Chapter 1 Flashcards
Information Security is specific to securing information, whereas information systems security is focused on the security of the systems that house the information
A. True
B. False
True
Software manufacturers limit their liability when selling software using which of the following?
A. End-User License Agreements B. Confidentiality agreements C. Software Development agreements D. By developing error-free software and code so there is no liability E. None of the above
End-User License Agreements
The __________ tenet of information systems security is concerned with the recovery time objective.
A. Confidentiality B. Integrity C. Availability D. All of the above E. None of the above
Availability
If you are a publicly-traded company of U.S. federal government agency, you must go public and announce that you have had a data breach and must inform the impacted individuals of that data breach.
A. True
B. False
True
Organizations that require customer service representatives to access private customer data can best protect customer privacy and make it easy to access other customer data by using which of the following security controls?
A. Preventing customer service representatives from accessing private customer data.
B. Blocking out customer private data details and allowing access only to the last four digits of social security numbers or account numbers.
C. Encrypting all customer data.
D. Implementing second-tier authentication when accessing customer data bases
E. All the above
Blocking out customer private data details and allowing access only to the last four digits of social security numbers or account numbers.
The ______ is the weakest link in an IT infrastructure.
A. System/ Application Domain B. LAN-to-WAN Domain C. WAN Domain D. Remote Access Domain E. User Domain
User Domain
Which of the following security controls can help mitigate malicious email attachments?
A. Email filtering and quarantining
B. Email attachment antivirus scanning
C. Verifying with users that email source is reputable
D. Holding all inbound emails with unknown attachments
E. All of the above
All of the above
You can help ensure confidentiality by implementing _______.
A. An acceptable use policy. B. A data classification standard. C. An IT security policy framework D. A virtual private network for remoter access. E. Secure access controls
A virtual private network for remoter access.
Encrypting email communications is needed if you are sending confidential information within an email message trough the public internet.
A. True
B. False
True
Using security policies, standards, procedures, and guidelines helps organizations decrease risks and threats.
A. True
B. False
True
Data classification standard is usually part of which policy definition?
A. Asset protection policy
B. Acceptable use policy
C. Vulnerability assessment and management policy
D. Security awareness policy
E. Threat assessment and monitoring policy
Asset protection policy
A data breach is typically performed after which of the following?
A. Unauthorized access to the systems and applications is obtained.
B. Vulnerability assessment scan.
C. Configuration change request.
D. Implementation of a new data center.
E. Implementation of a web application update.
Unauthorized access to the systems and applications is obtained.
Maximizing availability primarily involves minimizing _____.
A. The amount of downtime recovering from a disaster
B. The mean time to repair a system of application
C. Downtime by implementing a business continuity plan.
D. The recovery time objective
E. All of the above.
All of the above.
Which of the following is not a U.S. compliance law or act?
A. CIPA B. FERPA C. FISMA D. PCI DSS E. HIPAA
PCI DSS
Internet IP packets are to cleartext what encrypted IP packets are to_____.
A. Confidentiality B. Ciphertext C. Virtual private networks. D. Cryptography algorithms E. None of the above
Ciphertext
The internet is an open, public network shared by the entire planet. Anyone can connect to the internet with a computer and a valid Internet connection and a browser.
A. True
B. False
True
Which of the following are challenges that IoT industry must overcome?
A. Security and privacy B. Interoperability and standards C. Legal and regulatory compliance D. E-commerce and economic development E. All of the above
All of the above
Which phenomenon helped drive near real-time, high-speed broadband connectivity to the endpoint device?
A. Internet connectivity B. Email C. VoIP D. Social media sharing E. All of the above
Social media sharing
Which of the following requires an IoT-connected automobile?
A. Near real-time access to household controls and systems
B. Ability to track the whereabouts of your children trough location finder GPS applications
C. Real-time alerts regarding reminders to pay bills on time.
D. Online e-commerce and online shopping with direct delivery
E. Traffic monitoring sensors that provide real-time
Traffic monitoring sensors that provide real-time updates for traffic conditions
Which of the following are impacts of the IoT on our business lives?
A. E-commerce
B. Integrated supply chain with front-end sales order entry
C. Companies now offering delivery services for products and services with real-time updates.
D. Customer reviews providing consumers with product and service reviews online and with more information about customer satisfaction
E. All of the above
All of the above
Which of the following helps support remote teleworking?
A. Presence/ availability B. IM chat C. Video conferencing D. Collaboration E. All of the above
E. All of the above
Which is a security challenges that IoT deployments must overcome?
A. Congestion of mobile IP traffic
B. Secure communication with other IoT devices
C. Liability of an IoT device failing to send an update message
D. Pricing for software licensing in the IoT device
E. Privacy data use sharing agreement
Secure communication with other IoT devices
Unified messaging provides what functionality for users on the go?
A. Voice messages that are converted to audio files and emailed to the user's mailbox for playback while on the road B. One-to-many communications C. Many-to-many communications D. VoIP communications and messaging E. SIP communications and messaging
Voice messages that are converted to audio files and emailed to the user’s mailbox for playback while on the road
Which of the following applications can eliminate the need for face-to-face training?
A. Audio/ Video conferencing B. Collaboration C. IM chat D. Presence/ availability E. All of the above
Collaboration
Why do e-commerce systems need the utmost in security controls?
A. It is a PCI DSS standard.
B. Private customer date is entered into websites
C. Credit card data is entered into websites
D. Customer retention requires confidence in secure online purchases.
E. All of the above
All of the above
Which of the following is not a challenge that must be overcome by IoT deployments?
A. Security B. Availability C. Legal and Regulatory D. E-commerce and economic development E. Privacy
Availability
Typically, data must be__________to be shared or used for research purposes.
A. Encrypted B. Hashed C. De-identified D. Masked out E. In clear text
De-identified
The main goal of a hacker is to steal or compromise IT assets and potentially steal data.
A. True
B. False
True