Module 2 quiz Flashcards

1
Q

With the removal of copyright protection mechanisms, software can be easily and illegally distributed and installed.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Compared to Website defacement, vandalism within a network is less malicious in intent and more public.
A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. A worm requires another program is running before it can begin functioning.
A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. Forces of nature, sometimes called Acts of God, can present some of the most dangerous threats because they usually occur with very little warning and are beyond the control of people.
A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. When electronic information is stolen, the crime is readily apparent.
A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. Organizations can use dictionaries to regulate password selection during the reset process and thus guard against easy-to-guess passwords.
A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. As an organization grows, it must often use more robust technology to replace the security technologies it may have outgrown.
A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. An advance-fee fraud attack involves the interception of cryptographic elements to determine keys and encryption algorithms.
A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. A sniffer program can reveal data transmitted on a network segment, including passwords, the embedded and attached files—such as word-processing documents—and sensitive data transmitted to or from applications.
A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. Media as a subset of information assets are the systems and networks that store, process, and transmit information.
A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. Attacks conducted by scripts are usually unpredictable.
A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. The information security function in an organization safeguards its technology assets.
A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. An e-mail bomb is a form of DoS attack
A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. When information gatherers employ techniques that cross a legal or ethical threshold, they are conducting______.
A

Industrial Espionage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. Human errors or failure often can be prevented with training, ongoing awareness activities, and _____.
A

Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Web hosting services are usually arranged with an agreement defining minimum service levels known as a(n) _______.
A

SLA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
  1. The ______ hijacking attack uses IP spoofing to enable an attacker to impersonate another entity on the network.
A

TCP (Transmission Control Protocol)

18
Q
  1. A table of hash values and their corresponding plaintext values that can be used to look up password values if an attacker is able to steal a system’s encrypted password file is known as a(n)______.
A

Rainbow Table

19
Q
  1. A short-term interruption in electrical power availability is known as a ____.
A

Fault

20
Q
  1. A _____ is an attack in which a coordinated stream of requests is launched against a target from many locations at the same time.
A

Distributed denial-of-service

21
Q
  1. The redirection of legitimate user Web traffic to illegitimate Web sites with the intent to collect personal information is known as _____.
A

Pharming

22
Q
  1. Hackers can be generalized into two skill groups: expert and _____
A

Novice

23
Q
  1. Microsoft acknowledged that if you type a res://URL (a Microsoft-devised type of URL) longer than ______ characters in Internet Explorer 4.0, the browser will crash.
A

256

24
Q
  1. The process of maintaining the confidentiality, integrity, and availability of data managed by a DBMS (Database Management System) is known as ______ security.
A

Database

25
Q
  1. In an ______ attack, the attacker sends a large number of connection or information requests to disrupt a target from a small number of sources.
A

denial-of-service

26
Q
  1. One form of online vandalism is ______ operations, which interfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency.
A

hacktivist

27
Q
  1. Which of the following is an example of a trojan horse program?
A

Happy99.exe

28
Q
  1. ______ is the premeditated, politically motivated attacks against information, computer systems, computer programs, and data that result in violence against noncombatant targets by subnational groups or clandestine agents.
A

cyberterrorism

29
Q
  1. In the _____ attack, an attacker monitors (sniffs) packets from a network, modifies them, and inserts them back into the network.
A

man-in-the-middle

30
Q
  1. The average amount of time between hardware failures, calculated as the total amount of operation time for a specified number of units divided by the total number of failures, is known as ______.
A

mean-time-between-failures (MTBF)

31
Q
  1. Acts of ______ can lead to unauthorized real or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to enter.
A

trespass

32
Q
  1. As frustrating as viruses and worms are, perhaps more money is spent on resolving virus _____.
A

hoaxes

33
Q
  1. ______ are malware programs that hide their true nature and reveal designed behavior only when activated.
A

trojan horses

34
Q
  1. A long-term interruption (outage) in electrical power availability is known as a(n) ____.
A

blackout

35
Q
  1. _____ is any technology that aids in gathering information about a person or organization without their knowledge.
A

spyware

36
Q
  1. Which of the following functions does information security perform for an organization?
A
  • All of the above
    Protecting the organization’s ability to function
    Enabling the safe operation of applications implemented on the organization’s IT system Protecting the data the organization collects and uses.
37
Q
  1. ______are compromised systems that are directed remotely (usually by a transmitted command) by the attacker to participate in an attack.
A

Zombies (safe definition alos applies to bots)

38
Q
  1. The _____ data file contains hashed representations of the user’s password.
A

SAM (Security Account Manager)

39
Q
  1. Advanced-fee fraud is an example of an ____ attack.
A

Social Engineering

40
Q
  1. The average amount of time until the next hardware failure is known as ____.
A

mean-time-to-failure (MTTF)