Chapter 11 Flashcards

1
Q

Security on a network not only means being able to prevent a hacker from breaking
into your computer but also includes being able to recover from temporary service
problems or from natural disasters.

A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The rise of the Internet has increased significantly the potential vulnerability of an
organization’s assets

A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The CERT ( Computer Emergency Response Team) was established at MIT

A

F. Carnegie Mellon University

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Confidentiality refers to the protection of the organizational data from unauthorized
disclosure of customer and proprietary data.

A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Maintaining data integrity is not a primary goal of security.

A

F

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

According to Symantec, more than 50% of all targeted companies had fewer than
2,500 employees because they
a. often have weaker security.
b. have more assets.
c. are more likely to have credit card numbers available.
d. are likely off-shore.
e. have lower bandwidth

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Why are smaller organizations often targeted by cyberattacks?
a) Due to their larger financial reserves
b) Because they have weaker security measures
c) They are less likely to hold valuable data
d) Their employees are more knowledgeable about cybersecurity

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In the context of transnational cybercrime, what does the text suggest about the effectiveness of enforcement measures?
a) Enforcement efforts have significantly reduced cybercrime rates.
b) Laws are well-established, but enforcement is slow.
c) International collaboration has streamlined enforcement processes.
d) Cybercriminals often face severe penalties, deterring further criminal activity.

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

According to the text, what is the legal status of unauthorized computer access in the United States?
a) It is not considered a crime.
b) It is only a crime if done for malicious purposes.
c) It is a federal crime.
d) It is regulated at the state level.

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following entities is mentioned as focusing on combating cybercriminal activities?
a) CERT
b) IETF
c) IEEE
d) ISO

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is one of the primary objectives of CERT, APWG, Kaspersky Lab, McAfee, and Symantec?
a) Promoting cybercriminal activities
b) Assisting individuals, organizations, and governments in combating cybercrime
c) Developing new cyber weapons
d) Hacking into government database

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How has the perception of hacking evolved over time, according to the text?
a) Hacking is no longer practiced.
b) Hacking is now considered a hobby.
c) Hacking has transitioned into a profession.
d) Hacking is exclusively conducted by amateurs.

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What can professional organizations be hired to do, according to the text?
a) Develop cybersecurity software
b) Break into specific networks to steal valuable information
c) Provide cybersecurity training to individuals
d) Assist law enforcement in apprehending cybercriminals

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What type of information do cybercriminals often target when breaking into networks?
a) Weather forecasts
b) Celebrity gossip
c) Credit card details, personal data, intellectual property, or computer code
d) Historical events

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How do cybercriminals often attempt to deceive individuals into revealing sensitive information?
a) By sending physical letters
b) Through social engineering, such as phishing emails
c) By making phone calls
d) By posting on social media

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The use of hacking techniques to bring attention to a larger political or social goal is
referred to as _____.
a. cracking
b. ethical politics
c. hacktivism
d. social engineering
e. brute force attacks

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Why has network security gained emphasis, according to the text?
a) Decreased reliance on digital technology
b) High-profile security breaches and government regulatory pronouncements
c) Rise of amateur hacking communities
d) Decreased interest in cyber activities

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

In addition to financial losses, what else can result from security breaches?
a) Increased consumer confidence
b) Expansion of business operations
c) Reduced consumer confidence
d) Decreased reliance on computer networks

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What factor contributes to the loss of income for organizations during security breaches?
a) Increased consumer spending
b) Systems being offline, especially if they are “mission-critical”
c) Enhanced cybersecurity measures
d) Improved employee productivity

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

According to the text, what are some potential consequences of the disruption of application systems that rely on computer networks?
a) Increased consumer confidence
b) Expansion of business operations
c) Financial losses
d) Reduced operational efficiency

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What does the term “mission-critical” refer to in the context of computer networks?
a) Systems that are not important for organizational survival
b) Systems that are critical to the survival of an organization
c) Systems that are rarely used by organizations
d) Systems that are easily replaceable

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

what exceeds the cost of networks themselves?
a) The value of data stored on organizations’ networks
b) The cost of cybersecurity measures
c) The maintenance expenses of networks
d) The cost of network hardware

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is highlighted as the primary objective of network security?
a) Protecting the physical infrastructure of networks
b) Safeguarding organizations’ data and application software
c) Securing the connections between different networks
d) Ensuring uninterrupted network access

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

what are the three primary goals of security?
a) Confirmation, Indemnification, Authentication
b) Confidentiality, Intimacy, Authentication
c) Confidentiality, Integrity, Availability
d) Confidentiality, Intrusion, Authentication

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What does confidentiality refer to in the context of security?
a) Ensuring the security of physical assets
b) Protecting organizational data from unauthorized disclosure
c) Preventing interruptions in service
d) Ensuring the accuracy of data

