Chapter 11 Flashcards by Moon Le

Security on a network not only means being able to prevent a hacker from breaking
into your computer but also includes being able to recover from temporary service
problems or from natural disasters.

How well did you know this?

Not at all

Perfectly

The rise of the Internet has increased significantly the potential vulnerability of an
organization’s assets

How well did you know this?

Not at all

Perfectly

The CERT ( Computer Emergency Response Team) was established at MIT

F. Carnegie Mellon University

How well did you know this?

Not at all

Perfectly

Confidentiality refers to the protection of the organizational data from unauthorized
disclosure of customer and proprietary data.

How well did you know this?

Not at all

Perfectly

Maintaining data integrity is not a primary goal of security.

How well did you know this?

Not at all

Perfectly

According to Symantec, more than 50% of all targeted companies had fewer than
2,500 employees because they
a. often have weaker security.
b. have more assets.
c. are more likely to have credit card numbers available.
d. are likely off-shore.
e. have lower bandwidth

How well did you know this?

Not at all

Perfectly

Why are smaller organizations often targeted by cyberattacks?
a) Due to their larger financial reserves
b) Because they have weaker security measures
c) They are less likely to hold valuable data
d) Their employees are more knowledgeable about cybersecurity

How well did you know this?

Not at all

Perfectly

In the context of transnational cybercrime, what does the text suggest about the effectiveness of enforcement measures?
a) Enforcement efforts have significantly reduced cybercrime rates.
b) Laws are well-established, but enforcement is slow.
c) International collaboration has streamlined enforcement processes.
d) Cybercriminals often face severe penalties, deterring further criminal activity.

How well did you know this?

Not at all

Perfectly

According to the text, what is the legal status of unauthorized computer access in the United States?
a) It is not considered a crime.
b) It is only a crime if done for malicious purposes.
c) It is a federal crime.
d) It is regulated at the state level.

How well did you know this?

Not at all

Perfectly

Which of the following entities is mentioned as focusing on combating cybercriminal activities?
a) CERT
b) IETF
c) IEEE
d) ISO

How well did you know this?

Not at all

Perfectly

What is one of the primary objectives of CERT, APWG, Kaspersky Lab, McAfee, and Symantec?
a) Promoting cybercriminal activities
b) Assisting individuals, organizations, and governments in combating cybercrime
c) Developing new cyber weapons
d) Hacking into government database

How well did you know this?

Not at all

Perfectly

How has the perception of hacking evolved over time, according to the text?
a) Hacking is no longer practiced.
b) Hacking is now considered a hobby.
c) Hacking has transitioned into a profession.
d) Hacking is exclusively conducted by amateurs.

How well did you know this?

Not at all

Perfectly

What can professional organizations be hired to do, according to the text?
a) Develop cybersecurity software
b) Break into specific networks to steal valuable information
c) Provide cybersecurity training to individuals
d) Assist law enforcement in apprehending cybercriminals

How well did you know this?

Not at all

Perfectly

What type of information do cybercriminals often target when breaking into networks?
a) Weather forecasts
b) Celebrity gossip
c) Credit card details, personal data, intellectual property, or computer code
d) Historical events

How well did you know this?

Not at all

Perfectly

How do cybercriminals often attempt to deceive individuals into revealing sensitive information?
a) By sending physical letters
b) Through social engineering, such as phishing emails
c) By making phone calls
d) By posting on social media

How well did you know this?

Not at all

Perfectly

The use of hacking techniques to bring attention to a larger political or social goal is
referred to as _____.
a. cracking
b. ethical politics
c. hacktivism
d. social engineering
e. brute force attacks

How well did you know this?

Not at all

Perfectly

Why has network security gained emphasis, according to the text?
a) Decreased reliance on digital technology
b) High-profile security breaches and government regulatory pronouncements
c) Rise of amateur hacking communities
d) Decreased interest in cyber activities

How well did you know this?

Not at all

Perfectly

In addition to financial losses, what else can result from security breaches?
a) Increased consumer confidence
b) Expansion of business operations
c) Reduced consumer confidence
d) Decreased reliance on computer networks

How well did you know this?

Not at all

Perfectly

What factor contributes to the loss of income for organizations during security breaches?
a) Increased consumer spending
b) Systems being offline, especially if they are “mission-critical”
c) Enhanced cybersecurity measures
d) Improved employee productivity

How well did you know this?

