Flashcards in 1200 Deck (100)
An organization that purchased security products from different vendors is demonstrating which security principle? A. obscurity B. diversity C. limiting D. layering
Each of the following can be classified as an "insider" except __________. A. business partners B. contractors C. cybercriminals D. employees
__________ are a network of attackers - identify thieves - and financial fraudsters. A. script kiddies B. hackers C. cybercriminals D. spies
Each of the following is a characteristic of cybercriminals except __________. A. better funded B. less risk-averse C. low motivation D. more tenacious
C. low motivation
Each of the following is a characteristic of cybercrime except __________. A. targeted attacks against financial networks B. exclusive use of worms and viruses C. unauthorized access to information D. theft of personal information
B. exclusive use of worms and viruses
An example of a(n) ___________ is a software defect in an operating system that allows an unauthorized user to gain access to a computer without a password. A. threat agent B. threat C. vulnerability D. asset exploit (AE)
__________ requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information and to protect all electronic and paper documents containing personally identifiable financial information. A. California Savings and Loan Security Act (CS&LSA) B. Gramm-Leach-Bliley Act (GLBA) C. USA Patriot Act D. Sarbanes-Oxley Act (Sarbox)
B. Gramm-Leach-Bliley Act (GLBA)
The term __________ is sometimes used to identify anyone who illegally breaks into a computer system. A. hacker B. cyberterrorist C. Internet Exploiter D. cyberrogue
An example of __________ is not revealing the type of computer - operating system - software - and network connection a computer uses. A. obscurity B. limiting c. diversity D. layering
The __________ is primarily responsible for assessment - management - and implementation of security. A. security manager B. security administrator C. Chief Information Security Officer (CISO) D. security technician
C. Chief Information Security Officer (CISO)
List the 3 protections or CIA.
List the 3 sets of protections that must be implemented to secure information or AAA.
List the 3 information security layers.
A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
Software code that gives access to a program or a service that circumvents normal security protections.
A logical computer network of zombies under the control of an attacker.
A malicious computer code that - like its biological counterpart - reproduces itself on the same computer.
Computer Virus (Virus)
The act of digging through trash receptacles to find information that can be useful in an attack.
A false warning.
An attack that creates a fictitious character and then plays out the role of that person on a victim.
Captures and stores each keystroke that a user types on the computer's keyboard.
Computer code that lies dormant until it is triggered by a specific logical event.
Software that enters a computer system without the user's knowledge or consent and then performs an unwanted - and usually harmful - action.
A phishing attack that automatically redirects the user to a fake site.
Sending an email or displaying a Web announcement that falsely claims to be form a legitimate enterprise in an attempt to trick the user into surrendering private information.
A set of software tools used by an attacker to hide the actions or presence of other types of malicious software.
Watching an authorized user enter a security code on a keypad.
A means of gathering information for an attack by relying on the weaknesses of individuals.