Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
20 Cards in this Set
- Front
- Back
|
When someone pretends to be a legitimate company and sends an email requesting confidential data, such as credit card numbers, this is known as ________. . hawking . spoofing . phishing . sniffing |
phishing |
|
|
A subversive technique for intercepting computer communications is ________. . sniffing . spoofing . phishing . pretexting |
sniffing |
|
|
________ is a term for when someone causes deception by pretending to be someone else. . Hacking . Pretexting . Sniffing . Phishing |
Pretexting |
|
|
________ intercept wireless traffic at will in areas where users are on devices with wireless internet connections on unprotected networks. . Drive-by spoofers . Drive-by pretexters . Drive-by phishers . Drive-by sniffers |
Drive-by sniffers |
|
|
When a person gains unauthorized access to a computer system, he or she is said to be ________. . hacking . phishing . sniffing . spoofing |
hacking
|
|
|
________ present the largest risk for infrastructure loss. . Thefts . Terror attacks . Human mistakes . Natural disasters |
Natural disasters |
|
|
Which of the following exemplifies a technical safeguard? . authentication . key escrow . helpdesk policies . password management |
authentication |
|
|
Which of the following is an example of a human safeguard? . password management . digital signatures . botnets . authentication |
password management |
|
|
Which of the following is NOT an example of a data safeguard? . storage in an encrypted form . SSL . key escrow . physical security |
SSL |
|
|
A security policy concerning the use of computers at work for personal business would be an example of a ________.
. system-specific policy . data policy . issue-specific policy . human-resources policy |
issue-specific policy |
|
|
A security policy determining which customer data from the order entry system will be shared with other companies is an example of a ________ policy. . system-specific . data . issue-specific . human-resources |
system-specific |
|
|
The term ________ refers to threats and consequences that we know about. . knowledge . hedge . risk . indemnity |
risk |
|
|
________ is the first step in risk management. . Evaluating the results of the risk management process . Reducing the likelihood of a threat . Assessing the threats . Creating perfect hedges to mitigate the risks |
Assessing the threats |
|
|
________ refers to the probability that a given asset will be compromised by a given threat, despite the safeguards. . Likelihood . Uncertainty . Consequence . Vulnerability |
Likelihood |
|
|
Which of the following is NOT a reason for public companies to develop and follow a disaster recovery plan? . requirement to do so . good management practice . minimization of organizational interruption . prevention of data theft |
prevention of data theft |
|
|
Since no safeguard is ironclad, there is always a ________ risk that the safeguard will not protect the assets in all circumstances. . residual . diversifiable . portfolio . process |
residual |
|
|
________ refers to the recording and analysis of keystrokes. . Theft . Eavesdropping . Hacking . Sniffing |
Eavesdropping |
|
|
A critical security function that requires the involvement of senior-management is ________. . safeguarding computer hardware and software . planning responses to security incidents . establishing the security policy . managing the security program on a real-time basis |
establishing the security policy |
|
|
Which of the following is NOT a type of data which should be backed up by IT staff? . account data . data on employees' computers . website resources . databases |
data on employees' computers |
|
|
Which of the following attitudes about backing up user computers will most often prevent data loss occurrences? . Backups should be performed right before traveling in case a laptop is stolen or damaged. . Data should be backed up at the same time each week. . Backups are most important when you are not planning to use the computer for a few days. . Users should follow a plan so that in the event of loss or system failure, all critical data are accessible and uncompromised. |
. Users should follow a plan so that in the event of loss or system failure, all critical data are accessible and uncompromised. |