Not at all

Perfectly

According to the text, what are some potential consequences of the disruption of application systems that rely on computer networks?
a) Increased consumer confidence
b) Expansion of business operations
c) Financial losses
d) Reduced operational efficiency

How well did you know this?

Not at all

Perfectly

What does the term “mission-critical” refer to in the context of computer networks?
a) Systems that are not important for organizational survival
b) Systems that are critical to the survival of an organization
c) Systems that are rarely used by organizations
d) Systems that are easily replaceable

How well did you know this?

Not at all

Perfectly

what exceeds the cost of networks themselves?
a) The value of data stored on organizations’ networks
b) The cost of cybersecurity measures
c) The maintenance expenses of networks
d) The cost of network hardware

How well did you know this?

Not at all

Perfectly

What is highlighted as the primary objective of network security?
a) Protecting the physical infrastructure of networks
b) Safeguarding organizations’ data and application software
c) Securing the connections between different networks
d) Ensuring uninterrupted network access

How well did you know this?

Not at all

Perfectly

what are the three primary goals of security?
a) Confirmation, Indemnification, Authentication
b) Confidentiality, Intimacy, Authentication
c) Confidentiality, Integrity, Availability
d) Confidentiality, Intrusion, Authentication

How well did you know this?

Not at all

Perfectly

What does confidentiality refer to in the context of security? a) Ensuring the security of physical assets b) Protecting organizational data from unauthorized disclosure c) Preventing interruptions in service d) Ensuring the accuracy of data

What is the goal of integrity in security? a) Ensuring continuous operation of hardware and software b) Protecting data from unauthorized disclosure c) Ensuring that data remain unaltered and intact d) Preventing unauthorized access to data

What does availability focus on in terms of security? a) Protecting data from unauthorized disclosure b) Ensuring continuous operation of hardware and software c) Ensuring the accuracy of data d) Preventing unauthorized access to data

According to the text, what are the two main types of threats to confidentiality, integrity, and availability? a) Cyber threats and physical threats b) Insider threats and outsider threats c) Ensuring business continuity and preventing unauthorized access d) Software threats and hardware threats

Business continuity planning refers primarily to ensuring availability, with some aspects of data integrity

A network switch failure is an example of a(n) ________ threat. a. internal b. disruptive c. causal d. intrusion e. disaster

What is one example of a disruption-related threat mentioned in the text? a) Unauthorized access to network resources b) Loss or reduction in network service c) Data breaches resulting in confidential information leaks d) Hardware failures causing data corruption

An example of _____ data would be if a computer virus eliminated files on that computer. a. disruption b. controlled chaos c. intrusion d. destruction e. disaster

A tornado that eliminates a network control center would be an example of a natural __________. a. disaster b. disruption c. controlled chaos d. destruction e. intrusion

Intrusion primarily refers to the loss of confidentiality of organizational data.

What can disasters potentially destroy, according to the text? a) Network hardware b) Buildings housing network infrastructure c) Data integrity d) Software applications

Often, incidents of unauthorized access known as___________, involve employees of the organization, surprisingly enough. a. intrusion b. disruption c. controlled chaos d. destruction e. disaster

A hacker gaining access to organizational data files and resources is an example of a(n) ____________ threat. a. disruptive b. controlled chaos c. disruptive d. intrusion e. disaster

What is a common factor in almost half of intrusion incidents? A) External hacking attempts B) Inadequate cybersecurity measures C) Involvement of competitors D) Employee involvement

What range of effects can intrusions have on organizations? A) Limited to minor inconveniences B) Primarily curiosity-driven exploration C) Varying from curiosity-driven exploration to serious threats D) Predominantly industrial espionage by competitors

Which of the following is NOT listed as a serious threat posed by intrusions? A) Industrial espionage by competitors B) Theft of customer credit card numbers for identity theft C) Unauthorized disclosure of internal memos D) Fraudulent alteration or destruction of files to harm the organization

What is the primary purpose of implementing network controls in a secure network? A) Enhancing network speed B) Reducing or eliminating threats to network security C) Increasing network bandwidth D) Improving network aesthetics

Controls are mechanisms that reduce or eliminate threats to network security

What forms can network controls take? A) Software, hardware, and human resources B) Hardware and software only C) Rules and procedures only D) Software and procedures only

What is the role of controls in relation to threats facing computer-based systems within an organization? A) Enhancing the functionality of computer systems B) Isolating computer systems from external networks C) Preventing, detecting, and/or correcting potential issues D) Creating new vulnerabilities within computer systems

Corrective controls reveal or discover unwanted events

F. Detect

Preventive controls mitigate or stop a person from acting or an event from occurring.

