Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
50 Cards in this Set
- Front
- Back
|
..... is the origin of today's internet
nist arpanet fips des |
arpanet
|
|
|
during the early years, information security was a straightforward process composed prediminantly of ... security and simple document classification schemes
a. logical b. network c. software d. physical |
physical
|
|
|
..... of information is the quality or state of being genuine of original
a. authenticity b. spoofing c. confidentiality d. authorization |
authenticity
|
|
|
.... was the first and only operating system created with security as its primary goal
a. unitx b dos c multics d arpanet |
multics
|
|
|
the NSTISSC Model of information security evolved from a concept develoleped by the computer security industry known as.... triangle
a. CIA b. Bermuda C. A.B.C d. Morris |
CIA
|
|
|
....... ensures authorized users- persons or computer systems- can access information without interference or obstruction, and in the required format
a. utility b. availability c. confidentiality d. Authorization |
availability
|
|
|
information has ..... when its whole, complete, and uncorrupted
a. utility b. availability c. confidentiality d. integrity |
integrity
|
|
|
a.... attack is when a hacker uses his or personal computer to break into a system
a. indirect b. direct c. software d. hardware |
direct
|
|
|
the most successful kind of top down approach involves a formal development stratergy referred to as a....
a. systems design b. developing life project c.systems development life cycle d. systems schema |
systems development life cycle
|
|
|
The .... is the individual primarily responsible for the assessment, management, and implementation of information security in the organization
a. ISO b. CIO C. CISO D. CTO |
CISO
|
|
|
A computer is the .... of an attack when it is used to conduct
a. subject b. object c. target d. faciliatator |
subject
|
|
|
the .... of information is defined as having ownership or control of some object or item
a. utility b. possession c. availability d. authorization |
possession
|
|
|
An .... information security policy outlines the implementation of a security program within the organization
|
enterprise
|
|
|
a .... is a group of individuals who are united by similar interests or values withing an organization and who share a common goal of making the organization function to meet its objectives
a. department b. cohort c. posse d. community of interest |
community of interest
|
|
|
In an organization, the value of .... of information is especially high when it involves personal information about employees, customers, or patients
a.utility b. availability c. confidentiality d. authorization |
confidentiality
|
|
|
The ...... consists of 27 cells representing areas that must be addressed to secure today's infomration system. the first axis consists of confidentiality, integriy, and availability. the second contains policy, education, and technology. the final axis consists of storage, processing, and trasnmission
a. wopr matrix b. socratic c. mccumber cube d. rubik's cube |
mccumber cube
|
|
|
A frequently overlooked component of information systems, ..... are written instructions for accomplishing a specific task
a. viruses b. procedures c. plans d. objectives |
procedures
|
|
|
in the movie, wargames, david lightman gains acecess to the WOPR games flies through the ....
a. air conditioning vent b. emergency exit c. Back door d. Buffer overflow |
back door
|
|
|
a .... is a identified weakness in a controlled system, where controls are not present or no longer affective
a. vulnerability b. threat c. exploit d. risk |
vulnerability
|
|
|
which of the following functions does information security perform for an organization?
a. protects the organization's ability to function b. enables the safe operation of applications implemented on the organization's IT systems. c. Protects the data the organization collects and uses d. All of the above |
All of the above
|
|
|
acts of .... can lead to unauthorized real or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to enter.
a. bypass b. nature c. trespass d. security |
trespass
|
|
|
there are generally two skill levels amoung hackers: expert and ...
a. novice b. journeyman c. packet monkey d. professional |
novice
|
|
|
One form of online vandalism is ... operations,w hich interfere with or disrupt systems to protest the operations, policies, or actions of organization or government agency
a. hacktivist b. phv ist c. hackcyber d. cyberhack |
hacktivist
|
|
|
....... is the premediated, politcally motivated attacks against information, computer systems, computer programs, and data which result in violence against noncombatant targets by subnationsal groups or clandestine agents
a. infoterroris b. cyber terrorism c. hacking d. cracking |
cyber terrorism
|
|
|
deliberate software attacks are referred to as ...
a. malicious code b. malicious software c. malware d. all of the above |
all of the above
|
|
|
..... are software programs that hide their true nature, and reveal their designed behavior only when activated
a. viruses b. worms c. spam d. trojan horses |
trojan horses
|
|
|
as frustrating as viruses and worms are, perhaps more time and money is spent on resolving ....
