Exam 3: Cyberattacks and Cybersecurity

Even when preventive measures are implemented, no organization is completely secure from a determined computer attack.

After virus eradication, you can use a previous backup to restore an infected computer.

Vishing frequently leads consumers to counterfeit Web sites designed to trick them into initiating a denial-of-service attack.

Often a successful attack on an information system is due to poor system design or implementation. Once such a vulnerability is discovered, software developers quickly create and issue which of the following, in order to eliminate the problem?

The intimidation of government or civilian population by using information technology to disable critical national infrastructure in order to achieve political, religious, or ideological goals is known as which of the following?

Define computer forensics and briefly describe how one may prepare for a role as a computer forensics investigator.

Malware that stops you from using your computer or accessing your data until you meet certain demands is known as which of the following?

A type of computer crime perpetrator whose primary motive is to achieve financial gain is known as which of the following?

Briefly explain why many organizations are choosing to outsource their network security operations to a managed security service provider (MSSP).

A business policy that permits employees to use their own mobile devices to access company computing resources and applications is known as which of the following?

Which of the following is a form of Trojan horse which executes when it is triggered by a specific event such as a change in a particular file, by typing a specific series of keystrokes, or by a specific time or date?

Many organizations use software to provide a comprehensive display of all key performance indicators related to an organization's security defenses, including threats, exposures, policy compliance, and incident alerts. What is this type of software known as?

The Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act states that it is legal to spam, provided the messages meet a few basic requirements.

Installation of a corporate firewall is the least common security precaution taken by businesses as it does not provide sufficient security.

Trojan horse has become an umbrella term for many types of malicious code.

The cost of creating an email campaign for a product or a service is typically more expensive and takes longer to conduct than a direct-mail campaign.

Bring your own device (BYOD) is a business policy that permits, and in some cases encourages, employees to use their own mobile devices (smartphones, tablets, or laptops) to access company computing resources and applications.

Which of the following concepts recognizes that managers must use their judgment to ensure that the cost of control does not exceed the system's benefits or the risks involved?

Whenever possible, automated system rules should mirror an organization's written policies.

Identify and briefly discuss five reasons why the number, variety, and impact of security incidents is increasing.