Which of the following is not one of the major categories (or sub-categories) into which network security threats can be placed? a. disruption b. destruction c. controlled chaos d. intrusion e. disaster

_________ controls stop a person from acting. a. Detective b. Corrective c. Mitigating d. Preventive e. Backup

________ controls discover unwanted events. a. Preventive b. Corrective c. Detective d. Mitigating e. Backup

________ controls fix a trespass into the network. a. Corrective b. Detective c. Preventive d. Mitigating

What does network security encompass besides preventing hackers from accessing computers? A) Ensuring network speed optimization B) Recovering from temporary service problems and natural disasters C) Implementing new network features D) Increasing network bandwidth

What is a crucial aspect of securing a network according to the provided text? A) Implementing advanced encryption techniques B) Assigning blame in case of security breaches C) Having designated personnel accountable for controls D) Ignoring temporary service problems

What responsibilities do personnel designated for network security have? A) Developing controls, monitoring their effectiveness, and updating them as needed B) Managing network aesthetics, updating software, and ensuring network stability C) Enforcing strict user policies, optimizing network speed, and managing hardware procurement D) Conducting routine network maintenance, designing network layouts, and troubleshooting user issues

Why is periodic review of controls necessary for network security? A) To increase network complexity B) To enhance network aesthetics C) To ensure controls are still effective and operational D) To decrease network functionality

What should be done if there are procedures for temporary overrides on controls? A) They should be loosely controlled to allow for flexibility B) They should be tightly controlled and monitored C) They should be ignored as they compromise network security D) They should be disabled to prevent misuse

What is the initial step in developing a secure network? A) Implementing advanced encryption techniques B) Conducting a risk assessment C) Assigning blame in case of security breaches D) Ignoring potential security risksAnswer

What does a risk assessment involve? A) Implementing controls to mitigate all risks B) Prioritizing security risks to information systems and networks C) Assigning blame for security breaches D) Increasing network bandwidth

How are levels of risk assigned in a risk assessment? A) By randomly assigning values to threats B) By comparing the nature of threats to the controls designed to reduce them C) By ignoring the nature of threats and focusing only on controls D) By implementing all available controls

What is the aim of commonly used risk assessment frameworks? A) To increase complexity and confuse readers B) To provide strategies that are difficult to understand C) To ensure understanding by both technical and non-technical readers D) To focus solely on technical readers

What should a risk assessment clearly indicate? A) The exact methods hackers use to attack networks B) High-risk systems and network components, and implemented and required controls C) The number of security breaches in the past year D) The names of all employees responsible for network security

Which organization developed the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) framework? A) Computer Emergency Readiness Team B) Information Systems Audit and Control Association C) National Institute of Standards and Technology D) Computer Emergency Response Team

Which organization is responsible for the development of the Risk Management Guide for Information Technology Systems (NIST guide)? A) Computer Emergency Readiness Team B) Information Systems Audit and Control Association C) National Institute of Standards and Technology D) Computer Emergency Response Team

Which organization is responsible for COBIT? A) National Institute of Standards and Technology B) Information Systems Audit and Control Association C) Computer Emergency Readiness Team D) Computer Emergency Response Team

What does COBIT stand for? A) Computer Operations and Business Information Technology B) Control Objectives for Information and Related Technology C) Centralized Objectives for Business and Information Technology D) Comprehensive Operations and Business Information Toolkit

What is the first common step shared by all three risk assessment frameworks? A) Inventory IT assets B) Develop risk measurement criteria C) Identify improvements D) Document existing controls

Which step involves compiling a list of all IT assets within an organization? A) Identify threats B) Develop risk measurement criteria C) Inventory IT assets D) Document existing controls

C. Step 2

What is the purpose of identifying threats in the risk assessment process? A) To develop risk measurement criteria B) To inventory IT assets C) To document existing controls D) To understand potential risks to the organization's IT environment

D. Step 3: Identify threat

Which step involves recording the current measures in place to mitigate risks? A) Identify improvements B) Develop risk measurement criteria C) Inventory IT assets D) Document existing controls

What is the final step common to all three frameworks? A) Identify improvements B) Develop risk measurement criteria C) Inventory IT assets D) Identify threats

A threat to the data communications network is any potential adverse occurrence that can do harm, interrupt the systems using the network, or cause a monetary loss to the organization

Companies have learned that threats from hacking from its own employees occur about as often as by outsiders.