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is the goal of integrity in security?
a) Ensuring continuous operation of hardware and software
b) Protecting data from unauthorized disclosure
c) Ensuring that data remain unaltered and intact
d) Preventing unauthorized access to data

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What does availability focus on in terms of security?
a) Protecting data from unauthorized disclosure
b) Ensuring continuous operation of hardware and software
c) Ensuring the accuracy of data
d) Preventing unauthorized access to data

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

According to the text, what are the two main types of threats to confidentiality, integrity, and availability?
a) Cyber threats and physical threats
b) Insider threats and outsider threats
c) Ensuring business continuity and preventing unauthorized access
d) Software threats and hardware threats

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Business continuity planning refers primarily to ensuring availability, with some
aspects of data integrity

A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

A network switch failure is an example of a(n) ________ threat.
a. internal
b. disruptive
c. causal
d. intrusion
e. disaster

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What is one example of a disruption-related threat mentioned in the text?
a) Unauthorized access to network resources
b) Loss or reduction in network service
c) Data breaches resulting in confidential information leaks
d) Hardware failures causing data corruption

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

An example of _____ data would be if a computer virus eliminated files on that
computer.
a. disruption
b. controlled chaos
c. intrusion
d. destruction
e. disaster

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

A tornado that eliminates a network control center would be an example of a natural
__________.
a. disaster
b. disruption
c. controlled chaos
d. destruction
e. intrusion

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Intrusion primarily refers to the loss of confidentiality of organizational data.

A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What can disasters potentially destroy, according to the text?
a) Network hardware
b) Buildings housing network infrastructure
c) Data integrity
d) Software applications

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Often, incidents of unauthorized access known as___________, involve employees of
the organization, surprisingly enough.
a. intrusion
b. disruption
c. controlled chaos
d. destruction
e. disaster

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

A hacker gaining access to organizational data files and resources is an example of
a(n) ____________ threat.
a. disruptive
b. controlled chaos
c. disruptive
d. intrusion
e. disaster

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What is a common factor in almost half of intrusion incidents?
A) External hacking attempts
B) Inadequate cybersecurity measures
C) Involvement of competitors
D) Employee involvement

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What range of effects can intrusions have on organizations?
A) Limited to minor inconveniences
B) Primarily curiosity-driven exploration
C) Varying from curiosity-driven exploration to serious threats
D) Predominantly industrial espionage by competitors

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Which of the following is NOT listed as a serious threat posed by intrusions?
A) Industrial espionage by competitors
B) Theft of customer credit card numbers for identity theft
C) Unauthorized disclosure of internal memos
D) Fraudulent alteration or destruction of files to harm the organization

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What is the primary purpose of implementing network controls in a secure network?
A) Enhancing network speed
B) Reducing or eliminating threats to network security
C) Increasing network bandwidth
D) Improving network aesthetics

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Controls are mechanisms that reduce or eliminate threats to network security

A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What forms can network controls take?
A) Software, hardware, and human resources
B) Hardware and software only
C) Rules and procedures only
D) Software and procedures only

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What is the role of controls in relation to threats facing computer-based systems within an organization?
A) Enhancing the functionality of computer systems
B) Isolating computer systems from external networks
C) Preventing, detecting, and/or correcting potential issues
D) Creating new vulnerabilities within computer systems

A

c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Corrective controls reveal or discover unwanted events

A

F. Detect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Preventive controls mitigate or stop a person from acting or an event from occurring.

A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Which of the following is not one of the major categories (or sub-categories) into
which network security threats can be placed?
a. disruption
b. destruction
c. controlled chaos
d. intrusion
e. disaster

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

_________ controls stop a person from acting.
a. Detective
b. Corrective
c. Mitigating
d. Preventive
e. Backup

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

________ controls discover unwanted events.
a. Preventive
b. Corrective
c. Detective
d. Mitigating
e. Backup

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

________ controls fix a trespass into the network.
a. Corrective
b. Detective
c. Preventive
d. Mitigating

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

What does network security encompass besides preventing hackers from accessing computers?
A) Ensuring network speed optimization
B) Recovering from temporary service problems and natural disasters
C) Implementing new network features
D) Increasing network bandwidth

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

What is a crucial aspect of securing a network according to the provided text?
A) Implementing advanced encryption techniques
B) Assigning blame in case of security breaches
C) Having designated personnel accountable for controls
D) Ignoring temporary service problems

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

What responsibilities do personnel designated for network security have?
A) Developing controls, monitoring their effectiveness, and updating them as needed
B) Managing network aesthetics, updating software, and ensuring network stability
C) Enforcing strict user policies, optimizing network speed, and managing hardware procurement
D) Conducting routine network maintenance, designing network layouts, and troubleshooting user issues

