Chapter 11

Question 1

Security on a network not only means being able to prevent a hacker from breaking
into your computer but also includes being able to recover from temporary service
problems or from natural disasters.

Answer 1

T

Question 2

The rise of the Internet has increased significantly the potential vulnerability of an
organization’s assets

Answer 2

T

Question 3

The CERT ( Computer Emergency Response Team) was established at MIT

Answer 3

F. Carnegie Mellon University

Question 4

Confidentiality refers to the protection of the organizational data from unauthorized
disclosure of customer and proprietary data.

Answer 4

T

Question 5

Maintaining data integrity is not a primary goal of security.

Answer 5

F

Question 6

According to Symantec, more than 50% of all targeted companies had fewer than
2,500 employees because they
a. often have weaker security.
b. have more assets.
c. are more likely to have credit card numbers available.
d. are likely off-shore.
e. have lower bandwidth

Answer 6

A

Question 7

Why are smaller organizations often targeted by cyberattacks?
a) Due to their larger financial reserves
b) Because they have weaker security measures
c) They are less likely to hold valuable data
d) Their employees are more knowledgeable about cybersecurity

Answer 7

B

Question 8

In the context of transnational cybercrime, what does the text suggest about the effectiveness of enforcement measures?
a) Enforcement efforts have significantly reduced cybercrime rates.
b) Laws are well-established, but enforcement is slow.
c) International collaboration has streamlined enforcement processes.
d) Cybercriminals often face severe penalties, deterring further criminal activity.

Answer 8

B

Question 9

According to the text, what is the legal status of unauthorized computer access in the United States?
a) It is not considered a crime.
b) It is only a crime if done for malicious purposes.
c) It is a federal crime.
d) It is regulated at the state level.

Answer 9

B

Question 10

Which of the following entities is mentioned as focusing on combating cybercriminal activities?
a) CERT
b) IETF
c) IEEE
d) ISO

Answer 10

A

Question 11

What is one of the primary objectives of CERT, APWG, Kaspersky Lab, McAfee, and Symantec?
a) Promoting cybercriminal activities
b) Assisting individuals, organizations, and governments in combating cybercrime
c) Developing new cyber weapons
d) Hacking into government database

Answer 11

B

Question 12

How has the perception of hacking evolved over time, according to the text?
a) Hacking is no longer practiced.
b) Hacking is now considered a hobby.
c) Hacking has transitioned into a profession.
d) Hacking is exclusively conducted by amateurs.

Answer 12

C

Question 13

What can professional organizations be hired to do, according to the text?
a) Develop cybersecurity software
b) Break into specific networks to steal valuable information
c) Provide cybersecurity training to individuals
d) Assist law enforcement in apprehending cybercriminals

Answer 13

B

Question 14

What type of information do cybercriminals often target when breaking into networks?
a) Weather forecasts
b) Celebrity gossip
c) Credit card details, personal data, intellectual property, or computer code
d) Historical events

Answer 14

C

Question 15

How do cybercriminals often attempt to deceive individuals into revealing sensitive information?
a) By sending physical letters
b) Through social engineering, such as phishing emails
c) By making phone calls
d) By posting on social media

Answer 15

B

Question 16

The use of hacking techniques to bring attention to a larger political or social goal is
referred to as _____.
a. cracking
b. ethical politics
c. hacktivism
d. social engineering
e. brute force attacks

Answer 16

C

Question 17

Why has network security gained emphasis, according to the text?
a) Decreased reliance on digital technology
b) High-profile security breaches and government regulatory pronouncements
c) Rise of amateur hacking communities
d) Decreased interest in cyber activities

Answer 17

b

Question 18

In addition to financial losses, what else can result from security breaches?
a) Increased consumer confidence
b) Expansion of business operations
c) Reduced consumer confidence
d) Decreased reliance on computer networks

Answer 18

C

Question 19

What factor contributes to the loss of income for organizations during security breaches?
a) Increased consumer spending
b) Systems being offline, especially if they are “mission-critical”
c) Enhanced cybersecurity measures
d) Improved employee productivity

Answer 19

B

Question 20

According to the text, what are some potential consequences of the disruption of application systems that rely on computer networks?
a) Increased consumer confidence
b) Expansion of business operations
c) Financial losses
d) Reduced operational efficiency

Answer 20

C

Question 21

What does the term “mission-critical” refer to in the context of computer networks?
a) Systems that are not important for organizational survival
b) Systems that are critical to the survival of an organization
c) Systems that are rarely used by organizations
d) Systems that are easily replaceable

Answer 21

B

Question 22

what exceeds the cost of networks themselves?
a) The value of data stored on organizations’ networks
b) The cost of cybersecurity measures
c) The maintenance expenses of networks
d) The cost of network hardware

Answer 22

A

Question 23

What is highlighted as the primary objective of network security?
a) Protecting the physical infrastructure of networks
b) Safeguarding organizations’ data and application software
c) Securing the connections between different networks
d) Ensuring uninterrupted network access

Answer 23

B

Question 24

what are the three primary goals of security?
a) Confirmation, Indemnification, Authentication
b) Confidentiality, Intimacy, Authentication
c) Confidentiality, Integrity, Availability
d) Confidentiality, Intrusion, Authentication

