A user copies files from her desktop computer to a USB flash device and puts the device into her pocket. Which of the following security goals is most at risk?
+Availability
+Non-repudiation
+Integrity
+Confidentiality
answer
+Confidentiality
question
Smart phones with cameras and Internet capabilities pose a risk to which security goal?
answer
Confidentiality
question
By definition, which security concept ensures that only authorized parties can access data?
answer
Confidentiality
question
Your computer system is a participant in an asymmetric cryptography system. You've crafted a message to be sent to another user. Before transmission, you hash the message, then encrypt the hash using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. What protection does the hashing activity provide?
answer
Integrity
question
Which of the following is an example of an internal threat?
+A server backdoor allows an attacker on the Internet to gain access to the intranet site
+A water pipe in the server room breaks
+A delivery man is able to walk into a controlled area and steals a laptop
+A user accidentally deletes the new product designs
answer
A user accidentally deletes the new product designs
question
What is the greatest threat to the confidentiality of data in most secure organizations?
answer
USB devices
question
Which of the following is the correct definition of a threat?
+Instance of being exposed to losses from an attacker
+Absence or weakness of a safeguard that could be exploited
+The likelihood of an attack taking advantage of a vulnerability
+Any potential danger to the confidentiality, integrity, or availability of information or systems
answer
+Any potential danger to the confidentiality, integrity, or availability of information or systems
question
Which of the following is an example of a vulnerability?
+Misconfigured server
+Virus infection
+Denial of service attack
+Unauthorized access to confidential resources
answer
+Misconfigured server
question
Which of the following is not a valid concept to associate with integrity?
+Ensure your systems record the real information when collecting data
+Prevent the unauthorized change of data
+Protect your environment so it maintains the highest source of truth
+Control access to resources to prevent unwanted access
answer
+Control access to resources to prevent unwanted access
question
When a cryptographic system is used to protect the confidentiality of data, what is actually protected?
+Unauthorized users are prevented from viewing or accessing the resource
+The data is available for access whenever authorized users need it
+The encrypted data is restricted from being transmitted
+The data is protected from corruption or change
answer
+Unauthorized users are prevented from viewing or accessing the resource
question
By definition, which security concept uses the ability to prove that a sender sent an encrypted message?
answer
Non-repudiation
question
The company network is protected by a firewall, an IDS, and tight access controls. All of the files on this protected network are copied to tape every 24 hours. The backup solution imposed on this network is designed to provide protection for what security service
answer
Availability
Haven't found what you need?
Search for quizzes and test answers now
Quizzes.studymoose.com uses cookies. By continuing you agree to our cookie policy
