IS4550 CHAPTER 4

Question 1

Generally any business software that an end user (including customers) touches is considered an application is called ___.

Answer 1

APPLICATION SOFTWARE

Question 2

A formal program that reduces the likelihood of accidental or malicious loss of data is called ___.

Answer 2

DATA LEAKAGE PROTECTION (DLP)

Question 3

A formal program that reduces the likelihood of accidental or malicious loss of data is called ___.

Answer 3

DATA LOSS PROTECTION (DLP)

Question 4

In the context of workstation central management systems, refers to processes that determine what is installed on a workstation; it could also refer to knowing what information sits on a workstation is called ___.

Answer 4

DISCOVERY MANAGEMENT

Question 5

A logical piece of our technology infrastructure with similar risks and business requirements is called ___.

Answer 5

DOMAIN

Question 6

A policy that discusses what is acceptable when using the company email system is called ___.

Answer 6

EMAIL POLICY

Question 7

A protocol used to exchange files over a LAN or WAN is called ___.

Answer 7

FILE TRANSFER PROTOCOL (FTP)

Question 8

A device that filters the traffic in and out of a LAN is called ___.

Answer 8

FIREWALL

Question 9

A network with little or no controls that limit network traffic is called ___.

Answer 9

FLAT NETWORK

Question 10

In the context of workstation central management systems, provides support to the end user is called ___.

Answer 10

HELP DESK MANAGEMENT

Question 11

Used to connect multiple devices within a local area network. it has ports and as the traffic flows through the device, the traffic is duplicated so all ports can see the traffic is called ___.

Answer 11

HUB

Question 12

In the context of workstation central management systems, refers to tracking what workstation and related network devices exist is called ___.

Answer 12

INVENTORY MANAGEMENT

Question 13

Refers to the organization’s local area network infrastructure is called ___.

Answer 13

LAN DOMAIN

Question 14

Refers to the technical infrastructure that connects the organization’s local area network to a wide area network is called ___.

Answer 14

LAN-TO-WAN DOMAIN

Question 15

In the context of workstation central management systems, refers to extracting logs from the workstation is called ___.

Answer 15

LOG MANAGEMENT

Question 16

Refers to making sure that devices on the network, such as workstations and servers, have current patches from the vendor is called ___.

Answer 16

PATCH MANAGEMENT

Question 17

Places importance on privacy in the business and discusses the regularity landscape and government mandates and often talks about physical security and the importance of “locking up” sensitive information is called ___.

Answer 17

PRIVACY POLICY

Question 18

Refers to the technology that controls how end users connect to an organization’s local area network is called ___.

Answer 18

REMOTE ACCESS DOMAIN

Question 19

Enhanced authentication over what’s typically found in the office. Usually requires more than an ID and Password, such as a security token or smart card is called ___.

Answer 19

REMOTE AUTHENTICATION

Question 20

Connects local area networks to wide area networks is called ___.

Answer 20

ROUTER

Question 21

Usually refers to IT security, this can include making sure end users have limited rights and access controls are in place, among many other techniques and process is called ___.

Answer 21

SECURITY MANAGEMENT

Question 22

A network that limits how computers are able to talk to each other is called ___.

Answer 22

SEGMENT NETWORK

Question 23

A network device that can read communications traffic on a LAN is called ___.

Answer 23

SNIFFER

Question 24

A type of attack in which the hacker adds SQL code to a Web or application input to gain access to or alter data in the database is called ___.

Answer 24

STRUCTURED QUERY LANGUAGE (SQL) Injection

Question 25

A piece of equipment similar to a hub but can filter traffic. It typically routes traffic only to the port where the system is connected. This reduces network traffic, thus reducing the chance of someone intercepting the traffic is called ___.

Answer 25

SWITCH

Question 26

Rules of conduct on how and when access to systems is permitted. It covers end user credentials like IDs and passwords is called ___.

Answer 26

SYSTEM ACCESS POLICY

Question 27

Software that supports the running of the applications is called ___.

Answer 27

SYSTEM SOFTWARE

Question 28

This refers to the technology needed to collect, process, and store the information. It includes controls related to hardware and software is called ___.

Answer 28

SYSTEM/APPLICATION DOMAIN

Question 29

Requires end users to authenticate their identity using at least two of three different types of credentials. The three most commonly accepted types are something you know, something you have, and something you are is called ___.

Answer 29

TWO-FACTOR AUTHENTICATION

Question 30

This refers to any user accessing information and includes customers, employees, consultants, contractors, or any other third party is called ___.

Answer 30

USER DOMAIN

Question 31

This is set up between two devices to create an encrypted tunnel. All communications are protected from eaves dropping and considered highly secure and is called ___.

Answer 31

VIRTUAL PRIVATE NETWORK (VPN)

Question 32

This ___ includes wide area networks, which are networks that cover large geographical areas.

Answer 32

WAN DOMAIN

Question 33

Alterations to a Web page that result from a site defacement attack is called ___.

Answer 33

WEB GRAFFITI

Question 34

An attack on a Web site in which the site’s content is altered, usually in a way that embarrasses the site owner is called ___.

Answer 34

WEB SITE DEFACEMENT

Question 35

The refers to any computing device used by end users. This usually means a desktop or laptop that is the main computer for the user is called ___.

Answer 35

WORKSTATION DOMAIN

Question 36

1. Private WANs must be encrypted at all times.

TRUE OR FALSE

Answer 36

FALSE

Question 37

2. Which of the following attempts to identify where sensitive data is currently stored?
3. Data Leakage Protection Inventory
4. DLP Encryption Key
5. Data Loss Protection Perimeter
6. DLP Trojans

Answer 37

Data Leakage Protection Inventory

Question 38

3. Voice over Internet Protocol (VoIP) can be used over which of the following?
4. LAN
5. WAN
6. Both
7. Neither

Answer 38

LAN

WAN

Question 39

4. Which of the following is not one of the seven domains of typical IT infrastructure?
5. Remote Access Domain
6. LAN Domain
7. World Area Network Domain
8. System/Application Domain

Answer 39

World Area Network Domain

Question 40

5. Which of the seven domains refers to the technical infrastructure that connects the organizations’ LAN to WAN and allows end users to surf the Internet?

Answer 40

LAN to WAN Domain

Question 41

6. Many of the business benefits of Internet access over mobile devices include which of the following?
7. Competitive advantage through real-time data access
8. Increased customer responsiveness
9. Prevention of unauthorized access to customer private information
10. 1 & 2 only
11. None of the above

Answer 41

Competitive advantage through real-time data access

Increased customer responsiveness

Question 42

7. A ___ is a term that refers to a network that limits what and how computers are able to talk to each other.

Answer 42

Segmented network

Question 43

8. A LAN is efficient for connecting computers within an office or groups of buildings.
   TRUE OR FALSE

Answer 43

TRUE

Question 44

9. What policy generally requires that employees lock up all documents and digital media at the end of a workday and when not in use?
10. Acceptable use policy
11. Clean Desk policy
12. Privacy policy
13. Walk out policy

Answer 44

Clean Desk policy

Question 45

10. What employees learn in awareness training influences them more than what they see within their department.
    TRUE OR FALSE

Answer 45

FALSE

Question 46

11. What kink of workstation management refers to knowing what software is installed?
12. Inventory management
13. Patch management
14. Security management
15. Discovery management

Answer 46

Discovery management

Question 47

12. Always applying the most struck authentication method is the best way to protect the business and ensure achievement of goals.
    TRUE OR FALSE

Answer 47

FALSE

Question 48

13. Generally, remote authentication provides which of the following?
14. Fewer controls than if you were in the office
15. The same controls than if you were in the office
16. More controls than if you were in the office
17. Less need for controls than in the office

Answer 48

More controls than if you were in the office

Question 49

14. Remote access does not have to be encrypted if strong authentication is used.
    TRUE OR FALSE

Answer 49

FALSE

Question 50

15. Where is a DMZ usually located?
16. Inside the private LAN
17. Within the WAN
18. Between the private LAN and public WAN
19. Within the mail server

Answer 50

Between the private LAN and public WAN