Review Questions Show
Nội dung chính
1.Each of the following is a reason why it is difficult to defend against today’s attackers except _____________ . A.speed of attacks B.greater sophistication of attacks C.complexity of attack tools D.delays in patching hardware and work software products 2.A(n) _____ attack takes advantage of vulnerabilities that have not been previously revealed. A.zero day B.quick vulnerability assessment (QVA) C.glamour D.signature-based attack 3._____ ensures that only authorized parties can view the information. A.Availability B.Integrity C.Confidentiality D.ICA 4.Each of the following is a successive layer in which information security is achieved except _________________. A.products B.people C.procedures D.Intrusion Wormhole Defense (IWD) 5.A(n) _____ is a person or thing that has the power to carry out a threat. A.vulnerability B.threat agent C.exploit D.risk factor 6.Each of the following is a goal of information security except __________. A.Prevent data theft B.Decrease user productivity C.Avoid legal consequences D.Foil cyberterrorism 7.The _____ requires that enterprises must guard protected health information and implement policies and procedures to safeguard it. A.Health Insurance Portability and Accountability Act (HIPAA) B.Sarbanes-Oxley Act (Sarbox) C.Gramm-Leach-Bliley Act (GLBA) D.Hospital Protection and Insurance Association Agreement (HPIAA) 8.Utility companies, telecommunications, and financial services are considered prime targets of _____ because attackers can significantly disrupt business and personal activities by destroying a few targets. A.cyberterrorists B.kiddie scripters C.computer spies D.blue hat hackers (BHH) 9.After an attacker probed a computer or network for information she would next ________. A.modify security settings B.penetrate any defenses C.paralyze networks and devices D.circulate to other systems 10.An organization that purchased security products from different vendors in case an attacker circumvented the Brand A device, yet would have more difficulty trying to break through a Brand B device because they are different, is an example of ________. A.obscurity B.layering C.limiting D.diversity 11._____ is a superset of information security and includes security issues that do not involve computers. A.Google reconnaissance B.Risk security (RS) C.Information assurance (IA) D.Asset restriction (AR) 12._____ attacks come from multiple sources instead of a single source. A.Distributed B.Isolated C.Script resource malware (SRM) D.Form resource 13._____ are a loose-knit network of attackers, identity thieves, and financial fraudsters. A.Cybercriminals B.Hackers C.Spies D.Script kiddies 14.Each of the following is a characteristic of cybercriminals except ________. A.low motivation B.less risk-averse C.better funded D.more tenacious 15.Each of the following is a characteristic of cybercrime except ________. A.targeted attacks against financial networks B.unauthorized access to information C.theft of personal information D.exclusive use of worms and viruses 16.An example of a(n) _____ is a software defect in an operating system that allows an unauthorized user to gain access to a computer without a password A.vulnerability B.threat C.threat agent D.asset exploit (AE) 17._____ requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information and to protect all electronic and paper containing personally identifiable financial information. A. California Savings and Loan Security Act (CS&LSA) B.USA Patriot Act C.Sarbanes-Oxley Act (Sarbox) D.Gramm-Leach-Bliley Act (GLBA) 18.The term _____is commonly used in a generic sense to identify anyone who illegally breaks into a computer system. A.hacker B.cyberterrorist C.Internet Exploiter D.cyberrogue 19.An example of _____would be not revealing the type of computer, operating system, software, and network connection a computer uses. A.diversity B.limiting C.obscurity D.layering 20.The _____ is primarily responsible for assessment, management, and implementation of security. A.Chief Information Security Officer (CISO) B.security manager C.security administrator D.security technician Although state-sponsored attackers are often referred to as advanced persistent threat (APT) actors, they often use common but effective tactics to access target networks, such as brute-force attacks, spear phishing, password spray techniques, credential harvesting, and exploiting vulnerabilities in VPN devices. Which term is used to describe an attack that occurs when a hacker uses a network sniffer?A replay attack occurs when a hacker uses a network sniffer to capture network traffic and then retransmits that traffic back on to the network at a later time. What term is used to describe an army of computers that attack a network simultaneously?A zombie army is used to attack computers or computer networks. Internet advertising firms often use which of the following to collect information about users web browsing habits? What type of theft involves stealing another person's personal information?Identity theft and identity fraud are terms used to refer to all types of crime in which someone wrongfully obtains and uses another person's personal data in some way that involves fraud or deception, typically for economic gain. Which term is used to describe the process of encasing one protocol or packet inside another protocol or packet quizlet?Tunneling is the act of transmitting a protocol across an intermediary network by encapsulating it in another protocol.
Which of the following network attacks consist of an attacker capturing network packets for a data stream between two other computers?A packet sniffing attack (or simply a sniffing attack) is a network-created threat where a malicious entity captures network packets intending to intercept or steal data traffic that may have been left unencrypted.
Which name is given to the security service of preventing access?A firewall is software or firmware that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of rules to identify and block threats.
Which of the following attacks collect authentication packets and then retransmit them later?A replay attack occurs when a cybercriminal eavesdrops on a secure network communication, intercepts it, and then fraudulently delays or resends it to misdirect the receiver into doing what the hacker wants.
|