Answer 24

C

Question 25

What does confidentiality refer to in the context of security?
a) Ensuring the security of physical assets
b) Protecting organizational data from unauthorized disclosure
c) Preventing interruptions in service
d) Ensuring the accuracy of data

Answer 25

B

Question 26

What is the goal of integrity in security?
a) Ensuring continuous operation of hardware and software
b) Protecting data from unauthorized disclosure
c) Ensuring that data remain unaltered and intact
d) Preventing unauthorized access to data

Answer 26

C

Question 27

What does availability focus on in terms of security?
a) Protecting data from unauthorized disclosure
b) Ensuring continuous operation of hardware and software
c) Ensuring the accuracy of data
d) Preventing unauthorized access to data

Answer 27

C

Question 28

According to the text, what are the two main types of threats to confidentiality, integrity, and availability?
a) Cyber threats and physical threats
b) Insider threats and outsider threats
c) Ensuring business continuity and preventing unauthorized access
d) Software threats and hardware threats

Answer 28

c

Question 29

Business continuity planning refers primarily to ensuring availability, with some
aspects of data integrity

Answer 29

T

Question 30

A network switch failure is an example of a(n) ________ threat.
a. internal
b. disruptive
c. causal
d. intrusion
e. disaster

Answer 30

B

Question 31

What is one example of a disruption-related threat mentioned in the text?
a) Unauthorized access to network resources
b) Loss or reduction in network service
c) Data breaches resulting in confidential information leaks
d) Hardware failures causing data corruption

Answer 31

B

Question 32

An example of _____ data would be if a computer virus eliminated files on that
computer.
a. disruption
b. controlled chaos
c. intrusion
d. destruction
e. disaster

Answer 32

D

Question 33

A tornado that eliminates a network control center would be an example of a natural
__________.
a. disaster
b. disruption
c. controlled chaos
d. destruction
e. intrusion

Answer 33

A

Question 34

Intrusion primarily refers to the loss of confidentiality of organizational data.

Answer 34

T

Question 35

What can disasters potentially destroy, according to the text?
a) Network hardware
b) Buildings housing network infrastructure
c) Data integrity
d) Software applications

Answer 35

B

Question 36

Often, incidents of unauthorized access known as___________, involve employees of
the organization, surprisingly enough.
a. intrusion
b. disruption
c. controlled chaos
d. destruction
e. disaster

Answer 36

A

Question 37

A hacker gaining access to organizational data files and resources is an example of
a(n) ____________ threat.
a. disruptive
b. controlled chaos
c. disruptive
d. intrusion
e. disaster

Answer 37

D

Question 38

What is a common factor in almost half of intrusion incidents?
A) External hacking attempts
B) Inadequate cybersecurity measures
C) Involvement of competitors
D) Employee involvement

Answer 38

D

Question 39

What range of effects can intrusions have on organizations?
A) Limited to minor inconveniences
B) Primarily curiosity-driven exploration
C) Varying from curiosity-driven exploration to serious threats
D) Predominantly industrial espionage by competitors

Answer 39

C

Question 40

Which of the following is NOT listed as a serious threat posed by intrusions?
A) Industrial espionage by competitors
B) Theft of customer credit card numbers for identity theft
C) Unauthorized disclosure of internal memos
D) Fraudulent alteration or destruction of files to harm the organization

Answer 40

C

Question 41

What is the primary purpose of implementing network controls in a secure network?
A) Enhancing network speed
B) Reducing or eliminating threats to network security
C) Increasing network bandwidth
D) Improving network aesthetics

Answer 41

B

Question 42

Controls are mechanisms that reduce or eliminate threats to network security

Answer 42

T

Question 43

What forms can network controls take?
A) Software, hardware, and human resources
B) Hardware and software only
C) Rules and procedures only
D) Software and procedures only

Answer 43

A

Question 44

What is the role of controls in relation to threats facing computer-based systems within an organization?
A) Enhancing the functionality of computer systems
B) Isolating computer systems from external networks
C) Preventing, detecting, and/or correcting potential issues
D) Creating new vulnerabilities within computer systems

Answer 44

c

Question 45

Corrective controls reveal or discover unwanted events

Answer 45

F. Detect

Question 46

Preventive controls mitigate or stop a person from acting or an event from occurring.

