Session 1 Flashcards
Which three parts make up the CIA triangle?
Choices: A - Integrity B - Availability C - Classification D - Accountability E - Confidentiality
A - Integrity
B - Availability
E - Confidentiality
Which part of the CIA triangle ensures the data is accessible by those who need it, when they need it?
Choices: A - Integrity B - Availability C - Accountability D - Confidentiality
B - Availability
Read the following sentence and indicate whether the word, risk, is correct or needs changing to a different answer: A risk is the possibility of data being compromised.
Choices: A - threat B - mitigation C - vulnerability D - The word is correct in the sentence as is
A - threat
What is a weakness in the CIA of data known as?
Choices: A - Risk B - Threat C - Acceptance D - Vulnerability
D - Vulnerability
______ and _____ should be used to control permissions.
Choices: A - Groups; roles B - Logins; accounts C - Users; management D -Passwords; verification
A - Groups; roles
Which are examples of social engineering? Choose three answers.
Choices: A - Phishing websites B - IRS office audit C - Student job shadowing D - Emails asking for information E - Phone calls asking for information
A - Phishing websites
D - Emails asking for information
E - Phone calls asking for information
The totality of ways in which a system can be attacked is known as the ________________.
Choices: A - attack area B - attack surface C - vulnerability area D - vulnerability surface
B - attack surface
Look at the following statement and choose whether the phrase, Threat modeling, is correct or needs to be replaced: Threat modeling is the process of identifying threats and vulnerabilities and then defining preventative countermeasures.
Choices: A - Threat analysis B - Attack analysis C - Attack modeling D - The statement is correct as is
D - The statement is correct as is
What is employing multiple layers of security commonly referred to as?
Choices: A - Firewalls B - Sandboxing C - Defense in depth D - Preclusive defense
C - Defense in depth
Securing fences and gates with guards and using security cameras help secure which area of access control?
Choices: A - Internal perimeter B - External perimeter C - Separation barrier D - Virtual private network
B - External perimeter
What is a secure area between an external and internal entry point known as?
Choices: A - Mantrap B - Trap door C - Zone of control D - Entrapment zone
A - Mantrap
For thumb drives and external drives, encryption through __________ should be used to encrypt the drive.
Choices: A - OpenPGP B - BitLocker C - Ciphertext D - MetaFrame
B - BitLocker
The idea of restricting both physical and file/server access to only those who need it is known as ______________.
Choices: A - site security B - access control C - social engineering D - principle of least privilege
B - access control
Which are methods for securing smartphones? Choose three answers.
Choices: A - Tethering B - Biometrics C - Mobile hotspots D - Password/PIN protection E - Mobile device management software
B - Biometrics
D - Password/PIN protection
E - Mobile device management software
Attackers use a __________ to intercept and record what people type.
Choices: A - rootkit B - pastebin C - keylogger D - transient cookie
C - keylogger