According to the U.S. Bureau of Labor Statistics, what percentage of growth for information security analysts is the available job outlook supposed to reach through 2024?
answer
18
question
As security is increased, convenience is often increased. True or False?
answer
False
question
A vulnerability is a flaw or weakness that allows a threat to bypass security. True or false?
answer
True
question
Brokers steal new product research or a list of current customers to gain a competitive advantage. T/F
answer
False
question
In information security, what can constitute a loss?
A) theft of information
B) a delay in transmitting information that results in a financial penalty
C) the loss of good will or a reputation
D) all of the above
answer
D) all of the above
question
In information security, which of the following is an example of a threat actor?
A) a force of nature such as a tornado that could destroy computer equipment
B) a virus that attacks a computer network
C) a person attempting to break into a secure computer network
D) all of the above
answer
D) all of the above
question
In what kind of attack can attackers make use of millions of computers under their control in an attack against a single server or network?
answer
distributed
question
One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government. T/F
answer
True
question
Select the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.
answer
integrity
question
Select the term that best describes automated attack software?
answer
open-source intelligence
question
Smart phones give the owner of the device the ability to download security updates. T/F
answer
False
question
Successful attacks are usually not from software that is poorly designed and has architecture/design weaknesses. T/F
answer
False
question
The CompTIA Security+ certification is a vendor-neutral credential. T/F
answer
True
question
The Sarbanes-Oxley Act restricts electronic and paper data containing personally identifiable financial information. T/F
answer
False
question
The Security Administrator reports directly to the CIO.
answer
False
question
Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?
answer
$1,500,000
question
To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack?
answer
Love Bug
question
To mitigate risk is the attempt to address risk by making the risk less serious. T/F
answer
True
question
Under which laws are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?
answer
HIPAA
question
What class of attacks use innovative attack tools and once a system is infected it silently extracts data over an extended period?
answer
Advanced Persistent Threat
question
What information security position reports to the CISO and supervises technicians, administrators, and security staff?
answer
security manager
question
What level of security access should a computer user have to do their job?
answer
least amount
question
What process describes using technology as a basis for controlling the access and usage of sensitive data?
answer
technical controls
question
What term best describes any premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by subnational groups or clandestine agents?
answer
cyberterrorism
question
What term describes a layered security approach that provides the comprehensive protection?
answer
defense-in-depth
question
What term is used to describe a group that is strongly motivated by ideology, but is usually not considered to be well-defined and well-organized?
answer
hactivists
question
What term is used to describe state-sponsored attackers that are used for launching computer attacks against their foes?
answer
nation state actors
question
What term refers to an action that provides an immediate solution to a problem by cutting through the complexity that surrounds it?
answer
silver bullet
question
What type of diversity is being implemented if a company is using multiple security products from different manufacturers?
answer
vendor diversity
question
What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?
answer
identity theft
question
Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information?
answer
Gramm-Leach-Bliley
question
Which of the following are considered threat actors? (Choose all that apply.)
brokers
competitors
administrators
individuals
answer
brokers, competitors
question
Which of the following describes various supporting structures for implementing security that provides a resource of how to create a secure IT environment? (Choose all that apply.)
regulatory frameworks
reference architectures
industry-standard frameworks
reference frameworks