Answer 46

T

Question 47

Which of the following is not one of the major categories (or sub-categories) into
which network security threats can be placed?
a. disruption
b. destruction
c. controlled chaos
d. intrusion
e. disaster

Answer 47

C

Question 48

_________ controls stop a person from acting.
a. Detective
b. Corrective
c. Mitigating
d. Preventive
e. Backup

Answer 48

D

Question 49

________ controls discover unwanted events.
a. Preventive
b. Corrective
c. Detective
d. Mitigating
e. Backup

Answer 49

C

Question 50

________ controls fix a trespass into the network.
a. Corrective
b. Detective
c. Preventive
d. Mitigating

Answer 50

A

Question 51

What does network security encompass besides preventing hackers from accessing computers?
A) Ensuring network speed optimization
B) Recovering from temporary service problems and natural disasters
C) Implementing new network features
D) Increasing network bandwidth

Answer 51

B

Question 52

What is a crucial aspect of securing a network according to the provided text?
A) Implementing advanced encryption techniques
B) Assigning blame in case of security breaches
C) Having designated personnel accountable for controls
D) Ignoring temporary service problems

Answer 52

C

Question 53

What responsibilities do personnel designated for network security have?
A) Developing controls, monitoring their effectiveness, and updating them as needed
B) Managing network aesthetics, updating software, and ensuring network stability
C) Enforcing strict user policies, optimizing network speed, and managing hardware procurement
D) Conducting routine network maintenance, designing network layouts, and troubleshooting user issues

Answer 53

A

Question 54

Why is periodic review of controls necessary for network security?
A) To increase network complexity
B) To enhance network aesthetics
C) To ensure controls are still effective and operational
D) To decrease network functionality

Answer 54

C

Question 55

What should be done if there are procedures for temporary overrides on controls?
A) They should be loosely controlled to allow for flexibility
B) They should be tightly controlled and monitored
C) They should be ignored as they compromise network security
D) They should be disabled to prevent misuse

Answer 55

B

Question 56

What is the initial step in developing a secure network?
A) Implementing advanced encryption techniques
B) Conducting a risk assessment
C) Assigning blame in case of security breaches
D) Ignoring potential security risksAnswer

Answer 56

B

Question 57

What does a risk assessment involve?
A) Implementing controls to mitigate all risks
B) Prioritizing security risks to information systems and networks
C) Assigning blame for security breaches
D) Increasing network bandwidth

Answer 57

B

Question 58

How are levels of risk assigned in a risk assessment?
A) By randomly assigning values to threats
B) By comparing the nature of threats to the controls designed to reduce them
C) By ignoring the nature of threats and focusing only on controls
D) By implementing all available controls

Answer 58

B

Question 59

What is the aim of commonly used risk assessment frameworks?
A) To increase complexity and confuse readers
B) To provide strategies that are difficult to understand
C) To ensure understanding by both technical and non-technical readers
D) To focus solely on technical readers

Answer 59

C

Question 60

What should a risk assessment clearly indicate?
A) The exact methods hackers use to attack networks
B) High-risk systems and network components, and implemented and required controls
C) The number of security breaches in the past year
D) The names of all employees responsible for network security

Answer 60

B

Question 61

Which organization developed the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) framework?
A) Computer Emergency Readiness Team
B) Information Systems Audit and Control Association
C) National Institute of Standards and Technology
D) Computer Emergency Response Team

Answer 61

A

Question 62

Which organization is responsible for the development of the Risk Management Guide for Information Technology Systems (NIST guide)?
A) Computer Emergency Readiness Team
B) Information Systems Audit and Control Association
C) National Institute of Standards and Technology
D) Computer Emergency Response Team

Answer 62

C

Question 63

Which organization is responsible for COBIT?
A) National Institute of Standards and Technology
B) Information Systems Audit and Control Association
C) Computer Emergency Readiness Team
D) Computer Emergency Response Team

Answer 63

B

Question 64

What does COBIT stand for?
A) Computer Operations and Business Information Technology
B) Control Objectives for Information and Related Technology
C) Centralized Objectives for Business and Information Technology
D) Comprehensive Operations and Business Information Toolkit

Answer 64

b

Question 65

What is the first common step shared by all three risk assessment frameworks?
A) Inventory IT assets
B) Develop risk measurement criteria
C) Identify improvements
D) Document existing controls

Answer 65

B

Question 66

Which step involves compiling a list of all IT assets within an organization?
A) Identify threats
B) Develop risk measurement criteria
C) Inventory IT assets
D) Document existing controls

Answer 66

C. Step 2

Question 67

What is the purpose of identifying threats in the risk assessment process?
A) To develop risk measurement criteria
B) To inventory IT assets
C) To document existing controls
D) To understand potential risks to the organization’s IT environment

Answer 67

D. Step 3: Identify threat

Question 68

Which step involves recording the current measures in place to mitigate risks?
A) Identify improvements
B) Develop risk measurement criteria
C) Inventory IT assets
D) Document existing controls

Answer 68

D

Question 69

What is the final step common to all three frameworks?
A) Identify improvements
B) Develop risk measurement criteria
C) Inventory IT assets
D) Identify threats

Answer 69

A

Question 70

A threat to the data communications network is any potential adverse occurrence that
can do harm, interrupt the systems using the network, or cause a monetary loss to the
organization

Answer 70

T

Question 71

Companies have learned that threats from hacking from its own employees occur
about as often as by outsiders.

