Question 1

Corruption of information can occur only while information is being stored.

Accepted Answer

A) True 
 B)False  False

Question 2

____________________are malware programs that hide their true nature,and reveal their designed behavior only when activated.

Accepted Answer

A)  Viruses 
B)  Worms 
C)  Spam 
D)  Trojan horses 
A)  Viruses 
B)  Worms 
C)  Spam 
D)  Trojan horses D

Question 3

Which of the following is the principle of management that develops,creates,and implements strategies for the accomplishment of objectives?

Accepted Answer

A)  leading 
B)  controlling 
C)  organizing 
D)  planning 
A)  leading 
B)  controlling 
C)  organizing 
D)  planning D

Question 4

What do audit logs that track user activity on an information system provide?

Accepted Answer

A)  identification 
B)  authorization 
C)  accountability 
D)  authentication 
A)  identification 
B)  authorization 
C)  accountability 
D)  authentication

Question 5

"Shoulder spying" is used in public or semi-public settings when individuals gather information they are not authorized to have by looking over another individual's shoulder or viewing the information from a distance._________________________

Accepted Answer

A) True 
 B)False

Question 6

A ____________________is an attack in which a coordinated stream of requests is launched against a target from many locations at the same time.

Accepted Answer

A)  denial-of-service 
B)  distributed denial-of-service 
C)  virus 
D)  spam 
A)  denial-of-service 
B)  distributed denial-of-service 
C)  virus 
D)  spam

Question 7

List and explain the four principles of management under the contemporary or popular management theory.Briefly define each.

Accepted Answer

Popular management theory,which categori

Question 8

List themeasures that are commonly used to protect the confidentiality of information.

Accepted Answer

Information classification 
Se

Question 9

What is authentication?Provide some examples.

Accepted Answer

Authentication is the process by which a

Question 10

The use of cryptographic certificates to establish Secure Sockets Layer (SSL)connections is an example of which process?

Accepted Answer

A)  accountability 
B)  authorization 
C)  identification 
D)  authentication 
A)  accountability 
B)  authorization 
C)  identification 
D)  authentication

Question 11

One form of e-mail attack that is also a DoS attack is called a mail spoof,in which an attacker overwhelms the receiver with excessive quantities of e-mail._________________________

Accepted Answer

A) True 
 B)False

Question 12

Communications security involves the protection of which of the following?.

Accepted Answer

A)  radio handsets 
B)  people, physical assets 
C)  the IT department 
D)  media, technology, and content 
A)  radio handsets 
B)  people, physical assets 
C)  the IT department 
D)  media, technology, and content

Question 13

A ____________ overflow is an application error that occurs when the system can't handle the amount of data that is sent.

Accepted Answer

The answer of A ____________ overflow is an application error...

Question 14

A momentary low voltage is called a(n)____________________.

Accepted Answer

The answer of A momentary low voltage is called a(n)____________________....

Question 15

DoS attacks cannot be launched against routers.

Accepted Answer

A) True 
 B)False

Question 16

There are 12 general categories of threat to an organization's people,information,and systems.List at least six of the general categories of threat and identify at least one example of those listed.

Accepted Answer

Compromises to intellectual property
 So

Question 17

In the____________________attack,an attacker monitors (or sniffs)packets from the network,modifies them,and inserts them back into the network.

Accepted Answer

A)  zombie-in-the-middle 
B)  sniff-in-the-middle 
C)  server-in-the-middle 
D)  man-in-the-middle 
A)  zombie-in-the-middle 
B)  sniff-in-the-middle 
C)  server-in-the-middle 
D)  man-in-the-middle

Question 18

ESD is the acronym for ____________________ discharge.

Accepted Answer

The answer of ESD is the acronym for ____________________ discharge....

Question 19

Discuss the planning element of information security.

Accepted Answer

Planning in InfoSec management is an ext

Question 20

Which type of attack involves sending a large number of connection or information requests to a target?