A ___________ assigns levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them. a. risk assessment b. backplane c. mitigating control factor analysis d. control verification worksheet e. control test plan

What is the purpose of developing risk measurement criteria? A) To identify potential threats to the organization B) To assess the effectiveness of existing controls C) To evaluate the impact of security threats on the organization D) To inventory IT assets

A(n) __________ is any potential adverse occurrence that can do harm, interrupt the system using the network to cause monetary loss to the organization. a. asset b. service level agreement c. threat d. security plan e. network design

What are some common impact areas used in risk measurement criteria? A) Inventory management, marketing, and sales B) Financial, productivity, reputation, safety, and legal implications C) Technical support, network infrastructure, and software development D) Human resources, customer service, and administration

Which of the following is not considered one of the five most common business impacts? a. Financial b. Productivity c. Reputation d. Social e. Safety

Why is prioritization of impact areas important in risk assessment? A) To assign a ranking to each impact area B) To ensure all impact areas are addressed equally C) To avoid distinguishing between impact areas D) To focus resources on addressing the most critical concerns

How do organizations determine the prioritization of impact areas? A) By assigning equal importance to all impact areas B) By consulting external auditors C) Based on the specific needs and objectives of the organization D) By following standardized industry guidelines

Who is responsible for developing measures of high, medium, and low-impact areas in risk assessment? A) IT administrators B) Security analysts C) Business leaders D) External auditors

What is the purpose of developing measures of high, medium, and low-impact areas? A) To increase network bandwidth B) To assign blame for security breaches C) To evaluate the effectiveness of existing controls D) To assess the severity of potential risks to the organization

Which example is provided to illustrate how impact areas can be measured? A) Assigning "low" impact to the financial area if sales drop 2% B) Assigning "high" impact to the productivity area if employee turnover increases C) Assigning "low" impact to the reputation area if negative reviews decrease D) Assigning "high" impact to the legal area if compliance violations occur

Why are business leaders considered best suited to make decisions regarding impact measures? A) Because they have expertise in IT security B) Because they have insights into the organization's goals and priorities C) Because they have experience in risk assessment frameworks D) Because they have access to external audit reports

An asset can be compromised by more than one threat, so it is common to have more than one threat scenario for each asset

A(n) _________ is something of value and can be either hardware or software. a. asset b. service level agreement c. threat d. security plan e. network design

Why are an organization's data considered important assets? A) Because they are easily replaceable B) Because they are crucial for the survival of the business C) Because they are less valuable than hardware components D) Because they do not require protection

Why is it mentioned that if servers are destroyed, they can be replaced, but if data are destroyed, they cannot be replaced? A) To emphasize the importance of hardware over data B) To highlight the irrecoverable loss associated with data destruction C) To encourage organizations to invest more in hardware protection D) To discourage organizations from storing critical data

What is emphasized regarding the documentation of assets? A) Each asset should be documented, including a brief description of its criticality to the organization. B) Only hardware assets need to be documented. C) Documentation of assets is not necessary for IT security. D) Only software assets need to be documented.

A. and owners of each asset shoould be identified

What factor determines the actual probability of a threat occurring within an organization? A) The organization's location B) The organization's size C) The nature of the organization's business D) The organization's age

Why is a bank more likely to be targeted by phishing than a family-owned store? A) Because banks have less valuable data B) Because family-owned stores have stronger cybersecurity measures C) Because banks typically have more valuable data and are therefore more lucrative targets D) Because family-owned stores are more technologically advanced

Which types of organizations are among the most frequent targets of cyber threats? A) Educational institutions and small businesses B) Retail stores and restaurants C) Healthcare providers, financial services firms, and government agencies D) Nonprofit organizations and startups

_______________ describes how an asset can be compromised by one specific threat. a. Threat scenarios b. Threat plans c. Threat hacks d. Threat contingencies e. Threat attacks

Which example illustrates a threat scenario? A) A company losing customer trust due to a data breach B) The impact of a malware attack on network performance C) Confidentiality, integrity, and/or availability of client data compromised by information theft, data alteration, or natural disasters D) A company's financial loss due to a phishing attack

What is included in a threat scenario? A) Multiple assets and multiple threats B) One asset, one threat, likelihood of the threat, and consequence C) Likelihood of the threat and consequence only D) Organization's financial performance and response to a security breach

B. Likelihood of the threat ( high,low medium) Consequence ( impact score)

How many assets are typically considered in a threat scenario? A) None B) One C) Multiple D) It varies based on the organization's size

What does the likelihood of the threat happening indicate? A) The financial impact of the threat B) The probability of the threat occurring (high, medium, or low) C) The consequence of the threat D) The overall risk level of the organization

What does the consequence in a threat scenario represent? A) The likelihood of the threat occurring B) The financial impact of the threat C) The overall risk level of the organization D) The impact score, indicating the severity of the threat's consequences

How is the risk score calculated for each threat scenario? A) Likelihood + Impact Score B) Likelihood / Impact Score C) Likelihood x Impact Score D) Likelihood - Impact Score

We can calculate the relative ___________, by multiplying the impact score by the likelihood. a. rootkit b. authentication c. risk score d. risk assessment e. risk event

What is the purpose of documenting existing controls in the risk control strategy? A) To prioritize threat scenarios B) To outline how the organization intends to address identified risks C) To calculate the likelihood of the threat occurring D) To assess the overall risk level of the organization

How many risk control strategies are typically developed for each threat scenario? A) None B) One C) Multiple D) It varies based on the organization's size

What does it mean to "accept the risk" in risk control strategy? A) Take no action to address the risk if it has low impact B) Implement controls to minimize the risk's impact C) Purchase insurance coverage against the risk D) Collect more information about the risk

What does risk mitigation involve? A) Sharing the risk with an insurance provider B) Implementing controls to counter threats or minimize their impact C) Deferring the risk to a later time D) Accepting the risk without taking any action

how does an organization share the risk according to the risk control strategy? A) By implementing controls to minimize the risk's impact B) By purchasing insurance coverage against the risk C) By deferring the risk to a later time D) By accepting the risk without taking any action

When is the risk deferred according to the risk control strategy? A) When the risk has low impact B) When there is a need to collect more information about the risk C) When the risk requires immediate action D) When the risk is shared with an insurance provider

What types of measures are typically included in risk mitigation? A) Purchasing insurance coverage B) Implementing controls such as antivirus software, firewalls, or security training for employees C) Deferring the risk to a later time D) Accepting the risk without taking any action

What is the purpose of listing specific controls in risk control strategy for a threat scenario? A) To prioritize threat scenarios B) To outline how the organization intends to address identified risks C) To calculate the likelihood of the threat occurring D) To assess the adequacy of existing controls

When is the decision made to list specific controls in risk control strategy for a threat scenario? A) If the risk control strategy is to accept the risk B) If the risk control strategy is to defer the risk C) If the risk control strategy is to mitigate the risk or share the risk D) If the risk control strategy is to prioritize the ris

What is the purpose of assessing the adequacy of existing controls for a threat scenario? A) To determine the financial impact of the threat B) To prioritize threat scenarios C) To evaluate the effectiveness of existing controls in addressing the identified risk D) To calculate the likelihood of the threat occurring

How is the adequacy of existing controls typically assessed? A) By purchasing insurance coverage B) By consulting external auditors C) By assigning blame for security breaches D) By determining if the controls are high, medium, or low adequacy

The ideal solution for planning for disaster recovery is to have a fully redundant backup network placed in a different location that would not be threatened by the same natural or manmade disaster that would destroy the original network.

