Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
80 Cards in this Set
- Front
- Back
|
____ are individuals who want to attack computers yet they lack the knowledge of computers and networks needed to do so. |
Hacker |
|
|
Grouping individuals and organizations into clusters or groups based on their likes and interests is called ____. |
social networking |
|
|
A ____ is a collection of requirements specific to the system or procedure that must be met by everyone. |
standard |
|
|
AV software on a computer must have its ____ files regularly updated by downloads from the Internet. |
signature |
|
|
As a means of simplifying turning on WPA2 Personal, many devices now support ____ as an optional means of configuring security. |
Wi-Fi Protected Setup (WPS) |
|
|
Cryptography can also be applied to entire disks. This is known as ____ encryption and protects all data on a hard drive. |
whole disk |
|
|
A ____ self-replicates between computers (from one computer to another). |
worm |
|
|
In a well-run information security program, attacks will never get through security perimeters and local defenses. |
False |
|
|
Financial cybercrime is often divided into two categories. The first category focuses on individuals and businesses. |
True |
|
|
____ is the process of setting a user’s account to expire. |
Account expiration |
|
|
An attacker must be highly skilled in technical knowledge and abilities in order to be successful in a Social Engineering attack. |
False |
|
|
____ is sending an e-mail or displaying a Web announcement that falsely claims to be from a legitimate enterprise, in an attempt to trick the user into surrendering private information. |
Phishing |
|
|
A(n) ____ infection injects portions of the code throughout the program’s executable code instead of only at the end of the file (any overwritten original code is transferred and stored inside the virus code for proper execution of the host program after the infection). |
Swiss cheese |
|
|
To address the vulnerabilities in operating systems that are uncovered after the software has been released, software vendors usually deploy a software “fix” to address the vulnerabilities. |
True
|
|
|
The ____ in a Wi-Fi network serves as the network name identifier. |
SSID |
|
|
Social engineering ____ means to create a fictitious character and then play out the role of that person on a victim. |
impersonation |
|
|
The two types of malware that have the primary objective of infecting a computer system are ____. |
viruses and worms |
|
|
Spyware usually performs one of the following functions on a user’s computer: ____, collecting personal information, or changing computer configurations. |
advertising |
|
|
A(n) ____ is a written document that states how an organization plans to protect the company’s information technology assets. |
security policy |
|
|
What is curently the best option for Wi-Fi security? |
WPA2 |
|
|
Bruce Shneier suggest which password generation method? |
Combine a personally memorable sentence with some memorable tricks to modify that sentence into a password
|
|
|
There is a straightforward and easy solution to securing computers. |
False |
|
|
A(n) ____ is a person or element that has the power to carry out a threat. |
threat agent |
|
|
____ is a nontoxic petroleum gel-based paint that is thickly applied and does not harden, making any coated surface very difficult to climb. |
Anti-climb paint |
|
|
Unless remote management is essential, it is recommended that this feature be disabled with a wireless router. |
True |
|
|
You should always be truthful when answering "secret questions" so that you have a way to reset your passwords should you forget them. |
False |
|
|
____ identify individuals within the organization who are in positions of authority. |
Organizational charts |
|
|
Virtually anyone could type in a person’s username and pretend to be that person. |
True |
|
|
Under____, healthcare enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format. |
HIPAA |
|
|
IEEE ____ combines the best features of 802.11b and 802.11a and is still used today.
|
802.11g |
|
|
A ____ is essentially a duplicate of the organization’s main production site and has all the equipment needed for it to continue running, including office space and furniture, telephone jacks, computer equipment, and a live telecommunications link. |
hot site |
|
|
____ may reveal the true level of security within the organization. |
Policy manuals |
|
|
____ is defined as the ability of an organization to maintain its operations and services in the face of a disruptive event. |
Business continuity |
|
|
____ ensures that information is correct and no unauthorized person or malicious software has altered that data. |
Integrity |
|
|
From January 2005 through July 2012, over ____ electronic data records in the United States were breached, exposing to attackers a range of personal electronic data, such as address, Social Security numbers, health records, and credit card numbers. |
562 million |
|
|
One of the first software security applications is ____ software. |
antivirus |
|
|
Whereas tablets are designed for performance, laptops are focused on ease of use. |
False |
|
|
Which of the following is NOT generally a good method to be successful in a Social Engineering attack? |
Quickly getting the information from the victim |
|
|
____ attacks are often the means by which an attacker will perform an arbitrary code execution. |
Buffer overflow |
|
|
The ____ team is contacted whenever digital evidence needs to be preserved and serve as first responders. |
computer forensics response |
|
|
On tablets and smartphones, users should enable ____, which password-protects the device when it has not been used for a set period of time. |
auto-lock |
|
|
____ involves using someone’s personal information, such as a Social Security number, to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and ruining their credit rating. |
Identity theft |
|
|
____ policy is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users using the Microsoft directory service Active Directory (AD). |
Group |
|
|
Which of the following is NOT an example of an authorization technique or device? |
A survey on your political beliefs based on what you think |
|
|
Whereas phishing involves sending millions of generic e-mail messages to users, ____ targets only specific users. |
spear phishing |
|
|
____ ensures that data is accessible when needed to authorized users. |
Availability |
|
|
____ policy creates standards for using corporate e-mail. |
|
|
|
The best approach to establishing strong security with passwords is to use a ____. |
password management tool |
|
|
Most viruses can spread to other computers by themselves. |
False |
|
|
Which of the following is NOT a valid method of authentication? |
What you think |
|
|
In the field of computer networking and wireless communications, the most widely known and influential organization is the ____. |
IEEE |
|
|
Attackers today use common Internet ____ and applications to perform attacks, making it difficult to distinguish an attack from legitimate traffic. |
protocols |
|
|
A ____ silently captures and stores each keystroke that a user types on the computer’s keyboard.
|
keylogger |
|
|
____ is software that displays a fictitious warning to the user in the attempt to “scare” the user into an action, such as purchasing additional software online to fix a problem that in fact does not exist. |
Scareware |
|
|
FACTA grants consumers free access to their credit score. |
False |
|
|
A ____ is a collection of suggestions that should be implemented. |
guideline |
|
|
One of the best defenses against attacks is to create ____ on a regular basis. |
data backups |
|
|
If a consumer finds a problem on her credit report, she must first send a letter to the credit-reporting agency. Under federal law, the agency has ____ days to investigate and respond to the alleged inaccuracy and issue a corrected report. |
30 |
|
|
____ requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information. |
GLBA |
|
|
Information (contained on the devices) is protected by three layers: products, ____, and policies and procedures. |
people |
|
|
A computer ____ is a person who has been hired to break into a computer and steal information.
|
spy |
|
|
A(n) ____ address is a unique hardware number that is “burned in” to each wireless network interface card adapter. |
MAC |
|
|
The FBI defines ____ as any “premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents.” |
cyberterrorism |
|
|
On tablets and smartphones, it is recommended to download and install a(n) ____ app that can erase the contents of the device if lost or stolen. |
remote wipe |
|
|
A(n) ____ is a type of action that has the potential to cause harm. |
threat |
|
|
The ____ of 2003 contains rules regarding consumer privacy. |
Fair and Accurate Credit Transactions Act |
|
|
A ____ is a program designed to take advantage of a vulnerability in an application or an operating system in order to enter a computer. |
worm |
|
|
The term ____ is frequently used to describe the tasks of securing information that is in a digital format. |
information security |
|
|
Attack tools can initiate new attacks without any human participation, thus increasing the speed at which systems are attacked. |
True |
|
|
“____” involves breaking into a car’s electronic system. |
Car hacking |
|
|
A(n) ____ is a flaw or weakness that allows a threat agent to bypass security. |
vulnerability |
|
|
A ____ is created when hundreds, thousands, or even tens of thousands of zombie computers are manipulated under remote control. |
botnet |
|
|
A ____ attack begins with the attacker creating digests of common dictionary words, and then comparing those in a stolen password file. |
dictionary |
|
|
The Web sites that facilitate linking individuals with common interests and function as an online community of users are called ____. |
social networking sites |
|
|
____ is the application of science to questions that are of interest to the legal profession. |
Forensics |
|
|
The weakness of passwords centers on human memory. |
True |
|
|
Instead of asking the user to visit a fraudulent Web site, ____ automatically redirects the user to the fake site. |
pharming |
|
|
Terrorists who turn their attacks to the network and computer infrastructure to cause panic among citizens are known as ____. |
cyberterrorists |
|
|
Because a wireless signal can only be transmitted for several hundred feet, multiple APs are used to provide “cells” or areas of coverage. |
True |
|
|
____ are independently rotating large cups (in diameter of 5 inches or 115 millimeters) affixed to the top of a fence to prevent the hands of intruders from gripping the top of a fence to climb over it. |
Roller barriers |
