SEC110_ Chapter 1 Quiz – Flashcards
Unlock all answers in this set
Unlock answersquestion
Which position below is considered an entry-level position for a person who has the necessary technical skills?
answer
security technician
question
Which of the three protections ensures that only authorized parties can view information?
answer
Confidentiality
question
What kind of server connects a remote system through the Internet to local serial ports using TCP/IP?
answer
Serial server
question
Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?
answer
$1,500,000
question
The security protection item that ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter is known as?
answer
Authentication
question
In what kind of attack can attackers make use of hundreds of thousands of computers under their control in an attack against a single server or network?
answer
distributed
question
The information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.
answer
Integrity
question
To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack?
answer
Love Bug
question
Script kiddies acquire which item below from other attackers to easily craft an attack:
answer
Exploit kit
question
Select below the term that is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so:
answer
Script kiddies
question
The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.
answer
Gramm-Leach-Bliley
question
In information security, what constitutes a loss?
answer
theft of information,
a delay in transmitting information that results in a financial penalty,the loss of good will or a reputation
question
What information security position reports to the CISO and supervises technicians, administrators, and security staff?
answer
manager
question
What term is used to describe a loose network of attackers, identity thieves, and financial fraudsters?
answer
Cybercriminals
question
According to the U.S. Bureau of Labor Statistics, what percentage of growth is the available job outlook supposed to reach by the end of the decade?
answer
22
question
Under which law are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?
answer
HIPAA
question
In information security, an example of a threat agent can be ____.
answer
In information security, an example of a threat agent can be ____. A person attempting to break into a secure computer network,a virus that attacks a computer network,force of nature such as a tornado that could destroy computer equipment
question
Which term is frequently used to describe the tasks of securing information that is in a digital format?
answer
information security
question
What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?
answer
Identity theft
question
What country is now the number one source of attack traffic?
answer
Indonesia
question
A security administrator has both technical knowledge and managerial skills.
True or False
answer
True
question
The demand for certified IT professionals who know how to secure networks and computers is at an all-time low.
answer
False
question
Today's software attack tools do not require any sophisticated knowledge on the part of the attacker.
answer
True
question
The CompTIA Security+ Certification is aimed at an IT security professional with the recommended background of a minimum of two years experience in IT administration, with a focus on security.
answer
True
question
A situation that involves exposure to danger
answer
Risk
question
A premeditated, politically motivated attack against information, computer systems, computer programs, and data, which often results in violence.
answer
cyberterrorism
question
A person or element that has the power to carry out a threat
answer
threat agent
question
The means by which an attack could occur
answer
threat vector
question
An item that has value.
answer
asset
question
Automated attack package that can be used without an advanced knowledge of computers
answer
exploit kit
question
A type of action that has the potential to cause harm.
answer
threat
question
A flaw or weakness that allows a threat agent to bypass security
answer
vulnerability
question
Attacker who attacks for ideological reasons that are generally not as well defined as a cyberterrorist's motivation
answer
hacktivist