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Why is periodic review of controls necessary for network security?
A) To increase network complexity
B) To enhance network aesthetics
C) To ensure controls are still effective and operational
D) To decrease network functionality

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

What should be done if there are procedures for temporary overrides on controls?
A) They should be loosely controlled to allow for flexibility
B) They should be tightly controlled and monitored
C) They should be ignored as they compromise network security
D) They should be disabled to prevent misuse

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

What is the initial step in developing a secure network?
A) Implementing advanced encryption techniques
B) Conducting a risk assessment
C) Assigning blame in case of security breaches
D) Ignoring potential security risksAnswer

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

What does a risk assessment involve?
A) Implementing controls to mitigate all risks
B) Prioritizing security risks to information systems and networks
C) Assigning blame for security breaches
D) Increasing network bandwidth

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

How are levels of risk assigned in a risk assessment?
A) By randomly assigning values to threats
B) By comparing the nature of threats to the controls designed to reduce them
C) By ignoring the nature of threats and focusing only on controls
D) By implementing all available controls

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

What is the aim of commonly used risk assessment frameworks?
A) To increase complexity and confuse readers
B) To provide strategies that are difficult to understand
C) To ensure understanding by both technical and non-technical readers
D) To focus solely on technical readers

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

What should a risk assessment clearly indicate?
A) The exact methods hackers use to attack networks
B) High-risk systems and network components, and implemented and required controls
C) The number of security breaches in the past year
D) The names of all employees responsible for network security

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Which organization developed the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) framework?
A) Computer Emergency Readiness Team
B) Information Systems Audit and Control Association
C) National Institute of Standards and Technology
D) Computer Emergency Response Team

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Which organization is responsible for the development of the Risk Management Guide for Information Technology Systems (NIST guide)?
A) Computer Emergency Readiness Team
B) Information Systems Audit and Control Association
C) National Institute of Standards and Technology
D) Computer Emergency Response Team

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Which organization is responsible for COBIT?
A) National Institute of Standards and Technology
B) Information Systems Audit and Control Association
C) Computer Emergency Readiness Team
D) Computer Emergency Response Team

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

What does COBIT stand for?
A) Computer Operations and Business Information Technology
B) Control Objectives for Information and Related Technology
C) Centralized Objectives for Business and Information Technology
D) Comprehensive Operations and Business Information Toolkit

A

b

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

What is the first common step shared by all three risk assessment frameworks?
A) Inventory IT assets
B) Develop risk measurement criteria
C) Identify improvements
D) Document existing controls

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

Which step involves compiling a list of all IT assets within an organization?
A) Identify threats
B) Develop risk measurement criteria
C) Inventory IT assets
D) Document existing controls

A

C. Step 2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

What is the purpose of identifying threats in the risk assessment process?
A) To develop risk measurement criteria
B) To inventory IT assets
C) To document existing controls
D) To understand potential risks to the organization’s IT environment

A

D. Step 3: Identify threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

Which step involves recording the current measures in place to mitigate risks?
A) Identify improvements
B) Develop risk measurement criteria
C) Inventory IT assets
D) Document existing controls

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

What is the final step common to all three frameworks?
A) Identify improvements
B) Develop risk measurement criteria
C) Inventory IT assets
D) Identify threats

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

A threat to the data communications network is any potential adverse occurrence that
can do harm, interrupt the systems using the network, or cause a monetary loss to the
organization

A

T

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

Companies have learned that threats from hacking from its own employees occur
about as often as by outsiders.

A

t

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

A ___________ assigns levels of risk to various threats to network security by
comparing the nature of the threats to the controls designed to reduce them.
a. risk assessment
b. backplane
c. mitigating control factor analysis
d. control verification worksheet
e. control test plan

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

What is the purpose of developing risk measurement criteria?
A) To identify potential threats to the organization
B) To assess the effectiveness of existing controls
C) To evaluate the impact of security threats on the organization
D) To inventory IT assets

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

A(n) __________ is any potential adverse occurrence that can do harm, interrupt the
system using the network to cause monetary loss to the organization.
a. asset
b. service level agreement
c. threat
d. security plan
e. network design

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

What are some common impact areas used in risk measurement criteria?
A) Inventory management, marketing, and sales
B) Financial, productivity, reputation, safety, and legal implications
C) Technical support, network infrastructure, and software development
D) Human resources, customer service, and administration

A

b

76
Q

Which of the following is not considered one of the five most common business
impacts?
a. Financial
b. Productivity
c. Reputation
d. Social
e. Safety

A

D

77
Q

Why is prioritization of impact areas important in risk assessment?
A) To assign a ranking to each impact area
B) To ensure all impact areas are addressed equally
C) To avoid distinguishing between impact areas
D) To focus resources on addressing the most critical concerns