Accepted Answer

A)  malicious code 
B)  denial-of-service (DoS) 
C)  brute force 
D)  spear fishing 
A)  malicious code 
B)  denial-of-service (DoS) 
C)  brute force 
D)  spear fishing

Corruption of information can occur only while information is being stored.

____________________are malware programs that hide their true nature,and reveal their designed behavior only when activated.

Which of the following is the principle of management that develops,creates,and implements strategies for the accomplishment of objectives?

What do audit logs that track user activity on an information system provide?

"Shoulder spying" is used in public or semi-public settings when individuals gather information they are not authorized to have by looking over another individual's shoulder or viewing the information from a distance._________________________

A ____________________is an attack in which a coordinated stream of requests is launched against a target from many locations at the same time.

List and explain the four principles of management under the contemporary or popular management theory.Briefly define each.

List themeasures that are commonly used to protect the confidentiality of information.

What is authentication?Provide some examples.

The use of cryptographic certificates to establish Secure Sockets Layer (SSL)connections is an example of which process?

One form of e-mail attack that is also a DoS attack is called a mail spoof,in which an attacker overwhelms the receiver with excessive quantities of e-mail._________________________

Communications security involves the protection of which of the following?.

A ____________ overflow is an application error that occurs when the system can't handle the amount of data that is sent.

A momentary low voltage is called a(n)____________________.

DoS attacks cannot be launched against routers.

There are 12 general categories of threat to an organization's people,information,and systems.List at least six of the general categories of threat and identify at least one example of those listed.

In the____________________attack,an attacker monitors (or sniffs)packets from the network,modifies them,and inserts them back into the network.

ESD is the acronym for ____________________ discharge.

Discuss the planning element of information security.

Which type of attack involves sending a large number of connection or information requests to a target?

Compliance: Law and Ethics

Governance and Strategic Planning for Security

Information Security Policy

Developing the Security Program

Risk Management: Identifying and Assessing Risk

Risk Management: Controlling Risk

Security Management Models

Security Management Practices

Planning for Contingencies

Personnel and Security

Protection Mechanisms

Filters

Exam 1: Introduction to the Management of Information Security

Corruption of information can occur only while information is being stored.

____________________are malware programs that hide their true nature,and reveal their designed behavior only when activated.

Which of the following is the principle of management that develops,creates,and implements strategies for the accomplishment of objectives?

What do audit logs that track user activity on an information system provide?

"Shoulder spying" is used in public or semi-public settings when individuals gather information they are not authorized to have by looking over another individual's shoulder or viewing the information from a distance._________________________

A ____________________is an attack in which a coordinated stream of requests is launched against a target from many locations at the same time.

List and explain the four principles of management under the contemporary or popular management theory.Briefly define each.

List themeasures that are commonly used to protect the confidentiality of information.

What is authentication?Provide some examples.

The use of cryptographic certificates to establish Secure Sockets Layer (SSL)connections is an example of which process?

One form of e-mail attack that is also a DoS attack is called a mail spoof,in which an attacker overwhelms the receiver with excessive quantities of e-mail._________________________

Communications security involves the protection of which of the following?.

A ____________ overflow is an application error that occurs when the system can't handle the amount of data that is sent.

A momentary low voltage is called a(n)____________________.

DoS attacks cannot be launched against routers.

There are 12 general categories of threat to an organization's people,information,and systems.List at least six of the general categories of threat and identify at least one example of those listed.

In the____________________attack,an attacker monitors (or sniffs)packets from the network,modifies them,and inserts them back into the network.

ESD is the acronym for ____________________ discharge.

Discuss the planning element of information security.

Which type of attack involves sending a large number of connection or information requests to a target?

Compliance: Law and Ethics

Governance and Strategic Planning for Security

Information Security Policy

Developing the Security Program

Risk Management: Identifying and Assessing Risk

Risk Management: Controlling Risk

Security Management Models

Security Management Practices

Planning for Contingencies

Personnel and Security

Protection Mechanisms

Filters