The key principle in preventing disruption, destruction and disaster is ___________. a. redundancy b. control spreadsheet c. IDS d. anti-virus software e. prevention controls

What is the purpose of identifying improvements in risk management? A) To prioritize threat scenarios B) To outline how the organization intends to address identified risks C) To evaluate the effectiveness of existing controls D) To enhance the control adequacy for threat scenarios with high risk scores or low control adequacies

What is the criteria for examining threat scenarios with the highest risk scores? A) To ensure they have the lowest level of control adequacy B) To ensure they have at least a "high" level of control adequacy C) To ensure they have at least a "medium" level of control adequacy D) To ensure they have at least a "low" level of control adequacy

What is the purpose of business continuity? A) To ensure the uninterrupted operation of an organization's data and applications despite disruptions, destruction, or disasters B) To prioritize business objectives C) To assign blame for security breaches D) To assess the financial impact of threats

What are the two main parts of a business continuity plan? A) Preventive controls and insurance coverage B) Preventive controls and risk assessment C) Preventive controls and a disaster recovery plan D) Risk assessment and disaster recovery plan

What is the purpose of preventive controls in a business continuity plan? A) To outline procedures to enable the organization to recover from a disaster B) To assign blame for security breaches C) To mitigate the impact of events on the organization D) To prioritize business objectives

Preventive controls mitigate or stop a person from acting or an event from occurring.

What does a disaster recovery plan outline? A) Procedures to enable the organization to recover from a disaster B) Procedures to prevent disasters from occurring C) Procedures to assess the financial impact of threats D) Procedures to assign blame for security breaches

What are major threats to business continuity? A) Malware, hacking, and data breaches B) Viruses, theft, denial of service attacks (DoS), device failures, and disasters C) Employee turnover, marketing strategies, and supply chain disruptions D) Financial market fluctuations, regulatory changes, and customer complaints

What is the purpose of controls designed for virus protection? A) To prevent theft of physical assets B) To prevent unauthorized access to data C) To prevent loss of service due to device failures D) To prevent malware from infecting systems and causing disruptions

What do denial-of-service protection controls aim to prevent? A) Unauthorized access to data B) Theft of physical assets C) Disruption of services by overwhelming the system's resources D) Malware infections

. Social engineering refers to creating a team that solves virus problems

A (n) ______ is a special type of virus that spreads itself without human intervention. a. snake b. worm c. Trojan horse d. boot sector virus e. stealth virus

What is the primary purpose of virus protection measures? A) To prevent physical theft of assets B) To prevent unauthorized access to data C) To prevent the spread of malware, including viruses, ransomware, and macro viruses D) To prevent denial of service attacks

How do macro viruses spread? A) Through email attachments B) By infecting executable files C) By attaching themselves to other programs or documents and spreading when those programs or files are executed D) By exploiting vulnerabilities in network protocols

What is the function of anti-virus software packages? A) To prevent physical theft of assets B) To prevent unauthorized access to data C) To check disks and files for viruses and malware D) To encrypt sensitive information

Why is it mentioned that "anti-virus software is only as good as its last update"? A) To emphasize the importance of regularly updating anti-virus software B) To discourage the use of anti-virus software C) To highlight the effectiveness of anti-virus software D) To promote the use of alternative security measures

The denial-of-service attack disrupts the network by flooding the network with messages so that regular messages cannot be processed.

A ____________ is a situation in which a hacker attempts to disrupt the network by sending messages to the network that prevent normal users’ messages from being processed. a. denial-of-service attack b. service level agreement c. virus d. spamming e. scamming

Which servers can be flooded in a Denial-of-Service (DoS) attack? A) File servers B) Database servers C) Web servers, DNS servers, or email servers D) Authentication servers

Why is filtering messages from a single source IP sometimes ineffective in preventing network flooding? A) Because attackers use physical methods to disrupt the target B) Because attackers often use tools to falsify source IP addresses C) Because network administrators fail to implement proper security measures D) Because network protocols are inherently vulnerable to flooding attacks

What characterizes a Distributed Denial-of-Service (DDoS) attack? A) It involves a single attacker flooding the target with messages B) It targets physical assets rather than disrupting services C) It occurs when multiple attackers target a single server D) It involves attackers gaining control of thousands of computers or smart devices to flood the targe

How do attackers control compromised devices in a Distributed Denial-of-Service (DDoS) attack? A) By physically accessing each compromised device B) By installing software known as a DDoS agent, zombie, or bot on them C) By encrypting messages sent to the compromised devices D) By exploiting vulnerabilities in network protocols

When someone external to your organization blocks access to your network and/or its resources, this is known as a denial-of-service attack.

Macro viruses can spread when an infected file is opened.

Researchers estimate that only one or two new viruses are developed every week.