A

D

78
Q

How do organizations determine the prioritization of impact areas?
A) By assigning equal importance to all impact areas
B) By consulting external auditors
C) Based on the specific needs and objectives of the organization
D) By following standardized industry guidelines

A

c

79
Q

Who is responsible for developing measures of high, medium, and low-impact areas in risk assessment?
A) IT administrators
B) Security analysts
C) Business leaders
D) External auditors

A

C

80
Q

What is the purpose of developing measures of high, medium, and low-impact areas?
A) To increase network bandwidth
B) To assign blame for security breaches
C) To evaluate the effectiveness of existing controls
D) To assess the severity of potential risks to the organization

A

D

81
Q

Which example is provided to illustrate how impact areas can be measured?
A) Assigning “low” impact to the financial area if sales drop 2%
B) Assigning “high” impact to the productivity area if employee turnover increases
C) Assigning “low” impact to the reputation area if negative reviews decrease
D) Assigning “high” impact to the legal area if compliance violations occur

A

A

82
Q

Why are business leaders considered best suited to make decisions regarding impact measures?
A) Because they have expertise in IT security
B) Because they have insights into the organization’s goals and priorities
C) Because they have experience in risk assessment frameworks
D) Because they have access to external audit reports

A

A

83
Q

An asset can be compromised by more than one threat, so it is common to have more
than one threat scenario for each asset

A

T

84
Q

A(n) _________ is something of value and can be either hardware or software.
a. asset
b. service level agreement
c. threat
d. security plan
e. network design

A

A

85
Q

Why are an organization’s data considered important assets?
A) Because they are easily replaceable
B) Because they are crucial for the survival of the business
C) Because they are less valuable than hardware components
D) Because they do not require protection

A

B

86
Q

Why is it mentioned that if servers are destroyed, they can be replaced, but if data are destroyed, they cannot be replaced?
A) To emphasize the importance of hardware over data
B) To highlight the irrecoverable loss associated with data destruction
C) To encourage organizations to invest more in hardware protection
D) To discourage organizations from storing critical data

A

B

87
Q

What is emphasized regarding the documentation of assets?
A) Each asset should be documented, including a brief description of its criticality to the organization.
B) Only hardware assets need to be documented.
C) Documentation of assets is not necessary for IT security.
D) Only software assets need to be documented.

A

A. and owners of each asset shoould be identified

88
Q

What factor determines the actual probability of a threat occurring within an organization?
A) The organization’s location
B) The organization’s size
C) The nature of the organization’s business
D) The organization’s age

A

C

89
Q

Why is a bank more likely to be targeted by phishing than a family-owned store?
A) Because banks have less valuable data
B) Because family-owned stores have stronger cybersecurity measures
C) Because banks typically have more valuable data and are therefore more lucrative targets
D) Because family-owned stores are more technologically advanced

A

C

90
Q

Which types of organizations are among the most frequent targets of cyber threats?
A) Educational institutions and small businesses
B) Retail stores and restaurants
C) Healthcare providers, financial services firms, and government agencies
D) Nonprofit organizations and startups

A

C

91
Q

_______________ describes how an asset can be compromised by one specific threat.
a. Threat scenarios
b. Threat plans
c. Threat hacks
d. Threat contingencies
e. Threat attacks

A

A

92
Q

Which example illustrates a threat scenario?
A) A company losing customer trust due to a data breach
B) The impact of a malware attack on network performance
C) Confidentiality, integrity, and/or availability of client data compromised by information theft, data alteration, or natural disasters
D) A company’s financial loss due to a phishing attack

A

C

93
Q

What is included in a threat scenario?
A) Multiple assets and multiple threats
B) One asset, one threat, likelihood of the threat, and consequence
C) Likelihood of the threat and consequence only
D) Organization’s financial performance and response to a security breach

A

B. Likelihood of the threat ( high,low medium)
Consequence ( impact score)

94
Q

How many assets are typically considered in a threat scenario?
A) None
B) One
C) Multiple
D) It varies based on the organization’s size

A

A

95
Q

What does the likelihood of the threat happening indicate?
A) The financial impact of the threat
B) The probability of the threat occurring (high, medium, or low)
C) The consequence of the threat
D) The overall risk level of the organization

A

B

96
Q

What does the consequence in a threat scenario represent?
A) The likelihood of the threat occurring
B) The financial impact of the threat
C) The overall risk level of the organization
D) The impact score, indicating the severity of the threat’s consequences

A

D

97
Q

How is the risk score calculated for each threat scenario?
A) Likelihood + Impact Score
B) Likelihood / Impact Score
C) Likelihood x Impact Score
D) Likelihood - Impact Score

