Part 1 Flashcards

0
Q

Maintaining a strong security posture can take advantage of numerous benefits namely:

Reduction in ______ being paid.

A

Insurance premiums

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

Building a Secure Organization

Building a secure organization is important to long- term success:

Maintaining a strong ______can take advantage of numerous benefits

A

Security posture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Maintaining a strong security posture can take advantage of numerous benefits namely:

Use its security program as a ____

A

marketing tool

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Maintaining a strong security posture can take advantage of numerous benefits

You will not have to spend time and money identifying _____

A

security breaches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

_____can cost an organization sig- nificantly through a tarnished reputation, lost business, and legal fees.

A

Security breaches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

HIPAA

A

Health Insurance Portability and Accountability Act (HIPAA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

GLBA

A

Gramm-Leach-Bliley Act (GLBA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Name three regulations that require businesses to maintain the security of information.

A

Health Insurance Portability and Accountability Act (HIPAA)

Gramm-Leach-Bliley Act (GLBA)

Sarbanes-Oxley Act,

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

OBSTACLES TO SECURITY

In attempting to build a secure organization, we should take a close look at the obstacles that make it challenging to build a totally secure organization.

Security Is _____

A

Inconvenient

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Security, by its very nature, is inconvenient, and the more _______, the more inconvenient the process becomes.

A

robust the security mechanisms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Employees in an organization have a job to do; _________

A

they want to get to work right away

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Most security mechanisms, from passwords to multifactor authentication, are seen as ____

A

roadblocks to productivity

Examples:

# whole disk encryption to laptop
# second login step
# lost productivity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

To gain a full appreciation of the frustration caused by security measures security lines at any ____

A

airport

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Security implementations are based on a _____;

A

Sliding scale

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Security implementations are based on a sliding scale; one end of the scale is ____ , the other is _______.

A

total security and total inconvenience

And

total insecurity and complete ease of use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

When we implement any security mechanism, it should be placed on the scale where the _______ match the ________ for the organization.

A

level of security and ease of use

acceptable level of risk

16
Q

Computers Are Powerful and Complex

Most people are unfamiliar with the _____ and what goes on “behind the scenes.”

A

way computers truly function

Things such as the Windows Registry, ports, and services are completely unknown to most users and poorly understood by many computer industry professionals.

17
Q

For example, many indi- viduals still believe that a Windows login password pro- tects data on a computer. On the contrary—

A

someone can simply take the hard drive out of the computer, install it as a slave drive in another computer, or place it in a USB drive enclosure, and all the data will be readily accessible.

18
Q

Computers Are ____

Computer Users Are ____

A

Powerful and Complex

Unsophisticated

19
Q

Computer Users Are Unsophisticated

Many computer users believe that because they are skilled at generating spreadsheets, word processing documents, and presentations, they “know everything about comput- ers.” These “_____” have moved beyond application basics, but many still do not understand even basic security concepts.

A

power users

20
Q

Many users will indiscriminately ____ and visit _______despite the fact that these actions could violate company policies.

A

install software and questionable Web sites

21
Q

The “bad guys”— people who want to steal information from or wreak havoc on computers systems—have also identified that the aver- age user is a ____.

A

weak link in the security chain

22
Q

As companies began investing more money in perimeter defenses, attackers look to _____

A

the path of least resistance.

23
Q

They send malware as attachments to email, ____

A

asking recipients to open the attachment.

24
Despite being told not to open attachments from unknown senders or simply not to open attachments at all, _____. The “I Love You Virus” spread very rapidly in this manner.
employees consistently violate this policy, wreaking havoc on their networks
25
Computers Created ____
Without a Thought to Security
26
Computers Created Without a Thought to Security During the development of personal computers (PCs), _________ They were developed almost as curiosities.
no thought was put into security.
27
Even as they became more advanced and complex, all effort was focused on developing greater sophistication and capabilities; _____
no one thought they would have security issues.
28
_____ was not an issue back then
Security
29
The develop-ment of computers was focused on _____
what they could do, not how they could be attacked.
30
As computers began to be interconnected, the driving force was ____
providing the ability to share information, cer- tainly not to protect it.
31
Current Trend Is to Share, ____
Not Protect
32
Even now, despite the stories of compromised data, people still want to share their data with everyone. And _____ are making this easier to do than simply attaching a file to an email.
Web-based applications
33
_____ sites pro- vide the ability to share files
Social networking
34
These sites can allow proprietary data to leave an organization by ____.
bypassing security mechanisms