DoS attackers generally use fake source IP addresses, making it harder to identify the DoS messages.

What is the purpose of traffic limiting in network security? A) To block all incoming traffic from known malicious sources B) To prioritize incoming traffic based on the source IP addresses C) To allow all incoming traffic to pass through without restrictions D) To limit incoming access regardless of the source when a flood of packets is detected

D. limit incoming access regardless of source (some may be legitimate)

What is the purpose of a "traffic anomaly detector" in network security? A) To block all incoming traffic from known malicious sources B) To prioritize incoming traffic based on the source IP addresses C) To analyze traffic patterns and detect anomalies in network traffic D) To allow all incoming traffic to pass through without restrictions

Where is the "traffic anomaly detector" typically installed? A) Behind the main router or firewall B) Inside the organization's server room C) In front of the organization's web server D) Within the organization's network switches

What action does the "traffic anomaly detector" take when it detects a sudden burst of abnormally high traffic? A) It blocks all incoming traffic B) It allows normal traffic to flow through without restrictions C) It quarantines the incoming packets while allowing normal traffic to flow through D) It shuts down the organization's network entirely

hat role does the "traffic anomaly analyzer" play in the network security process? A) It prioritizes incoming traffic based on the source IP addresses B) It blocks all incoming traffic from known malicious sources C) It differentiates between normal and anomalous traffic and releases normal traffic into the organization’s network D) It analyzes the organization's outgoing network traffic

How does the "traffic anomaly detector" interact with the ISP router in response to suspect traffic? A) It shuts down the ISP router entirely B) It allows all traffic to pass through the ISP router without restrictions C) It reroutes suspect traffic to the anomaly analyzer, bypassing the main circuit leading into the organization D) It informs the ISP router to block all incoming traffic

What is the purpose of requiring ISPs to verify that all incoming messages have valid source IP addresses? A) To prioritize incoming traffic based on the source IP addresses B) To block all incoming traffic from known malicious sources C) To prevent the use of fake IP addresses and facilitate the filtering of DDoS messages D) To allow all incoming traffic to pass through without restrictions

Why do ISPs impose security restrictions on small to medium-sized businesses? A) Because they want to prioritize their traffic over others B) Because they want to increase their revenue C) Because small to medium-sized businesses are often unwilling accomplices in DDoS attacks due to poor security practices D) Because they want to prevent these businesses from accessing the internet

What is one example of a security restriction that ISPs may impose on businesses? A) Requiring the implementation of firewalls to prevent unauthorized access B) Requiring the implementation of VPNs for secure communication C) Requiring the use of encryption for all data transmissions D) Requiring the use of biometric authentication for network access

Physical security of an organization’s IT resources is not an important element in preventing intrusion to an internal LAN.

Fault-intolerant servers contain many redundant components to prevent failure.

What is the recommended approach to prevent device failure from impacting business continuity? A) Implementing strict access control measures B) Building redundancy into critical components C) Increasing the bandwidth of the network connections D) Implementing advanced encryption techniques

Which components are examples of redundancy that can prevent device failure from impacting business continuity? A) Redundant internet connections from the same common carrier B) Single connections to the internet from multiple common carriers C) Redundant core backbones supported by the same devices D) Redundant distribution backbones with a single connection

How should redundant internet connections be served to ensure proper redundancy? A) They should be served by the same router for efficiency B) They should be served by separate routers C) They should be served by routers from the same manufacturer D) They should be served by routers located in the same geographic area

What is the purpose of providing redundancy in the internal network? A) To increase the bandwidth of the network connections B) To decrease the number of routers in the network C) To ensure fault tolerance and prevent disruptions in critical services D) To centralize network management and monitoring

here should the focus be when selecting which parts of the network to provide redundancy? A) On all network components equally B) On mission-critical backbones and LANs leading to servers C) On access layer LANs only D) On non-essential network components

. RAID1 writes duplicate copies of all data on at least two different disks; this means that if one disk in the RAID array fails, there is no data loss because there is a second copy of the data stored on a different disk. This is referred to as _____. a. disk backup b. hard drive duplication c. cloud backups d. disk duplication e. disk mirroring

What does RAID stand for? a) Random Access Independent Disks b) Redundant Arrays of Independent Drives c) Redundant Arrays of Independent Disks d) Remote Access and Information Distribution

