Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

network security > Chapter 1 > Flashcards

Chapter 1 Flashcards

1
Q

Ian recently earned his security certification and has been offered a promotion to a position that requires him to analyze and design security solutions as well as identifying users’ needs. Which of these generally recognized security positions has Ian been offered?

Security administrator

Security technician

Security officer

Security manager

A

Security administrator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Alyona has been asked by her supervisor to give a presentation regarding reasons why security attacks continue to be successful. She has decided to focus on the issue of widespread vulnerabilities. Which of the following would Alyona NOT include in her presentation?

Large number of vulnerabilities

End-of-life systems

Lack of vendor support

Misconfigurations

A

Misconfigurations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Tatyana is discussing with her supervisor potential reasons why a recent attack was successful against one of their systems. Which of the following configuration issues would NOT covered?

Default configurations

Weak configurations

Vulnerable business processes

Misconfigurations

A

Vulnerable business processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a race condition?

When a vulnerability is discovered and there is a race to see if it can be patched before it is exploited by attackers.

When two concurrent threads of execution access a shared resource simultaneously, resulting in unintended consequences.

When an attack finishes its operation before antivirus can complete its work.

When a software update is distributed prior to a vulnerability being discovered.

A

When two concurrent threads of execution access a shared resource simultaneously, resulting in unintended consequences.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following is NOT true regarding security?

Security is a goal.

Security includes the necessary steps to protect from harm.

Security is a process.

Security is a war that must be won at all costs.

A

Security is a war that must be won at all costs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following ensures that only authorized parties can view protected information?

Authorization

Confidentiality

Availability

Integrity

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is NOT a successive layer in which information security is achieved?

Products

People

Procedures

Purposes

A

Purposes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Complete this definition of information security: That which protects the integrity, confidentiality, and availability of information .

on electronic digital devices and limited analog devices that can connect via the Internet or through a local area network.

through a long-term process that results in ultimate security.

using both open-sourced as well as supplier-sourced hardware and software that interacts appropriately with limited resources.

through products, people, and procedures on the devices that store, manipulate, and transmit the information.

A

through products, people, and procedures on the devices that store, manipulate, and transmit the information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following is an enterprise critical asset?

System software

Information

Outsourced computing services

Servers, routers, and power supplies

A

Information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Gunnar is creating a document that explains risk response techniques. Which of the following would he NOT list and explain in his document?

Extinguish risk

Transfer risk

Mitigate risk

Avoid risk

A

Extinguish risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which act requires banks and financial institutions to alert their customers of their policies in disclosing customer information?

Sarbanes-Oxley Act (Sarbox)

Financial and Personal Services Disclosure Act

Health Insurance Portability and Accountability Act (HIPAA)

Gramm-Leach-Bliley Act (GLBA)

A

Gramm-Leach-Bliley Act (GLBA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

An organization that practices purchasing products from different vendors is demonstrating which security principle?

Obscurity

Diversity

Limiting

Layering

A

Diversity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is an objective of state-sponsored attackers?

To right a perceived wrong

To amass fortune over of fame

To spy on citizens

To sell vulnerabilities to the highest bidder

A

To spy on citizens(?)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Signe wants to improve the security of the small business where she serves as a security manager. She determines that the business needs to do a better job of not revealing the type of computer, operating system, software, and network connections they use. What security principle does Signe want to use?

Obscurity

Layering

Diversity

Limiting

A

Obscurity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are industry-standard frameworks and reference architectures that are required by external agencies known as?

Compulsory

Mandatory

Required

Regulatory

A

Regulatory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the category of threat actors that sell their knowledge of vulnerabilities to other attackers or governments?

Cyberterrorists

Competitors

Brokers

Resource managers

A

Brokers

17
Q

Which tool is most commonly associated with nation state threat actors?

Closed-Source Resistant and Recurrent Malware (CSRRM)

Advanced Persistent Threat (APT)

Unlimited Harvest and Secure Attack (UHSA)

Network Spider and Worm Threat (NSAWT)

A

Advanced Persistent Threat (APT)

18
Q

Why do cyberterrorists target power plants, air traffic control centers, and water systems?

These targets are government-regulated and any successful attack would be considered a major victory.

These targets have notoriously weak security and are easy to penetrate.

They can cause significant disruption by destroying only a few targets.

The targets are privately owned and cannot afford high levels of security.

A

They can cause significant disruption by destroying only a few targets.

19
Q

Adone is attempting to explain to his friend the relationship between security and convenience. Which of the following statements would he use?

“Security and convenience are not related.”

“Convenience always outweighs security.”

“Security and convenience are inversely proportional.”

“Whenever security and convenience intersect, security always wins.”

A

“Security and convenience are inversely proportional.”

20
Q

Which the following is NOT a reason why it is difficult to defend against today’s attackers?

Delays in security updating

Greater sophistication of defense tools

Increased speed of attacks

Simplicity of attack tools

A

Greater sophistication of defense tools

network security (16 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions