FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 17: Information Security: Barbarians at the Gateway and Just About Everywhere Else

Show Answer

Share

---

All types

Filters

Study Flashcards

Question 1

True/False

Review LaterAdd Note

Review Later

Multiple administrators jointly controlling key systems are an unnecessary burden that adds to the complexity of managing security in an organization.

Correct Answer

verified

False

Question 2

Multiple Choice

Review LaterAdd Note

Review Later

What type of tool enforces access privileges and helps verify that systems are not being accessed by the unauthorized, or in suspicious ways?

A) Audit trails
B) Intrusion detection tools
C) Access control tools
D) User-tracking tools
E) Network watching tools

Correct Answer

verified

Show Answer

Question 3

True/False

Review LaterAdd Note

The term ISO 27000 refers to a series of standards representing the set of best practices for implementing, maintaining and improving organizational security.

A black hat hacker looks for weaknesses in security mechanisms, with a view to help plug the holes that might be exploited by cyber-criminals.

Information security policies would be ineffective without _____ and _____.

Computer systems are often infected with malware by means of exploits that sneak in masquerading as something they are not. These exploits are called:

Conforming to industry-standard guidelines and frameworks for organizational security ensures continued immunity from attacks on an organization's information.

_____ are highly restrictive programs that permit communication only with approved entities and/or in an approved manner.

A(n) _____ is someone who uncovers computer weaknesses and reveals them to manufacturers or system owners, without exploiting these vulnerabilities.

Which of the following statements holds true for the term spoof?

Which of the following are considered sources of information that can potentially be used by social engineers?

The virtual shutdown of websites by way of overloading them with seemingly legitimate requests sent simultaneously from thousands of machines is termed as _____ attacks.

URL-shortening services such as bit.ly limit the impact of phishing posts since the shortened URL will clearly reveal the destination arrived at when clicked on.

Because of Moore's Law, widely-used encryption programs currently employed by banks and ecommerce sites are now easily penetrated by brute-force attacks that can be employed by hackers using just a handful of simple desktop computers.

A bank customer receives a message, ostensibly from the bank's Web site, asking her to provide her login information. Assuming the message is intended to defraud the customer, what type of infiltration technique is being used here?

Briefly explain the steps one should take to ensure that their highest priority accounts are not compromised easily by hackers.

A team working on organizational security should include representatives from general counsel, audit, public relations, and human resources, in addition to those from specialized security and broader technology and infrastructure functions.

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

One of the major problems with the Heartbleed bug in OpenSSL software is that:

Public wireless networks are often vulnerable to monitoring and attack. The use of _______ software can limit threats by encrypting network transmissions over a network.