a. false alarms b. power faults c. hoaxes d. urban legends |
hoaxes
|
|
|
web hosting services are usually arranged with an agreement providing minimum service levels known as
a. SSL b. SLA c. MSL d. MIN |
SLA
|
|
|
complete loss of power for a moment is known as
a. surge b. fault c. brownout d. blackout |
fault
|
|
|
in a ... attack, the attacker sends a large number of connection or information requests to a targer.
a. denial of service b. distributed denial of service c. virus d. spam |
denial of service
|
|
|
a ..... is an attack in which a coordinated stream of requests is launched against a target from many locations at the same time
a. denial of service b. distributed denial os service c. virus d. spam |
distributed denial of service
|
|
|
..... are machines tha are directed remotely by the attacker to participate in an attack
a. drones b. helpers c. zombies d. servants |
zombies
|
|
|
In th well known .... attack, an attacker monitors packets from the network, modifies them, and inserts them back into the network
a. zombie in the middle b. sniff in the middle c. server in the midle d. man in the middle |
man in the middle
|
|
|
the .... hijacking attack uses IP spoofing to enable an attacker to impersonate another entity on the network
a. www b. tcp c. ftp d. http |
TCP
|
|
|
..... requires that an organization make a valid effort to protect others, and to continually maintain this level of effort
a. constitutional law b. civil law c. due care d. due dilligence |
due dilligence
|
|
|
...... law represents a wide variety of laws that govern a nation or state
a. criminal b. civil c. public d. private |
civil
|
|
|
.... law regulate the structure and administration of government agencies and their relationships with citizens, employees, and other governments, providing carefull checks and balances
a. public b. private c. civil d. criminal |
public
|
|
|
the computer... and abuse act of 1986 is the cornerstone of many computer related federal laws and enforcement efforts
a. violence b. fraud c. theft d. usage |
fraud
|
|
|
the ... portability and accountability act of 1996, also known as the kennedy kassebaum act, is an attempt to protect the confientiality and security of health care data by establishing and enforcing standards and by standardizing electronic data interchange
a. custome b. health insurance c. computer d. telecommunication |
health insurance
|
|
|
which of the following acts is widely known as the gram leach bliley act?
a. financial services modernization act b. communications act c. computer security act d. economic espionage act |
financial services modernization act
|
|
|
....... is designed to prevent abuse of information gained by an individual working in one company and employed by another
a. electronic communications privacy act b. sarbanes oxley act c. financial services modernization act d. economic espionage act |
economic esionage act
|
|
|
which of the following acts is a collection of statutes that regulate the interception of wire, electronic, and oral communications?
a. electronic communications privacy act b. sarbanes oxley act c. financial services modernization act d. economic espionage act |
electronic communications privacy act
|
|
|
what is the subject of the sarbanes oxley act?
a. banking b. financial reporting c. privacy d. trade secrets |
financial reporting
|
|
|
the .... of 1999 clarifies the use of encryption for people in the united states and permits all person in the US to buy or sell any encryption product
a. sarbanes oxley act b. gramm leach bliley act c. USA patriot act d. Security and freedom through encryption act |
Security and freedom through encryption act
|
|
|
.... defines stiffer penalties for prosecution of terrorist crimes
a. usa patriot act b. sarbanes oxley acc c. gram leach bliley act d. economic espionage act |
usa patriot act
|
|
|
information .... involves the use of information technology by a sovereign state to conduct organized and lawful military operation
a. charter b. warfare c. union d. directive |
warfare
|
|
|
Criminal or unethical ... goes to the state of mind and the individual performing the act
a. attitude b. intent c. accident d. ignorance |
intent
|
|
|
laws and policies and their associated penalites only deter if which of the following conditions is present?
a. fear of penalty b. probability of being caught c. probability of penalty being administered d. all of the above |
all of the above
|
|
|
the ....., created in 2003, carries out its mission of protecting the people as well as the physical and informational assets of the united states
a. national infragard program b. department of homeland secuirty c. us secret service d. information assurance directorate |
department of homeland secuirty
|
|
|
Which of the following countries reported generally intolerant attitudes toward personal use of organizational computing resources?
a. australia b. US c. Singapore d. Sweden |
singapore
|