Answer 71

t

Question 72

A ___________ assigns levels of risk to various threats to network security by
comparing the nature of the threats to the controls designed to reduce them.
a. risk assessment
b. backplane
c. mitigating control factor analysis
d. control verification worksheet
e. control test plan

Answer 72

A

Question 73

What is the purpose of developing risk measurement criteria?
A) To identify potential threats to the organization
B) To assess the effectiveness of existing controls
C) To evaluate the impact of security threats on the organization
D) To inventory IT assets

Answer 73

C

Question 74

A(n) __________ is any potential adverse occurrence that can do harm, interrupt the
system using the network to cause monetary loss to the organization.
a. asset
b. service level agreement
c. threat
d. security plan
e. network design

Answer 74

C

Question 75

What are some common impact areas used in risk measurement criteria?
A) Inventory management, marketing, and sales
B) Financial, productivity, reputation, safety, and legal implications
C) Technical support, network infrastructure, and software development
D) Human resources, customer service, and administration

Answer 75

b

Question 76

Which of the following is not considered one of the five most common business
impacts?
a. Financial
b. Productivity
c. Reputation
d. Social
e. Safety

Answer 76

D

Question 77

Why is prioritization of impact areas important in risk assessment?
A) To assign a ranking to each impact area
B) To ensure all impact areas are addressed equally
C) To avoid distinguishing between impact areas
D) To focus resources on addressing the most critical concerns

Answer 77

D

Question 78

How do organizations determine the prioritization of impact areas?
A) By assigning equal importance to all impact areas
B) By consulting external auditors
C) Based on the specific needs and objectives of the organization
D) By following standardized industry guidelines

Answer 78

c

Question 79

Who is responsible for developing measures of high, medium, and low-impact areas in risk assessment?
A) IT administrators
B) Security analysts
C) Business leaders
D) External auditors

Answer 79

C

Question 80

What is the purpose of developing measures of high, medium, and low-impact areas?
A) To increase network bandwidth
B) To assign blame for security breaches
C) To evaluate the effectiveness of existing controls
D) To assess the severity of potential risks to the organization

Answer 80

D

Question 81

Which example is provided to illustrate how impact areas can be measured?
A) Assigning “low” impact to the financial area if sales drop 2%
B) Assigning “high” impact to the productivity area if employee turnover increases
C) Assigning “low” impact to the reputation area if negative reviews decrease
D) Assigning “high” impact to the legal area if compliance violations occur

Answer 81

A

Question 82

Why are business leaders considered best suited to make decisions regarding impact measures?
A) Because they have expertise in IT security
B) Because they have insights into the organization’s goals and priorities
C) Because they have experience in risk assessment frameworks
D) Because they have access to external audit reports

Answer 82

A

Question 83

An asset can be compromised by more than one threat, so it is common to have more
than one threat scenario for each asset

Answer 83

T

Question 84

A(n) _________ is something of value and can be either hardware or software.
a. asset
b. service level agreement
c. threat
d. security plan
e. network design

Answer 84

A

Question 85

Why are an organization’s data considered important assets?
A) Because they are easily replaceable
B) Because they are crucial for the survival of the business
C) Because they are less valuable than hardware components
D) Because they do not require protection

Answer 85

B

Question 86

Why is it mentioned that if servers are destroyed, they can be replaced, but if data are destroyed, they cannot be replaced?
A) To emphasize the importance of hardware over data
B) To highlight the irrecoverable loss associated with data destruction
C) To encourage organizations to invest more in hardware protection
D) To discourage organizations from storing critical data

Answer 86

B

Question 87

What is emphasized regarding the documentation of assets?
A) Each asset should be documented, including a brief description of its criticality to the organization.
B) Only hardware assets need to be documented.
C) Documentation of assets is not necessary for IT security.
D) Only software assets need to be documented.

Answer 87

A. and owners of each asset shoould be identified

Question 88

What factor determines the actual probability of a threat occurring within an organization?
A) The organization’s location
B) The organization’s size
C) The nature of the organization’s business
D) The organization’s age

Answer 88

C

Question 89

Why is a bank more likely to be targeted by phishing than a family-owned store?
A) Because banks have less valuable data
B) Because family-owned stores have stronger cybersecurity measures
C) Because banks typically have more valuable data and are therefore more lucrative targets
D) Because family-owned stores are more technologically advanced

Answer 89

C

Question 90

Which types of organizations are among the most frequent targets of cyber threats?
A) Educational institutions and small businesses
B) Retail stores and restaurants
C) Healthcare providers, financial services firms, and government agencies
D) Nonprofit organizations and startups

Answer 90

C

Question 91

_______________ describes how an asset can be compromised by one specific threat.
a. Threat scenarios
b. Threat plans
c. Threat hacks
d. Threat contingencies
e. Threat attacks

Answer 91

A

Question 92

Which example illustrates a threat scenario?
A) A company losing customer trust due to a data breach
B) The impact of a malware attack on network performance
C) Confidentiality, integrity, and/or availability of client data compromised by information theft, data alteration, or natural disasters
D) A company’s financial loss due to a phishing attack

Answer 92

C

Question 93

What is included in a threat scenario?
A) Multiple assets and multiple threats
B) One asset, one threat, likelihood of the threat, and consequence
C) Likelihood of the threat and consequence only
D) Organization’s financial performance and response to a security breach

Answer 93

B. Likelihood of the threat ( high,low medium)
Consequence ( impact score)

Question 94

How many assets are typically considered in a threat scenario?
A) None
B) One
C) Multiple
D) It varies based on the organization’s size

Answer 94

A

Question 95

What does the likelihood of the threat happening indicate?
A) The financial impact of the threat
B) The probability of the threat occurring (high, medium, or low)
C) The consequence of the threat
D) The overall risk level of the organization

Answer 95

B

Question 96

What does the consequence in a threat scenario represent?
A) The likelihood of the threat occurring
B) The financial impact of the threat
C) The overall risk level of the organization
D) The impact score, indicating the severity of the threat’s consequences

Answer 96

D

Question 97

How is the risk score calculated for each threat scenario?
A) Likelihood + Impact Score
B) Likelihood / Impact Score
C) Likelihood x Impact Score
D) Likelihood - Impact Score

Answer 97

C

Question 98

We can calculate the relative ___________, by multiplying the impact score by the
likelihood.
a. rootkit
b. authentication
c. risk score
d. risk assessment
e. risk event

Answer 98

C

Question 99

What is the purpose of documenting existing controls in the risk control strategy?
A) To prioritize threat scenarios
B) To outline how the organization intends to address identified risks
C) To calculate the likelihood of the threat occurring
D) To assess the overall risk level of the organization

Answer 99

B

Question 100

How many risk control strategies are typically developed for each threat scenario?
A) None
B) One
C) Multiple
D) It varies based on the organization’s size

Answer 100

B

Question 101

What does it mean to “accept the risk” in risk control strategy?
A) Take no action to address the risk if it has low impact
B) Implement controls to minimize the risk’s impact
C) Purchase insurance coverage against the risk
D) Collect more information about the risk

Answer 101

A

Question 102

What does risk mitigation involve?
A) Sharing the risk with an insurance provider
B) Implementing controls to counter threats or minimize their impact
C) Deferring the risk to a later time
D) Accepting the risk without taking any action

Answer 102

B

Question 103

how does an organization share the risk according to the risk control strategy?
A) By implementing controls to minimize the risk’s impact
B) By purchasing insurance coverage against the risk
C) By deferring the risk to a later time
D) By accepting the risk without taking any action

Answer 103

b

Question 104

When is the risk deferred according to the risk control strategy?
A) When the risk has low impact
B) When there is a need to collect more information about the risk
C) When the risk requires immediate action
D) When the risk is shared with an insurance provider

Answer 104

b

Question 105

What types of measures are typically included in risk mitigation?
A) Purchasing insurance coverage
B) Implementing controls such as antivirus software, firewalls, or security training for employees
C) Deferring the risk to a later time
D) Accepting the risk without taking any action

Answer 105

b

Question 106

What is the purpose of listing specific controls in risk control strategy for a threat scenario?
A) To prioritize threat scenarios
B) To outline how the organization intends to address identified risks
C) To calculate the likelihood of the threat occurring
D) To assess the adequacy of existing controls

Answer 106

b

Question 107

When is the decision made to list specific controls in risk control strategy for a threat scenario?
A) If the risk control strategy is to accept the risk
B) If the risk control strategy is to defer the risk
C) If the risk control strategy is to mitigate the risk or share the risk
D) If the risk control strategy is to prioritize the ris

Answer 107

c

Question 108

What is the purpose of assessing the adequacy of existing controls for a threat scenario?
A) To determine the financial impact of the threat
B) To prioritize threat scenarios
C) To evaluate the effectiveness of existing controls in addressing the identified risk
D) To calculate the likelihood of the threat occurring

Answer 108

c

Question 109

How is the adequacy of existing controls typically assessed?
A) By purchasing insurance coverage
B) By consulting external auditors
C) By assigning blame for security breaches
D) By determining if the controls are high, medium, or low adequacy

Answer 109

d

Question 110

The ideal solution for planning for disaster recovery is to have a fully redundant
backup network placed in a different location that would not be threatened by the
same natural or manmade disaster that would destroy the original network.

Answer 110

T

Question 111

The key principle in preventing disruption, destruction and disaster is ___________.
a. redundancy
b. control spreadsheet
c. IDS
d. anti-virus software
e. prevention controls

Answer 111

A

Question 112

What is the purpose of identifying improvements in risk management?
A) To prioritize threat scenarios
B) To outline how the organization intends to address identified risks
C) To evaluate the effectiveness of existing controls
D) To enhance the control adequacy for threat scenarios with high risk scores or low control adequacies

Answer 112

D

Question 113

What is the criteria for examining threat scenarios with the highest risk scores?
A) To ensure they have the lowest level of control adequacy
B) To ensure they have at least a “high” level of control adequacy
C) To ensure they have at least a “medium” level of control adequacy
D) To ensure they have at least a “low” level of control adequacy

Answer 113

C

Question 114

What is the purpose of business continuity?
A) To ensure the uninterrupted operation of an organization’s data and applications despite disruptions, destruction, or disasters
B) To prioritize business objectives
C) To assign blame for security breaches
D) To assess the financial impact of threats

Answer 114

A

Question 115

What are the two main parts of a business continuity plan?
A) Preventive controls and insurance coverage
B) Preventive controls and risk assessment
C) Preventive controls and a disaster recovery plan
D) Risk assessment and disaster recovery plan

Answer 115

c

Question 116

What is the purpose of preventive controls in a business continuity plan?
A) To outline procedures to enable the organization to recover from a disaster
B) To assign blame for security breaches
C) To mitigate the impact of events on the organization
D) To prioritize business objectives

Answer 116

c

Question 117

Preventive controls mitigate or stop a person from acting or an event from occurring.

Answer 117

T

Question 118

What does a disaster recovery plan outline?
A) Procedures to enable the organization to recover from a disaster
B) Procedures to prevent disasters from occurring
C) Procedures to assess the financial impact of threats
D) Procedures to assign blame for security breaches

Answer 118

A

Question 119

What are major threats to business continuity?
A) Malware, hacking, and data breaches
B) Viruses, theft, denial of service attacks (DoS), device failures, and disasters
C) Employee turnover, marketing strategies, and supply chain disruptions
D) Financial market fluctuations, regulatory changes, and customer complaints

Answer 119

b

Question 120

What is the purpose of controls designed for virus protection?
A) To prevent theft of physical assets
B) To prevent unauthorized access to data
C) To prevent loss of service due to device failures
D) To prevent malware from infecting systems and causing disruptions

Answer 120

d

Question 121

What is the purpose of controls designed for virus protection?
A) To prevent theft of physical assets
B) To prevent unauthorized access to data
C) To prevent loss of service due to device failures
D) To prevent malware from infecting systems and causing disruption

Answer 121

D

Question 122

What do denial-of-service protection controls aim to prevent?
A) Unauthorized access to data
B) Theft of physical assets
C) Disruption of services by overwhelming the system’s resources
D) Malware infections

Answer 122

C

Question 123

. Social engineering refers to creating a team that solves virus problems

Answer 123

F

Question 124

A (n) ______ is a special type of virus that spreads itself without human intervention.
a. snake
b. worm
c. Trojan horse
d. boot sector virus
e. stealth virus

Answer 124

B

Question 125

What is the primary purpose of virus protection measures?
A) To prevent physical theft of assets
B) To prevent unauthorized access to data
C) To prevent the spread of malware, including viruses, ransomware, and macro viruses
D) To prevent denial of service attacks

Answer 125

C

Question 126

How do macro viruses spread?
A) Through email attachments
B) By infecting executable files
C) By attaching themselves to other programs or documents and spreading when those programs or files are executed
D) By exploiting vulnerabilities in network protocols

Answer 126

C

Question 127

What is the function of anti-virus software packages?
A) To prevent physical theft of assets
B) To prevent unauthorized access to data
C) To check disks and files for viruses and malware
D) To encrypt sensitive information

Answer 127

C

Question 128

Why is it mentioned that “anti-virus software is only as good as its last update”?
A) To emphasize the importance of regularly updating anti-virus software
B) To discourage the use of anti-virus software
C) To highlight the effectiveness of anti-virus software
D) To promote the use of alternative security measures

Answer 128

A

Question 129

The denial-of-service attack disrupts the network by flooding the network with
messages so that regular messages cannot be processed.

Answer 129

T

Question 130

A ____________ is a situation in which a hacker attempts to disrupt the network by
sending messages to the network that prevent normal users’ messages from being
processed.
a. denial-of-service attack
b. service level agreement
c. virus
d. spamming
e. scamming

Answer 130

A

Question 131

Which servers can be flooded in a Denial-of-Service (DoS) attack?
A) File servers
B) Database servers
C) Web servers, DNS servers, or email servers
D) Authentication servers

Answer 131

C

Question 132

Why is filtering messages from a single source IP sometimes ineffective in preventing network flooding?
A) Because attackers use physical methods to disrupt the target
B) Because attackers often use tools to falsify source IP addresses
C) Because network administrators fail to implement proper security measures
D) Because network protocols are inherently vulnerable to flooding attacks

Answer 132

B

Question 133

What characterizes a Distributed Denial-of-Service (DDoS) attack?
A) It involves a single attacker flooding the target with messages
B) It targets physical assets rather than disrupting services
C) It occurs when multiple attackers target a single server
D) It involves attackers gaining control of thousands of computers or smart devices to flood the targe

Answer 133

D

Question 134

How do attackers control compromised devices in a Distributed Denial-of-Service (DDoS) attack?
A) By physically accessing each compromised device
B) By installing software known as a DDoS agent, zombie, or bot on them
C) By encrypting messages sent to the compromised devices
D) By exploiting vulnerabilities in network protocols

Answer 134

B

Question 135

When someone external to your organization blocks access to your network and/or its
resources, this is known as a denial-of-service attack.

Answer 135

T

Question 136

Macro viruses can spread when an infected file is opened.

Answer 136

T

Question 137

Researchers estimate that only one or two new viruses are developed every week.

Answer 137

F

Question 138

DoS attackers generally use fake source IP addresses, making it harder to identify the
DoS messages.

