Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 11: Managing Information Security

Full screen (f)
exit full mode
Question
Hacker tools are becoming increasingly sophisticated and easier to use allowing hackers to outsmart the countermeasures used by companies to protect themselves.
Use Space or
up arrow
down arrow
to flip the card.
Question
A common profile of an insider criminal is a poor performance review.
Question
The trend in computer security is toward policy-based management.
Question
Identification services can prove that someone was the actual sender of a message.
Question
A malicious program can be housed inside an innocent program that appears to be helpful.
Question
The overarching goal of information security is to ensure data integrity, availability,
and confidentiality.
Question
Virtual Private Networks are hardware or software that controls access between networks.
Question
All business executives need to understand threats and countermeasures and continually fund security work to protect their businesses.
Question
Mobile computing and telecommuting actually decrease the possibility for cybercrime because the greater number of network openings provides more opportunities for law enforcement.
Question
Authentication is a means of providing proof of data transmission or receipt so that the occurrence of a transaction cannot later be refused.
Question
The Internet does not have intrinsic security protocols.
Question
Tunneling creates a temporary connection between to remote computer which blocks access to anyone trying to intercept messages sent over that link.
Question
The most expensive cybercrime are computer viruses.
Question
Nonrepudiation is moving toward application-level security, requiring authentication for each application a user wants to access.
Question
For digital signatures to work, a trusted third party must issue the keys to individuals and firms.
Question
A certificate is a mechanism to verify an identity on a computer system over a computer network.
Question
Vein-viewing technology can be used to replace signatures, keys, and passwords.
Question
Managing security refers to a comprehensive set of activities that develop, implement, direct, and monitor the organization's security strategy and activities.
Question
Computer attacks by insiders can be among the most expensive and most damaging security treats.
Question
Biometrics are the most widely used security technology.
Question
Which of the following areas are considered important to maintaining a safe computing environment?

A) Egress security
B) Facility security
C) Network security
D) All of the above
Question
To protect against hacking, companies install ______ which controls access between networks.

A) Virtual Private Networks
B) Encryption
C) firewalls
D) Intrusion detection
E) None of the above
Question
Security is often thought by many to be a(n):

A) business problem.
B) staff problem.
C) IT problem.
D) technological problem.
Question
________ remain the source of the largest financial losses.

A) Virus attacks
B) Denial of service attacks
C) Trojan horse attacks
D) Application vulnerabilities
Question
An estimation by the Computer Security Institute suggests that losses caused by insider attacks account for between________ percent of the entire organization's losses related to computer crimes.

A) 10 and 20
B) 30 and 50
C) 40 and 60
D) 20 and 80
Question
Which of the following hacker tricks involves placing oneself between two communicating parties and either substituting one's own information in place of one of the parties' information or denying one party access to a session?

A) Man-in-the-middle
B) Denial of service
C) Trojan horse
D) Network sniffing
Question
To protect against spoofing, firms need a way to:

A) authenticate the identity of an individual.
B) repudiate the identity of an individual.
C) dispute the identity of an individual.
D) All of the above
Question
The security technique that prevents parties from denying actions they have taken is known as:

A) Authentication
B) Nonrepudiation
C) Identification
D) Indemnification
E) None of the above
Question
Which of the following hacker tricks involves launching software that monitors all traffic looking for passwords or other valuable information?

A) Man-in-the-middle
B) Denial of service
C) Trojan horse
D) Network sniffing
Question
The most common public key encryption method is:

A) RSA
B) DES
C) AES
D) SSL
Question
The security technique used to protect systems against sniffing is called:

A) Virtual Private Networks
B) Encryption
C) firewalls
D) Intrusion detection
E) None of the above
Question
The core challenge of security management is:

A) finding the right balance between shielding the organization's main assets from potential harm.
B) finding the right balance between shielding the organization's main processes from potential harm.
C) enabling staff to do their jobs.
D) All of the above
Question
Business continuity is a(n):

A) business issue.
B) IT issue.
C) disaster recovery issue
D) All of the above
Question
Which of the following hacker tricks involves flooding a Web site, with so much useless traffic that the site becomes overwhelmed and freezes?

A) Man-in-the-middle
B) Denial of service
C) Trojan horse
D) Network sniffing
Question
The security technique that protects information from being seen is known as:

A) Authentication
B) Nonrepudiation
C) Identification
D) Indemnification
E) None of the above
Question
A common credit card fraud is called:

A) application fraud.
B) network fraud.
C) impersonation.
D) None of the above
Question
The top security concern among all organizations is:

A) computer viruses.
B) identity theft.
C) data theft.
D) password breachs.
Question
Which of the following strategies involves creating a culture for enforcing IT security?

A) Creating and communicating an enterprise software security framework.
B) Knowledge management training.
C) Assuring internal security policy and external regulator compliance.
D) Governance in the design and implementation process of system development or maintenance.
Question
Memory management, access to I/O devices, file management, and hardware configuration are all examples of:

A) Application security
B) Operating systems security
C) Network security
D) Middleware and Web services security
E) None of the above
Question
Defining security policies and then centrally managing and enforcing those policies via security management products and services is known as:

A) intrusion-based management.
B) policy-based management.
C) incident-based management.
D) None of the above
Question
List five steps that can be taken to protect from credit card fraud.
Question
Describe a VPN and how a VPN can be used for secure organizational communications.
Question
List five areas exposed to threats and vulnerabilities where security must be applied.
Question
List three requirements noted by Tucker associated with business continuity.
Question
Name five types of security threats.
Question
Describe the management/business issues around both business continuity and IT disaster recovery.
Question
List five fundamental pillars that make up all security countermeasures and techniques.
Question
What is a digital certificate?
Question
List four common profiles of an "insider" criminal.
Question
Describe three steps required for an organization to develop and information-centric security strategy.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 11: Managing Information Security
1
Hacker tools are becoming increasingly sophisticated and easier to use allowing hackers to outsmart the countermeasures used by companies to protect themselves.
True
2
A common profile of an insider criminal is a poor performance review.
False
3
The trend in computer security is toward policy-based management.
True
4
Identification services can prove that someone was the actual sender of a message.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
A malicious program can be housed inside an innocent program that appears to be helpful.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
The overarching goal of information security is to ensure data integrity, availability,
and confidentiality.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
Virtual Private Networks are hardware or software that controls access between networks.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
All business executives need to understand threats and countermeasures and continually fund security work to protect their businesses.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
Mobile computing and telecommuting actually decrease the possibility for cybercrime because the greater number of network openings provides more opportunities for law enforcement.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
Authentication is a means of providing proof of data transmission or receipt so that the occurrence of a transaction cannot later be refused.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
The Internet does not have intrinsic security protocols.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
Tunneling creates a temporary connection between to remote computer which blocks access to anyone trying to intercept messages sent over that link.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
The most expensive cybercrime are computer viruses.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
Nonrepudiation is moving toward application-level security, requiring authentication for each application a user wants to access.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
For digital signatures to work, a trusted third party must issue the keys to individuals and firms.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
A certificate is a mechanism to verify an identity on a computer system over a computer network.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
Vein-viewing technology can be used to replace signatures, keys, and passwords.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
Managing security refers to a comprehensive set of activities that develop, implement, direct, and monitor the organization's security strategy and activities.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
Computer attacks by insiders can be among the most expensive and most damaging security treats.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
Biometrics are the most widely used security technology.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
Which of the following areas are considered important to maintaining a safe computing environment?

A) Egress security
B) Facility security
C) Network security
D) All of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
To protect against hacking, companies install ______ which controls access between networks.

A) Virtual Private Networks
B) Encryption
C) firewalls
D) Intrusion detection
E) None of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
Security is often thought by many to be a(n):

A) business problem.
B) staff problem.
C) IT problem.
D) technological problem.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
________ remain the source of the largest financial losses.

A) Virus attacks
B) Denial of service attacks
C) Trojan horse attacks
D) Application vulnerabilities
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
An estimation by the Computer Security Institute suggests that losses caused by insider attacks account for between________ percent of the entire organization's losses related to computer crimes.

A) 10 and 20
B) 30 and 50
C) 40 and 60
D) 20 and 80
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
Which of the following hacker tricks involves placing oneself between two communicating parties and either substituting one's own information in place of one of the parties' information or denying one party access to a session?

A) Man-in-the-middle
B) Denial of service
C) Trojan horse
D) Network sniffing
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
To protect against spoofing, firms need a way to:

A) authenticate the identity of an individual.
B) repudiate the identity of an individual.
C) dispute the identity of an individual.
D) All of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
The security technique that prevents parties from denying actions they have taken is known as:

A) Authentication
B) Nonrepudiation
C) Identification
D) Indemnification
E) None of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
Which of the following hacker tricks involves launching software that monitors all traffic looking for passwords or other valuable information?

A) Man-in-the-middle
B) Denial of service
C) Trojan horse
D) Network sniffing
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
The most common public key encryption method is:

A) RSA
B) DES
C) AES
D) SSL
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
The security technique used to protect systems against sniffing is called:

A) Virtual Private Networks
B) Encryption
C) firewalls
D) Intrusion detection
E) None of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
The core challenge of security management is:

A) finding the right balance between shielding the organization's main assets from potential harm.
B) finding the right balance between shielding the organization's main processes from potential harm.
C) enabling staff to do their jobs.
D) All of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
Business continuity is a(n):

A) business issue.
B) IT issue.
C) disaster recovery issue
D) All of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
Which of the following hacker tricks involves flooding a Web site, with so much useless traffic that the site becomes overwhelmed and freezes?

A) Man-in-the-middle
B) Denial of service
C) Trojan horse
D) Network sniffing
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
The security technique that protects information from being seen is known as:

A) Authentication
B) Nonrepudiation
C) Identification
D) Indemnification
E) None of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
A common credit card fraud is called:

A) application fraud.
B) network fraud.
C) impersonation.
D) None of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
The top security concern among all organizations is:

A) computer viruses.
B) identity theft.
C) data theft.
D) password breachs.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
Which of the following strategies involves creating a culture for enforcing IT security?

A) Creating and communicating an enterprise software security framework.
B) Knowledge management training.
C) Assuring internal security policy and external regulator compliance.
D) Governance in the design and implementation process of system development or maintenance.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
Memory management, access to I/O devices, file management, and hardware configuration are all examples of:

A) Application security
B) Operating systems security
C) Network security
D) Middleware and Web services security
E) None of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
Defining security policies and then centrally managing and enforcing those policies via security management products and services is known as:

A) intrusion-based management.
B) policy-based management.
C) incident-based management.
D) None of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
List five steps that can be taken to protect from credit card fraud.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
Describe a VPN and how a VPN can be used for secure organizational communications.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
List five areas exposed to threats and vulnerabilities where security must be applied.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
List three requirements noted by Tucker associated with business continuity.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
Name five types of security threats.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
Describe the management/business issues around both business continuity and IT disaster recovery.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
List five fundamental pillars that make up all security countermeasures and techniques.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
What is a digital certificate?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
List four common profiles of an "insider" criminal.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
Describe three steps required for an organization to develop and information-centric security strategy.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree