ______ is used for intellectual property protection of an invention.

A

patent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

what are five examples of confidentiality concerns?

A

snooping, eavesdropping, wiretapping, social engineering, and dumpster diving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

what are four examples of integrity concerns?

A

man in the middle, replay attack, impersonation, unauthorized information alteration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

what are five examples of availability concerns?

A

denial of service, power outage, hardware failure, destruction, service outage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

in information security, a(n) __________ concern is one that involves maintaining privacy of data.

A

confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

in information security, a(n) _______ concern is one that involves ensuring the data in true and accurate.

A

integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

in information security, a(n) _______ concern is one that involves ensuring the data is accessible when users need it

A

availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

requiring another form of identification in addition to a password in order to log in is know as what?

A

multi factor authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

list examples of authentication factors.

A

password, pin, one-time password, software token, hardware token, bio-metrics, specific location, security questions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

when a user types a password once and is given access to multiple systems, what is that called?

A

single sign on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

what security concept asks the question, ‘who are you’?

A

authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

what security concept determines what you can do on a network?

A

authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

when assigning security permissions, always follow the _______ _______ model.

A

least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

when users are allowed to assign their own permissions, that is known as a _____ access control model.

A

discretionary

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

when users are assigned permissions based on job function and can’t be assigned permissions based on their user account, that is known as a _______ access control model.

A

role-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

which access control model uses security labels, classifications, and categories?

A

mandatory access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

which security concept is responsible for tracking user actions on a system?

A

accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

which security concept ensures that users can’t deny that an event took place?

A

nonrepudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

two ways to track user actions on a system are what?

A

logs and web browser history

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

what are four examples of non-repudiation factors?

A

video, bio-metrics, signature, receipt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

needing to provide a password and present a smart card to log in is an example of __________ __________.

A

multifactor authentication

37
Q

three types of info used in multi-factor authentication are what?

A

something you know, something you have, something you are

38
Q

the ability to enter login information once and have it transfer to other systems is called what?

A

single sign on

39
Q

you have been asked to lead a class on preventing social engineering. what two topics should you be sure to cover. choose two.

viruses and worms
shoulder surfing
hardware theft
phishing

A

shoulder surfing and phishing

40
Q

what is the name of an app that appears to look like a helpful app but instead does harm to your computer?

worm, virus, trojan horse, malware

A

trojan horse

41
Q

you recieve an email from your bank telling you that your account has been compromised and you need to validate your account details or else your account will be closed. you are supposed to click a link to validate your information. this is an example of?

phishing
security breach at the bank
spam
ransomware

A

phishing

42
Q

which of the following security terms best describes the process of determining what a user can do with a resource?

accounting, authorization, authentication, nonrepudiation

A

authorization

43
Q

your network’s security model requires that the admin configure permissions based on a user’s job within the company. what ‘access control’ does this describe?

discretionary, mandatory, rule-based, role-based

A

role based

44
Q

which of the following can be used as an authentication factor and for nonrepudiation?

bio-metrics, one-time password, password, security question

A

biometrics

45
Q

which of the following OS’s are susceptible to viruses?

win, mac, linux
win and mac
win
win, mac, linux, android

A

win, mac, linux, android

46
Q

esther has just written a new book, and she wants to ensure that she owns the intellectual property. which type of protection should she get?

patent, copyright, digital product, trademark

A

copyright

47
Q

which of the following are threats to data availability? choose two:

wiretapping, replay attack, service outage, destruction

A

service outage and destruction

48
Q

to log into a network you must use a password and answer a security question. what is this an example of?

multifactor authentication, single sign on, authorization, nonrepudiation

A

multifactor authentication

49
Q

you are implementing multi factor security on a computer. which of the following is not a valid factor?

hardware token, specific location, receipt, password

A

receipt

50
Q

what is it called when a co-worker sitting next to you always seems to look your way when you try to enter your user id and password to log onto the network?

phishing, coincidence, shoulder surfing, social engineering

A

shoulder surfing

51
Q

which of the following statements are true of social engineering? choose two:

a) the attacker attempts to acquire info about your network or system by public means
b) the attack may occur over the phone, by email or even in person.
c) the attacker goes through the dumpster to steal info
d) the attacker keeps an eye when someone enter their sensitive info or data

A

a) the attacker attempts to acquire info about your network or system by public means
b) the attack may occur over the phone, by email or even in person.

52
Q

on a network, a user needs to access three different types of systems. however, they are required to enter their username and password only when they initially login. this is?

authentication, nonrepudiation, authorization, single sign on

A

single sign on

53
Q

you are concerned about confidentiality of client records, which of the following should you be on the lookout for? choose two:

replay attack, social engineering, denial of service, eavesdropping

A

social engineering and eaves dropping

54
Q

you have invented a toy, what type of intellectual protection should you get?

trademark, receipt, patent, copyright

A

patent

55
Q

your manager is concerned about potential wiretapping on the wireless network. what type of concern is this?

authorization, integrity, confidentiality, availability

A

confidentiality

56
Q

which of the following are activities that a hacker might attempt?

stealing usernames and passwords
modifying website content
disrupting network comms
analyzing network traffic
all of these

A

all

57
Q

which of the following threats can directly impact data integrity on a network? choose two:

denial of service, impersonation, man in the middle, snooping

A

impersonation, man in the middle

58
Q

a network admin wants to enable accounting on her network. which options should she use? choose two:

bio-metrics, web browser history, software tokens, transaction logs

A

web browser history, transaction logs

59
Q

protect intellectual property that is a word or words or a symbol

trademark, copyright, or patent

A

trademark

60
Q

protect intellectual property that is an original work of authorship

trademark, copyright, or patent

A

copyright

61
Q

protect intellectual property that is an invention

trademark, copyright, or patent

A

patent

62
Q

the attacker captures network traffic and then looks for key pieces of info.

eavesdropping, shoulder surfing, snooping, social engineering, phishing, wiretapping

A

snooping

63
Q

the attacker simply listens (with ears) to a conversation to glean key info

eavesdropping, shoulder surfing, snooping, social engineering, phishing, wiretapping

A

eavesdropping

64
Q

the attacker monitors the communication between two parties over network cables or wireless connections without authorization.

eavesdropping, shoulder surfing, snooping, social engineering, phishing, wiretapping

A

wiretapping

65
Q

the attacker attempts to acquire info about your network or system by public means.

eavesdropping, shoulder surfing, snooping, social engineering, phishing, wiretapping

A

social engineering

66
Q

the attacker uses info that the target would be less likely to question because it appears to be coming from a trusted source.

eavesdropping, shoulder surfing, snooping, social engineering, phishing, wiretapping

A

phishing

67
Q

the attacker keeps an eye when someone enter their sensitive info or data

eavesdropping, shoulder surfing, snooping, social engineering, phishing, wiretapping

A

shoulder surfing

68
Q

ensures that private data stays that way

integrity, availability, confidentiality

A

confidentiality

69
Q

means that the data is accurate and consistent

integrity, availability, confidentiality

A

integrity

70
Q

means that the data is accessible by the user.

integrity, availability, confidentiality

A

availability

71
Q

intercepting data then sending the data back and forth as if nothing is wrong.

unauthorized info alteration
man in the middle attack
replay attack
impersonation

A

man in the middle attack

72
Q

pretending to be something or someone that you are not to seek the information

unauthorized info alteration
man in the middle attack
replay attack
impersonation

A

impersonation

73
Q

changing data within a database to damage the company

unauthorized info alteration
man in the middle attack
replay attack
impersonation

A

unauthorized info alteration

74
Q

capturing information from a sender with the intent of using it later

unauthorized info alteration
man in the middle attack
replay attack
impersonation

A

replay attack

75
Q

used to cause damage and or disruption to the system

virus, worm, adware, spyware, ransomware

A

virus

76
Q

used to transmit malware to harm other computers

virus, worm, adware, spyware, ransomware

A

worm

77
Q

used to display unwanted ads on a screen

virus, worm, adware, spyware, ransomware

A

adware

78
Q

used to report on you computer and possibly steal data

virus, worm, adware, spyware, ransomware

A

spyware

79
Q

used to extract payments from the infected user

virus, worm, adware, spyware, ransomware

A

ransomware

80
Q

seeks to keep a record of who accessed what and when, and the actions they performed

accounting, authentication, authorization

A

accounting

81
Q

provides assurance and verification about the identity of a user

accounting, authentication, authorization

A

authenication

82
Q

determines certain level of access for each user on the basis of policies, rules and attributes

accounting, authentication, authorization

A

authorization

83
Q

considered as a visual proof that no one can deny

video, bio-metrics, signature, receipt

A

video

84
Q

requires a fingerprint or facial scan for system access

video, bio-metrics, signature, receipt

A

bio-metrics

85
Q

authorizes a cheque or document that has been agreed by you

video, bio-metrics, signature, receipt

A

signature

86
Q

considered as a digital or paper proof of any purchase transaction

video, bio-metrics, signature, receipt

A

receipt

87
Q

_________ concerns include snooping, eavesdropping, wiretapping, social engineering and dumpster diving

A

confidentiality

88
Q

_________ concerns include man in the middle attack, replay attack, impersonation and unauthorized info alteration

A

integrity

89
Q

________ concerns include denial of service, service outages, power outages, hardware failure, and hardware destruction

A

availability

Power Point And U Certify (16 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions