Session 1 Flashcards

1
Q

Which three parts make up the CIA triangle?

Choices: 
A - Integrity
B - Availability
C - Classification
D - Accountability
E - Confidentiality
A

A - Integrity
B - Availability
E - Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which part of the CIA triangle ensures the data is accessible by those who need it, when they need it?

Choices: 
A - Integrity
B - Availability
C - Accountability
D - Confidentiality
A

B - Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Read the following sentence and indicate whether the word, risk, is correct or needs changing to a different answer: A risk is the possibility of data being compromised.

Choices: 
A - threat
B - mitigation
C - vulnerability
D - The word is correct in the sentence as is
A

A - threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a weakness in the CIA of data known as?

Choices: 
A - Risk
B - Threat
C - Acceptance
D - Vulnerability
A

D - Vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

______ and _____ should be used to control permissions.

Choices: 
A - Groups; roles
B - Logins; accounts
C - Users; management
D -Passwords; verification
A

A - Groups; roles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which are examples of social engineering? Choose three answers.

Choices: 
A - Phishing websites
B - IRS office audit
C - Student job shadowing
D - Emails asking for information
E - Phone calls asking for information
A

A - Phishing websites
D - Emails asking for information
E - Phone calls asking for information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The totality of ways in which a system can be attacked is known as the ________________.

Choices: 
A - attack area
B - attack surface
C - vulnerability area
D - vulnerability surface
A

B - attack surface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Look at the following statement and choose whether the phrase, Threat modeling, is correct or needs to be replaced: Threat modeling is the process of identifying threats and vulnerabilities and then defining preventative countermeasures.

Choices: 
A - Threat analysis
B - Attack analysis
C - Attack modeling
D - The statement is correct as is
A

D - The statement is correct as is

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is employing multiple layers of security commonly referred to as?

Choices: 
A - Firewalls
B - Sandboxing
C - Defense in depth
D - Preclusive defense
A

C - Defense in depth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Securing fences and gates with guards and using security cameras help secure which area of access control?

Choices: 
A - Internal perimeter
B - External perimeter
C - Separation barrier
D - Virtual private network
A

B - External perimeter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a secure area between an external and internal entry point known as?

Choices: 
A - Mantrap
B - Trap door
C - Zone of control
D - Entrapment zone
A

A - Mantrap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

For thumb drives and external drives, encryption through __________ should be used to encrypt the drive.

Choices: 
A - OpenPGP
B - BitLocker
C - Ciphertext
D - MetaFrame
A

B - BitLocker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The idea of restricting both physical and file/server access to only those who need it is known as ______________.

Choices: 
A - site security
B - access control
C - social engineering
D - principle of least privilege
A

B - access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which are methods for securing smartphones? Choose three answers.

Choices: 
A - Tethering
B - Biometrics
C - Mobile hotspots
D - Password/PIN protection
E - Mobile device management software
A

B - Biometrics
D - Password/PIN protection
E - Mobile device management software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Attackers use a __________ to intercept and record what people type.

Choices: 
A - rootkit
B - pastebin
C - keylogger
D - transient cookie
A

C - keylogger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What text-based files are gathered by third-party outfits to create targeted ads?

Choices: 
A - Cookies
B - Form data
C - Browsing history
D - Cached data and files
A

A - Cookies

17
Q

What are the four zones under the Security tab in Internet Options?

Choices: 
A - Internet
B - Protected
C - Trusted sites
D - Blocked sites
E - Local intranet
F - Restricted sites
A

A - Internet
C - Trusted sites
E - Local intranet
F - Restricted sites

18
Q

Which of the URL prefixes indicates that a website is secure?

Choices: 
A - ftp
B - http
C - https
D - shttp
A

C - https

19
Q

Which security method is considered the strongest for securing a wireless network?

Choices: 
A - WEP
B - WAP
C - WPA
D - WPA2
A

D - WPA2

20
Q

Which are ways to secure wireless networks? Choose three answers.

Choices:
A - Change the SSID
B - Use MAC filtering
C - Disable the SSID broadcast
D - Place the wireless access point high on a shelf
E - Place the wireless access point in a server closet

A

A - Change the SSID
B - Use MAC filtering
C - Disable the SSID broadcast