Answer 138

T

Question 139

What is the purpose of traffic limiting in network security?
A) To block all incoming traffic from known malicious sources
B) To prioritize incoming traffic based on the source IP addresses
C) To allow all incoming traffic to pass through without restrictions
D) To limit incoming access regardless of the source when a flood of packets is detected

Answer 139

D. limit incoming access regardless of source (some may be legitimate)

Question 140

What is the purpose of a “traffic anomaly detector” in network security?
A) To block all incoming traffic from known malicious sources
B) To prioritize incoming traffic based on the source IP addresses
C) To analyze traffic patterns and detect anomalies in network traffic
D) To allow all incoming traffic to pass through without restrictions

Answer 140

C

Question 141

Where is the “traffic anomaly detector” typically installed?
A) Behind the main router or firewall
B) Inside the organization’s server room
C) In front of the organization’s web server
D) Within the organization’s network switches

Answer 141

A

Question 142

What action does the “traffic anomaly detector” take when it detects a sudden burst of abnormally high traffic?
A) It blocks all incoming traffic
B) It allows normal traffic to flow through without restrictions
C) It quarantines the incoming packets while allowing normal traffic to flow through
D) It shuts down the organization’s network entirely

Answer 142

C

Question 143

hat role does the “traffic anomaly analyzer” play in the network security process?
A) It prioritizes incoming traffic based on the source IP addresses
B) It blocks all incoming traffic from known malicious sources
C) It differentiates between normal and anomalous traffic and releases normal traffic into the organization’s network
D) It analyzes the organization’s outgoing network traffic

Answer 143

C

Question 144

How does the “traffic anomaly detector” interact with the ISP router in response to suspect traffic?
A) It shuts down the ISP router entirely
B) It allows all traffic to pass through the ISP router without restrictions
C) It reroutes suspect traffic to the anomaly analyzer, bypassing the main circuit leading into the organization
D) It informs the ISP router to block all incoming traffic

Answer 144

C

Question 145

What is the purpose of requiring ISPs to verify that all incoming messages have valid source IP addresses?
A) To prioritize incoming traffic based on the source IP addresses
B) To block all incoming traffic from known malicious sources
C) To prevent the use of fake IP addresses and facilitate the filtering of DDoS messages
D) To allow all incoming traffic to pass through without restrictions

Answer 145

C

Question 146

Why do ISPs impose security restrictions on small to medium-sized businesses?
A) Because they want to prioritize their traffic over others
B) Because they want to increase their revenue
C) Because small to medium-sized businesses are often unwilling accomplices in DDoS attacks due to poor security practices
D) Because they want to prevent these businesses from accessing the internet

Answer 146

c

Question 147

What is one example of a security restriction that ISPs may impose on businesses?
A) Requiring the implementation of firewalls to prevent unauthorized access
B) Requiring the implementation of VPNs for secure communication
C) Requiring the use of encryption for all data transmissions
D) Requiring the use of biometric authentication for network access

Answer 147

a

Question 148

Physical security of an organization’s IT resources is not an important element in
preventing intrusion to an internal LAN.

Answer 148

F

Question 149

Fault-intolerant servers contain many redundant components to prevent failure.

Answer 149

F

Question 150

What is the recommended approach to prevent device failure from impacting business continuity?
A) Implementing strict access control measures
B) Building redundancy into critical components
C) Increasing the bandwidth of the network connections
D) Implementing advanced encryption techniques

Answer 150

b

Question 151

Which components are examples of redundancy that can prevent device failure from impacting business continuity?
A) Redundant internet connections from the same common carrier
B) Single connections to the internet from multiple common carriers
C) Redundant core backbones supported by the same devices
D) Redundant distribution backbones with a single connection

Answer 151

b

Question 152

How should redundant internet connections be served to ensure proper redundancy?
A) They should be served by the same router for efficiency
B) They should be served by separate routers
C) They should be served by routers from the same manufacturer
D) They should be served by routers located in the same geographic area

Answer 152

b

Question 153

What is the purpose of providing redundancy in the internal network?
A) To increase the bandwidth of the network connections
B) To decrease the number of routers in the network
C) To ensure fault tolerance and prevent disruptions in critical services
D) To centralize network management and monitoring

Answer 153

c

Question 154

here should the focus be when selecting which parts of the network to provide redundancy?
A) On all network components equally
B) On mission-critical backbones and LANs leading to servers
C) On access layer LANs only
D) On non-essential network components

Answer 154

b

Question 155

. RAID1 writes duplicate copies of all data on at least two different disks; this means
that if one disk in the RAID array fails, there is no data loss because there is a second
copy of the data stored on a different disk. This is referred to as _____.
a. disk backup
b. hard drive duplication
c. cloud backups
d. disk duplication
e. disk mirroring

Answer 155

E

Question 156

What does RAID stand for?
a) Random Access Independent Disks
b) Redundant Arrays of Independent Drives
c) Redundant Arrays of Independent Disks
d) Remote Access and Information Distribution

Answer 156

C

Question 157

Which RAID level provides faster performance by writing or reading data in parallel across multiple disks?
a) RAID 0
b) RAID 1
c) RAID 5
d) RAID 6

Answer 157

A

Question 158

Which RAID level writes duplicate copies of all data on at least two different disks?
a) RAID 0
b) RAID 1
c) RAID 5
d) RAID 6

