Exam 17: Information Security: Barbarians at the Gateway and Just About Everywhere Else

The phrase __________________ refers to security schemes that automatically send one-time use representations of a credit card that can be received and processed by banking and transaction firms at the time of payment. They are in use in ApplePay and Android Wallet.

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

The use of public wireless connections can increase a user's vulnerability to monitoring and compromise. ____________ software can be used to encrypt transmissions over public networks, making it more difficult for a user's PC to be penetrated.

Technologies that measure and analyze human body characteristics for identification or authentication are known as _____.

The information systems of several firms have been compromised by insiders that can include contract employees, cleaning staff, and temporary staffers.

Which of the following are considered sources of information that can potentially be used by social engineers?

Which of these would be an example of a DDoS attack?

A protester seeking to make a political point by leveraging technology tools, often through system infiltration, defacement, or damage is called a(n) _____.

The term _____ originally referred to a particularly skilled programmer.

Describe briefly a few of the physical threats posed by hackers to information security with examples for each.

According to research firm Gartner, the majority of loss-causing security incidents involve the handiwork of international cyber-criminal gangs.

Attacks that exhaust all possible password combinations in order to break into an account are called _____ attacks.

Because of Moore's Law, widely-used encryption programs currently employed by banks and ecommerce sites are now easily penetrated by brute-force attacks that can be employed by hackers using just a handful of simple desktop computers.

What are the steps to be taken with respect to firm employees in order to ensure organizational security?

In security circles the phrase "compliance" refers to:

Describe briefly how technology can be leveraged to offset the attempts of attackers to undermine information security.

Which of the following is a valid statement on information security?

What are botnets and how are criminals using this technology?

Updates that plug existing holes in a software are called:

Several surprising findings were revealed in the wake of the Target breach, providing a cautionary tale for all executives and security professionals. Which of the following was thought to have occurred during the Target security breach? a. Target had security software, but the notification alerts from the software were ignored. b. Target had properly installed and configured its security software, but hackers got in, anyway. c. Credit card databases were on entirely separate systems, not connected to other parts of the firm's information system, but wireless networking allowed hackers to access anything reachable from a cell phone connection. d. Target regularly monitored file names and matched them to file sizes and archival copies to ensure that software was not installed on their systems using the names of legitimate products, but hackers saved files with blank file names so they wouldn't be detected. e. All of the above