Exam 17: Information Security: Barbarians at the Gateway and Just About Everywhere Else

Attacks that exhaust all possible password combinations in order to break into an account are called _____ attacks.

Worms require an executable (a running program) to spread, attaching to other executables.

Describe briefly a few of the physical threats posed by hackers to information security with examples for each.

Almost all security breaches can be traced back to technology lapses; personnel or procedural factors rarely factor in.

When using a public wireless network, using VPN software is not advisable as it can reveal your communications to any network eavesdroppers.

_____ can be either software-based or deployed via hardware, such as a recording "dongle" that is plugged in between a keyboard and a PC.

One of the reasons one should be careful about clicking on any URL in an e-mail is that hackers can easily embed a redirection in e-mail links, reroutiing a user to an alternate online destination.

Some of the most common guidelines issued by Web sites when designing a secure password include:

Several surprising findings were revealed in the wake of the Target breach, providing a cautionary tale for all executives and security professionals. Which of the following was not thought to have occurred during the Target security breach?

Web sites of reputed companies can also be sources of malware.

According to research firm Gartner, the majority of loss-causing security incidents involve the handiwork of international cyber-criminal gangs.

Online backup services are considered a poor choice for end-users, since this only increases the liklihood that an individual's data will be hacked.

Which of the following statements is consistent with ground realities regarding information security?

The use of public wireless connections can increase a user's vulnerability to monitoring and compromise. ____________ software can be used to encrypt transmissions over public networks, making it more difficult for a user's PC to be penetrated.

It's bad when a firm's e-mail and password file is stolen; however the impact is minimized because user passwords set up for one system cannot be used on others.

_____ refers to a term that either means breaking into a computer system or a particularly clever solution.

Which of the followings aspects of international law would enable a cyber-criminal operating across borders to evade prosecution?

A system that monitors network use for potential hacking attempts and takes preventative action to block, isolate, or identify attempted infiltration, and raise further alarms to warn security personnel is known as a(n):

A vast majority of security breaches are not preventable and happen despite the best security practices.

Regularly updated software lowers a system's vulnerable attack surface.