Chapter 02 The Need for Security Show
TRUEFALSE 1. Information security's primary mission is to ensure that systems and their contents retain their confidentiality at any cost. (A) True (B) False Answer : (B) 2. The information security function in an organization safeguards its technology assets. (A) True (B) False Answer : (A) 3. As an organization grows, it must often use more robust technology to replace the security technologies it may have outgrown. (A) True (B) False Answer : (A) 4. Suppose an act of theft performed by a hacker was accompanied by defacement actions to delay discovery. The first act is obviously in the category of "theft" but the second act is another category-in this case it is a "force of nature." (A) True (B) False Answer : (B) 5. Two watchdog organizations that investigate allegations of software abuse are the Software & Information Industry Association (SIIA) and National Security Agency (NSA). (A) True (B) False Answer : (B) __________ plans usually include all preparations for the recovery process, strategies to limit losses during the disaster, and detailed steps to follow when the smoke clears, the dust settles, or the flood waters recede. The __________ plan specifies the actions an organization can and should take while an adverse event is in progress. An adverse event could result in loss of an information asset or assets, but it does not currently threaten the viability of the entire organization A(n) _________ is a formal access control methodology used to assign a level of confidentiality to an information asset and thus restrict the number of people who can access it. data classification scheme A _________ assigns a status level to employees to designate the maximum level of classified data they may access. security clearance scheme A computer is the __________ of an attack when it is used to conduct an attack against another computer. A subject or object’s ability to use, manipulate, modify, or affect another subject or object is known as ___________. A technique used to compromise a system is known as a(n) ___________.Term An organizational resource that is being protected is sometimes logical, such as a Web site, software information, or data. Sometimes the resource is physical, such as a person, computer system, hardware, or other tangible object. Either way, the resource is known as a(n) ___________. A ____________________ is an attack in which a coordinated stream of requests is launched against a target from many locations at the same time. distributed denial-of-service
In a ____________________ attack, the attacker sends a large number of connection or information requests to disrupt a target from a small number of sources. When information gatherers employ techniques that cross a legal or ethical threshold, they are conducting __________. The process of maintaining the confidentiality, integrity, and availability of data managed by a DBMS is known as __________ security. The average amount of time until the next hardware failure is known as __________. mean time to failure (MTTF) The average amount of time between hardware failures, calculated as the total amount of operation time for a specified number of units divided by the total number of failures, is known as __________. mean time between failure (MTBF) The __________ attempts to prevent trade secrets from being illegally shared. Which of the following acts is also widely known as the Gramm-Leach-Bliley Act? Financial Services Modernization Act The National Information Infrastructure Protection Act of 1996 modified which act? Computer Fraud and Abuse Act Which of the following acts is a collection of statutes that regulate the interception of wire, electronic, and oral communications? Electronic Communications Privacy Act The transfer of large batches of data to an off-site facility, usually through leased lines or services, is called ____.Term The ________is the high-level information security policy that sets the strategic direction, scope, and tone for all of an organization’s security efforts. The transfer of transaction data in real time to an off-site facility is called ____. _________ is the rapid determination of the scope of the breach in the confidentiality, integrity, and availability of information and information assets during or just following an incident.
__________ is a strategy of using multiple types of technology that prevent the failure of one system from compromising the security of information What is information Security's primary mission?Information security's primary focus is the balanced protection of the confidentiality, integrity, and availability of data (also known as the CIA triad) while maintaining a focus on efficient policy implementation, all without hampering organization productivity.
Is the process of using social skills to convince people to reveal access credentials?Social engineering is an attempt by attackers to trick humans into giving up access, credentials, bank details, or other sensitive information.
Is a technique used to gain unauthorized access to computers wherein the intruder sends messages?( -p spoof ing) (n.) A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host.
Which of the following is an application error that occurs when more data is sent to a program buffer than it is designed to handle?Definition of a Buffer Overflow
A buffer overflow, or buffer overrun, occurs when more data is put into a fixed-length buffer than the buffer can handle. The extra information, which has to go somewhere, can overflow into adjacent memory space, corrupting or overwriting the data held in that space.
|
When information gatherers employ techniques that cross a legal or ethical threshold they Areconducting?
zusammenhängende Posts
Urheberrechte © © 2024 WIKIFI Inc.