A

C

98
Q

We can calculate the relative ___________, by multiplying the impact score by the
likelihood.
a. rootkit
b. authentication
c. risk score
d. risk assessment
e. risk event

A

C

99
Q

What is the purpose of documenting existing controls in the risk control strategy?
A) To prioritize threat scenarios
B) To outline how the organization intends to address identified risks
C) To calculate the likelihood of the threat occurring
D) To assess the overall risk level of the organization

A

B

100
Q

How many risk control strategies are typically developed for each threat scenario?
A) None
B) One
C) Multiple
D) It varies based on the organization’s size

A

B

101
Q

What does it mean to “accept the risk” in risk control strategy?
A) Take no action to address the risk if it has low impact
B) Implement controls to minimize the risk’s impact
C) Purchase insurance coverage against the risk
D) Collect more information about the risk

A

A

102
Q

What does risk mitigation involve?
A) Sharing the risk with an insurance provider
B) Implementing controls to counter threats or minimize their impact
C) Deferring the risk to a later time
D) Accepting the risk without taking any action

A

B

103
Q

how does an organization share the risk according to the risk control strategy?
A) By implementing controls to minimize the risk’s impact
B) By purchasing insurance coverage against the risk
C) By deferring the risk to a later time
D) By accepting the risk without taking any action

A

b

104
Q

When is the risk deferred according to the risk control strategy?
A) When the risk has low impact
B) When there is a need to collect more information about the risk
C) When the risk requires immediate action
D) When the risk is shared with an insurance provider

A

b

105
Q

What types of measures are typically included in risk mitigation?
A) Purchasing insurance coverage
B) Implementing controls such as antivirus software, firewalls, or security training for employees
C) Deferring the risk to a later time
D) Accepting the risk without taking any action

A

b

106
Q

What is the purpose of listing specific controls in risk control strategy for a threat scenario?
A) To prioritize threat scenarios
B) To outline how the organization intends to address identified risks
C) To calculate the likelihood of the threat occurring
D) To assess the adequacy of existing controls

A

b

107
Q

When is the decision made to list specific controls in risk control strategy for a threat scenario?
A) If the risk control strategy is to accept the risk
B) If the risk control strategy is to defer the risk
C) If the risk control strategy is to mitigate the risk or share the risk
D) If the risk control strategy is to prioritize the ris

A

c

108
Q

What is the purpose of assessing the adequacy of existing controls for a threat scenario?
A) To determine the financial impact of the threat
B) To prioritize threat scenarios
C) To evaluate the effectiveness of existing controls in addressing the identified risk
D) To calculate the likelihood of the threat occurring

A

c

109
Q

How is the adequacy of existing controls typically assessed?
A) By purchasing insurance coverage
B) By consulting external auditors
C) By assigning blame for security breaches
D) By determining if the controls are high, medium, or low adequacy

A

d

110
Q

The ideal solution for planning for disaster recovery is to have a fully redundant
backup network placed in a different location that would not be threatened by the
same natural or manmade disaster that would destroy the original network.

A

T

111
Q

The key principle in preventing disruption, destruction and disaster is ___________.
a. redundancy
b. control spreadsheet
c. IDS
d. anti-virus software
e. prevention controls

A

A

112
Q

What is the purpose of identifying improvements in risk management?
A) To prioritize threat scenarios
B) To outline how the organization intends to address identified risks
C) To evaluate the effectiveness of existing controls
D) To enhance the control adequacy for threat scenarios with high risk scores or low control adequacies

A

D

113
Q

What is the criteria for examining threat scenarios with the highest risk scores?
A) To ensure they have the lowest level of control adequacy
B) To ensure they have at least a “high” level of control adequacy
C) To ensure they have at least a “medium” level of control adequacy
D) To ensure they have at least a “low” level of control adequacy

A

C

114
Q

What is the purpose of business continuity?
A) To ensure the uninterrupted operation of an organization’s data and applications despite disruptions, destruction, or disasters
B) To prioritize business objectives
C) To assign blame for security breaches
D) To assess the financial impact of threats

A

A

115
Q

What are the two main parts of a business continuity plan?
A) Preventive controls and insurance coverage
B) Preventive controls and risk assessment
C) Preventive controls and a disaster recovery plan
D) Risk assessment and disaster recovery plan

A

c

116
Q

What is the purpose of preventive controls in a business continuity plan?
A) To outline procedures to enable the organization to recover from a disaster
B) To assign blame for security breaches
C) To mitigate the impact of events on the organization
D) To prioritize business objectives

A

c

117
Q

Preventive controls mitigate or stop a person from acting or an event from occurring.

A

T

118
Q
A
118
Q

What does a disaster recovery plan outline?
A) Procedures to enable the organization to recover from a disaster
B) Procedures to prevent disasters from occurring
C) Procedures to assess the financial impact of threats
D) Procedures to assign blame for security breaches

A

A

119
Q

What are major threats to business continuity?
A) Malware, hacking, and data breaches
B) Viruses, theft, denial of service attacks (DoS), device failures, and disasters
C) Employee turnover, marketing strategies, and supply chain disruptions
D) Financial market fluctuations, regulatory changes, and customer complaints

A

b

120
Q

What is the purpose of controls designed for virus protection?
A) To prevent theft of physical assets
B) To prevent unauthorized access to data
C) To prevent loss of service due to device failures
D) To prevent malware from infecting systems and causing disruptions

A

d

121
Q

What is the purpose of controls designed for virus protection?
A) To prevent theft of physical assets
B) To prevent unauthorized access to data
C) To prevent loss of service due to device failures
D) To prevent malware from infecting systems and causing disruption

A

D

122
Q

What do denial-of-service protection controls aim to prevent?
A) Unauthorized access to data
B) Theft of physical assets
C) Disruption of services by overwhelming the system’s resources
D) Malware infections

A

C

123
Q

. Social engineering refers to creating a team that solves virus problems

A

F

124
Q

A (n) ______ is a special type of virus that spreads itself without human intervention.
a. snake
b. worm
c. Trojan horse
d. boot sector virus
e. stealth virus

A

B

125
Q

What is the primary purpose of virus protection measures?
A) To prevent physical theft of assets
B) To prevent unauthorized access to data
C) To prevent the spread of malware, including viruses, ransomware, and macro viruses
D) To prevent denial of service attacks

A

C

126
Q

How do macro viruses spread?
A) Through email attachments
B) By infecting executable files
C) By attaching themselves to other programs or documents and spreading when those programs or files are executed
D) By exploiting vulnerabilities in network protocols

A

C

127
Q

What is the function of anti-virus software packages?
A) To prevent physical theft of assets
B) To prevent unauthorized access to data
C) To check disks and files for viruses and malware
D) To encrypt sensitive information

A

C

128
Q

Why is it mentioned that “anti-virus software is only as good as its last update”?
A) To emphasize the importance of regularly updating anti-virus software
B) To discourage the use of anti-virus software
C) To highlight the effectiveness of anti-virus software
D) To promote the use of alternative security measures

A

A

129
Q

The denial-of-service attack disrupts the network by flooding the network with
messages so that regular messages cannot be processed.

A

T

130
Q

A ____________ is a situation in which a hacker attempts to disrupt the network by
sending messages to the network that prevent normal users’ messages from being
processed.
a. denial-of-service attack
b. service level agreement
c. virus
d. spamming
e. scamming

A

A

131
Q

Which servers can be flooded in a Denial-of-Service (DoS) attack?
A) File servers
B) Database servers
C) Web servers, DNS servers, or email servers
D) Authentication servers

A

C

132
Q

Why is filtering messages from a single source IP sometimes ineffective in preventing network flooding?
A) Because attackers use physical methods to disrupt the target
B) Because attackers often use tools to falsify source IP addresses
C) Because network administrators fail to implement proper security measures
D) Because network protocols are inherently vulnerable to flooding attacks

A

B

133
Q

What characterizes a Distributed Denial-of-Service (DDoS) attack?
A) It involves a single attacker flooding the target with messages
B) It targets physical assets rather than disrupting services
C) It occurs when multiple attackers target a single server
D) It involves attackers gaining control of thousands of computers or smart devices to flood the targe

A

D

134
Q

How do attackers control compromised devices in a Distributed Denial-of-Service (DDoS) attack?
A) By physically accessing each compromised device
B) By installing software known as a DDoS agent, zombie, or bot on them
C) By encrypting messages sent to the compromised devices
D) By exploiting vulnerabilities in network protocols

A

B

135
Q

When someone external to your organization blocks access to your network and/or its
resources, this is known as a denial-of-service attack.

A

T

136
Q

Macro viruses can spread when an infected file is opened.

A

T

137
Q

Researchers estimate that only one or two new viruses are developed every week.

A

F

138
Q

DoS attackers generally use fake source IP addresses, making it harder to identify the
DoS messages.

A

T

139
Q

What is the purpose of traffic limiting in network security?
A) To block all incoming traffic from known malicious sources
B) To prioritize incoming traffic based on the source IP addresses
C) To allow all incoming traffic to pass through without restrictions
D) To limit incoming access regardless of the source when a flood of packets is detected

A

D. limit incoming access regardless of source (some may be legitimate)

140
Q

What is the purpose of a “traffic anomaly detector” in network security?
A) To block all incoming traffic from known malicious sources
B) To prioritize incoming traffic based on the source IP addresses
C) To analyze traffic patterns and detect anomalies in network traffic
D) To allow all incoming traffic to pass through without restrictions

A

C

141
Q

Where is the “traffic anomaly detector” typically installed?
A) Behind the main router or firewall
B) Inside the organization’s server room
C) In front of the organization’s web server
D) Within the organization’s network switches

A

A

142
Q

What action does the “traffic anomaly detector” take when it detects a sudden burst of abnormally high traffic?
A) It blocks all incoming traffic
B) It allows normal traffic to flow through without restrictions
C) It quarantines the incoming packets while allowing normal traffic to flow through
D) It shuts down the organization’s network entirely

A

C

143
Q

hat role does the “traffic anomaly analyzer” play in the network security process?
A) It prioritizes incoming traffic based on the source IP addresses
B) It blocks all incoming traffic from known malicious sources
C) It differentiates between normal and anomalous traffic and releases normal traffic into the organization’s network
D) It analyzes the organization’s outgoing network traffic

A

C

144
Q

How does the “traffic anomaly detector” interact with the ISP router in response to suspect traffic?
A) It shuts down the ISP router entirely
B) It allows all traffic to pass through the ISP router without restrictions
C) It reroutes suspect traffic to the anomaly analyzer, bypassing the main circuit leading into the organization
D) It informs the ISP router to block all incoming traffic

A

C

145
Q

What is the purpose of requiring ISPs to verify that all incoming messages have valid source IP addresses?
A) To prioritize incoming traffic based on the source IP addresses
B) To block all incoming traffic from known malicious sources
C) To prevent the use of fake IP addresses and facilitate the filtering of DDoS messages
D) To allow all incoming traffic to pass through without restrictions

A

C

146
Q

Why do ISPs impose security restrictions on small to medium-sized businesses?
A) Because they want to prioritize their traffic over others
B) Because they want to increase their revenue
C) Because small to medium-sized businesses are often unwilling accomplices in DDoS attacks due to poor security practices
D) Because they want to prevent these businesses from accessing the internet

A

c

147
Q

What is one example of a security restriction that ISPs may impose on businesses?
A) Requiring the implementation of firewalls to prevent unauthorized access
B) Requiring the implementation of VPNs for secure communication
C) Requiring the use of encryption for all data transmissions
D) Requiring the use of biometric authentication for network access

A

a

148
Q

Physical security of an organization’s IT resources is not an important element in
preventing intrusion to an internal LAN.

A

F

149
Q

Fault-intolerant servers contain many redundant components to prevent failure.

A

F

150
Q

What is the recommended approach to prevent device failure from impacting business continuity?
A) Implementing strict access control measures
B) Building redundancy into critical components
C) Increasing the bandwidth of the network connections
D) Implementing advanced encryption techniques

A

b

151
Q

Which components are examples of redundancy that can prevent device failure from impacting business continuity?
A) Redundant internet connections from the same common carrier
B) Single connections to the internet from multiple common carriers
C) Redundant core backbones supported by the same devices
D) Redundant distribution backbones with a single connection

A

b

152
Q

How should redundant internet connections be served to ensure proper redundancy?
A) They should be served by the same router for efficiency
B) They should be served by separate routers
C) They should be served by routers from the same manufacturer
D) They should be served by routers located in the same geographic area

A

b

153
Q

What is the purpose of providing redundancy in the internal network?
A) To increase the bandwidth of the network connections
B) To decrease the number of routers in the network
C) To ensure fault tolerance and prevent disruptions in critical services
D) To centralize network management and monitoring

A

c

154
Q

here should the focus be when selecting which parts of the network to provide redundancy?
A) On all network components equally
B) On mission-critical backbones and LANs leading to servers
C) On access layer LANs only
D) On non-essential network components

A

b

155
Q

. RAID1 writes duplicate copies of all data on at least two different disks; this means
that if one disk in the RAID array fails, there is no data loss because there is a second
copy of the data stored on a different disk. This is referred to as _____.
a. disk backup
b. hard drive duplication
c. cloud backups
d. disk duplication
e. disk mirroring

A

E

156
Q

What does RAID stand for?
a) Random Access Independent Disks
b) Redundant Arrays of Independent Drives
c) Redundant Arrays of Independent Disks
d) Remote Access and Information Distribution

A

C

157
Q

Which RAID level provides faster performance by writing or reading data in parallel across multiple disks?
a) RAID 0
b) RAID 1
c) RAID 5
d) RAID 6

A

A

158
Q

Which RAID level writes duplicate copies of all data on at least two different disks?
a) RAID 0
b) RAID 1
c) RAID 5
d) RAID 6

A

B

159
Q

Which RAID level provides error checking?
a) RAID 0
b) RAID 2
c) RAID 3
d) RAID 4

A

B

160
Q

Which RAID level can survive the failure of two drives with no data loss?
a) RAID 0
b) RAID 1
c) RAID 5
d) RAID 6

A

D

161
Q

An uninterruptible power supply utilizes a second redundant disk for every disk on
the server

A

F

162
Q

A(n) ___________ is one of the most common examples of redundancy built into a
network to help reduce the impact of disruption.
a. network cloaking device
b. backup punch card reader
c. uninterruptible power supply
d. service level agreement
e. help desk

A

c

163
Q

What is the purpose of an Uninterruptible Power Supply (UPS)?
a) To store data redundantly
b) To provide faster read/write access
c) To supply battery power during power outages
d) To increase the number of disks in a RAID array

A

c

164
Q

What other network components can Uninterruptible Power Supplies (UPS) apply to?
a) Printers
b) Circuits
c) Routers
d) All of the above

A

d

165
Q

The ideal solution for planning for disaster recovery is to have a fully redundant
backup network placed in a different location that would not be threatened by the
same natural or manmade disaster that would destroy the original network.

A

t

166
Q

What is the relationship between Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP)?
a) DRP and BCP are separate plans
b) DRP is a subset of BCP
c) BCP is a subset of DRP
d) DRP and BCP serve unrelated purposes

A

b

167
Q

What does a Disaster Recovery Plan (DRP) provide for?
a) Only complete recovery of data
b) Only partial recovery of data
c) Both partial and complete recovery of data
d) Only recovery of physical facilities

A

c

168
Q

How often do many organizations perform backups of critical information?
a) Daily
b) Weekly
c) Monthly
d) Annually

A

a

169
Q

What is the traditional method used for backups?
a) Hard drives
b) CDs
c) Tapes
d) Cloud storage

A

c

170
Q

What is the purpose of encrypting backups?
a) To speed up data transfer
b) To compress data
c) To ensure unauthorized users cannot access them
d) To reduce storage space

A

c

171
Q

Which type of data is often backed up on a weekly basis?
a) Critical information
b) Less critical data, such as email files
c) Both critical and less critical data
d) No data is backed up on a weekly basis

A

b

172
Q

What is Continuous Data Protection (CDP)?
a) A method for weekly backups
b) A real-time alternative to regular backups
c) A physical storage device
d) A type of encryption method

A

b

173
Q

What does Continuous Data Protection (CDP) allow for?
a) Weekly copies of selected data
b) Real-time copies of all data and transactions
c) Manual storage of data on CDP servers
d) Backing up data only once per day

A

b

174
Q

How are data and transactions stored with Continuous Data Protection (CDP)?
a) Stored offline
b) Stored in real-time on CDP servers
c) Stored on the originating server only
d) Stored on external hard drives

A

b

175
Q

What does Continuous Data Protection (CDP) enable in terms of restoration?
a) Restoration to a specific point in time
b) Restoration only to the most recent backup
c) Restoration to a specific date in the past
d) Restoration without time stamps

A

a

176
Q

What does a Disaster Recovery Plan (DRP) include in terms of recovery approach?
a) A documented approach but not tested
b) A tested approach without specific goals
c) A documented and tested approach with specific goals
d) A theoretical approach without testing or documentation

A

c

177
Q

What is the purpose of Disaster Recovery Drills?
a) To ensure data safety
b) To guarantee data usability
c) To test the recovery approach
d) To prevent disasters from happening

A

c

178
Q

What should a Disaster Recovery Plan (DRP) plan for?
a) Only for loss of the main database
b) Only for short outages of the data center
c) Only for minor disasters
d) Loss of main database or long outages of the data center

A

D

179
Q

What is the primary focus of Level 1 in Disaster Recovery Plans (DRPs)?
a) Outsourcing recovery efforts
b) Building enough capacity and spare equipment
c) Providing second level support for major disasters
d) Recovering from a minor disaster

A

d

180
Q

In Level 2 of Disaster Recovery Plans (DRPs), what is the main approach?
a) Building enough capacity and spare equipment
b) Outsourcing recovery efforts to professional firms
c) Providing support for minor disasters
d) Recovering from a major disaster

A

d. disaster recovery outsourcing

181
Q

What services does a Disaster Recovery Firm typically offer?
a) Only secure storage for backups
b) Only complete recovery of data and network
c) A range of services
d) Only networked data center for clients to use in disasters

A

c

182
Q

What is one of the primary advantages of a Disaster Recovery Firm?
a) Low cost
b) Slow recovery of data and network
c) Complete recovery within hours
d) Limited range of services

A

c

183
Q

Which type of organization is more likely to use a Disaster Recovery Firm?
a) Small businesses
b) Medium-sized businesses
c) Large organizations
d) Start-up companies

A

c

184
Q
A