Answer 158

B

Question 159

Which RAID level provides error checking?
a) RAID 0
b) RAID 2
c) RAID 3
d) RAID 4

Answer 159

B

Question 160

Which RAID level can survive the failure of two drives with no data loss?
a) RAID 0
b) RAID 1
c) RAID 5
d) RAID 6

Answer 160

D

Question 161

An uninterruptible power supply utilizes a second redundant disk for every disk on
the server

Answer 161

F

Question 162

A(n) ___________ is one of the most common examples of redundancy built into a
network to help reduce the impact of disruption.
a. network cloaking device
b. backup punch card reader
c. uninterruptible power supply
d. service level agreement
e. help desk

Answer 162

c

Question 163

What is the purpose of an Uninterruptible Power Supply (UPS)?
a) To store data redundantly
b) To provide faster read/write access
c) To supply battery power during power outages
d) To increase the number of disks in a RAID array

Answer 163

c

Question 164

What other network components can Uninterruptible Power Supplies (UPS) apply to?
a) Printers
b) Circuits
c) Routers
d) All of the above

Answer 164

d

Question 165

The ideal solution for planning for disaster recovery is to have a fully redundant
backup network placed in a different location that would not be threatened by the
same natural or manmade disaster that would destroy the original network.

Answer 165

t

Question 166

What is the relationship between Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP)?
a) DRP and BCP are separate plans
b) DRP is a subset of BCP
c) BCP is a subset of DRP
d) DRP and BCP serve unrelated purposes

Answer 166

b

Question 167

What does a Disaster Recovery Plan (DRP) provide for?
a) Only complete recovery of data
b) Only partial recovery of data
c) Both partial and complete recovery of data
d) Only recovery of physical facilities

Answer 167

c

Question 168

How often do many organizations perform backups of critical information?
a) Daily
b) Weekly
c) Monthly
d) Annually

Answer 168

a

Question 169

What is the traditional method used for backups?
a) Hard drives
b) CDs
c) Tapes
d) Cloud storage

Answer 169

c

Question 170

What is the purpose of encrypting backups?
a) To speed up data transfer
b) To compress data
c) To ensure unauthorized users cannot access them
d) To reduce storage space

Answer 170

c

Question 171

Which type of data is often backed up on a weekly basis?
a) Critical information
b) Less critical data, such as email files
c) Both critical and less critical data
d) No data is backed up on a weekly basis

Answer 171

b

Question 172

What is Continuous Data Protection (CDP)?
a) A method for weekly backups
b) A real-time alternative to regular backups
c) A physical storage device
d) A type of encryption method

Answer 172

b

Question 173

What does Continuous Data Protection (CDP) allow for?
a) Weekly copies of selected data
b) Real-time copies of all data and transactions
c) Manual storage of data on CDP servers
d) Backing up data only once per day

Answer 173

b

Question 174

How are data and transactions stored with Continuous Data Protection (CDP)?
a) Stored offline
b) Stored in real-time on CDP servers
c) Stored on the originating server only
d) Stored on external hard drives

Answer 174

b

Question 175

What does Continuous Data Protection (CDP) enable in terms of restoration?
a) Restoration to a specific point in time
b) Restoration only to the most recent backup
c) Restoration to a specific date in the past
d) Restoration without time stamps

Answer 175

a

Question 176

What does a Disaster Recovery Plan (DRP) include in terms of recovery approach?
a) A documented approach but not tested
b) A tested approach without specific goals
c) A documented and tested approach with specific goals
d) A theoretical approach without testing or documentation

Answer 176

c

Question 177

What is the purpose of Disaster Recovery Drills?
a) To ensure data safety
b) To guarantee data usability
c) To test the recovery approach
d) To prevent disasters from happening

Answer 177

c

Question 178

What should a Disaster Recovery Plan (DRP) plan for?
a) Only for loss of the main database
b) Only for short outages of the data center
c) Only for minor disasters
d) Loss of main database or long outages of the data center

Answer 178

D

Question 179

What is the primary focus of Level 1 in Disaster Recovery Plans (DRPs)?
a) Outsourcing recovery efforts
b) Building enough capacity and spare equipment
c) Providing second level support for major disasters
d) Recovering from a minor disaster

Answer 179

d

Question 180

In Level 2 of Disaster Recovery Plans (DRPs), what is the main approach?
a) Building enough capacity and spare equipment
b) Outsourcing recovery efforts to professional firms
c) Providing support for minor disasters
d) Recovering from a major disaster

Answer 180

d. disaster recovery outsourcing

Question 181

What services does a Disaster Recovery Firm typically offer?
a) Only secure storage for backups
b) Only complete recovery of data and network
c) A range of services
d) Only networked data center for clients to use in disasters

Answer 181

c

Question 182

What is one of the primary advantages of a Disaster Recovery Firm?
a) Low cost
b) Slow recovery of data and network
c) Complete recovery within hours
d) Limited range of services

Answer 182

c

Question 183

Which type of organization is more likely to use a Disaster Recovery Firm?
a) Small businesses
b) Medium-sized businesses
c) Large organizations
d) Start-up companies

Answer 183

c