Which RAID level provides faster performance by writing or reading data in parallel across multiple disks? a) RAID 0 b) RAID 1 c) RAID 5 d) RAID 6

Which RAID level writes duplicate copies of all data on at least two different disks? a) RAID 0 b) RAID 1 c) RAID 5 d) RAID 6

Which RAID level provides error checking? a) RAID 0 b) RAID 2 c) RAID 3 d) RAID 4

Which RAID level can survive the failure of two drives with no data loss? a) RAID 0 b) RAID 1 c) RAID 5 d) RAID 6

An uninterruptible power supply utilizes a second redundant disk for every disk on the server

A(n) ___________ is one of the most common examples of redundancy built into a network to help reduce the impact of disruption. a. network cloaking device b. backup punch card reader c. uninterruptible power supply d. service level agreement e. help desk

What is the purpose of an Uninterruptible Power Supply (UPS)? a) To store data redundantly b) To provide faster read/write access c) To supply battery power during power outages d) To increase the number of disks in a RAID array

What other network components can Uninterruptible Power Supplies (UPS) apply to? a) Printers b) Circuits c) Routers d) All of the above

What is the relationship between Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP)? a) DRP and BCP are separate plans b) DRP is a subset of BCP c) BCP is a subset of DRP d) DRP and BCP serve unrelated purposes

What does a Disaster Recovery Plan (DRP) provide for? a) Only complete recovery of data b) Only partial recovery of data c) Both partial and complete recovery of data d) Only recovery of physical facilities

How often do many organizations perform backups of critical information? a) Daily b) Weekly c) Monthly d) Annually

What is the traditional method used for backups? a) Hard drives b) CDs c) Tapes d) Cloud storage

What is the purpose of encrypting backups? a) To speed up data transfer b) To compress data c) To ensure unauthorized users cannot access them d) To reduce storage space

Which type of data is often backed up on a weekly basis? a) Critical information b) Less critical data, such as email files c) Both critical and less critical data d) No data is backed up on a weekly basis

What is Continuous Data Protection (CDP)? a) A method for weekly backups b) A real-time alternative to regular backups c) A physical storage device d) A type of encryption method

What does Continuous Data Protection (CDP) allow for? a) Weekly copies of selected data b) Real-time copies of all data and transactions c) Manual storage of data on CDP servers d) Backing up data only once per day

How are data and transactions stored with Continuous Data Protection (CDP)? a) Stored offline b) Stored in real-time on CDP servers c) Stored on the originating server only d) Stored on external hard drives

What does Continuous Data Protection (CDP) enable in terms of restoration? a) Restoration to a specific point in time b) Restoration only to the most recent backup c) Restoration to a specific date in the past d) Restoration without time stamps

What does a Disaster Recovery Plan (DRP) include in terms of recovery approach? a) A documented approach but not tested b) A tested approach without specific goals c) A documented and tested approach with specific goals d) A theoretical approach without testing or documentation

What is the purpose of Disaster Recovery Drills? a) To ensure data safety b) To guarantee data usability c) To test the recovery approach d) To prevent disasters from happening

What should a Disaster Recovery Plan (DRP) plan for? a) Only for loss of the main database b) Only for short outages of the data center c) Only for minor disasters d) Loss of main database or long outages of the data center

What is the primary focus of Level 1 in Disaster Recovery Plans (DRPs)? a) Outsourcing recovery efforts b) Building enough capacity and spare equipment c) Providing second level support for major disasters d) Recovering from a minor disaster

In Level 2 of Disaster Recovery Plans (DRPs), what is the main approach? a) Building enough capacity and spare equipment b) Outsourcing recovery efforts to professional firms c) Providing support for minor disasters d) Recovering from a major disaster

d. disaster recovery outsourcing

What services does a Disaster Recovery Firm typically offer? a) Only secure storage for backups b) Only complete recovery of data and network c) A range of services d) Only networked data center for clients to use in disasters

What is one of the primary advantages of a Disaster Recovery Firm? a) Low cost b) Slow recovery of data and network c) Complete recovery within hours d) Limited range of services

Which type of organization is more likely to use a Disaster Recovery Firm? a) Small businesses b) Medium-sized businesses c) Large organizations d) Start-up companies

Chapter 11 Flashcards

(185 cards)