Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 9: Continued Assessment of Needs, Threats, and Solutions

Full screen (f)
exit full mode
Question
__________ occurs when the spoofer sets up a redirection of a domain name from its intended IP address destination to an alternative destination in order to gain access to sensitive information.

A)Spoofing
B)Pharming
C)Tampering
D)Repudiation.
Use Space or
up arrow
down arrow
to flip the card.
Question
It is important that the meetings conducted after a test not become a place to judge either processes or people but to __________.

A)determine success or failure
B)develop a test plan
C)determine what needs to be backed up
D)find facts
Question
Typically organizations conduct __________ analyses to determine where they stand with relation to their competitors or to the market as a whole.
Question
A type of attack waged on a network in an attempt to flood the network,thereby preventing legitimate access,is called a(n)__________ attack.
Question
What type of threat occurs when a Web page is faked to look exactly like a legitimate company's Web page?

A)Repudiation
B)Denial of Service
C)Tampering
D)Spoofing
Question
Any attack that gains someone information can result in that information being used to __________ others into revealing even more information to the hacker or to trusting that person with business to which they should not be a party.
Question
Although it is important to not assign blame for things that went badly,it is often beneficial to _________ to give kudos for things that went particularly well.
Question
Which of the following is a tool that not only exposes threats to an organization,but points out strengths as well?

A)Denial of Service
B)SWOT analysis
C)Threat tree
D)Repudiation
Question
What is the next vital step after a recovery test?

A)Decide where to place blame on the things that went wrong.
B)Meet as a team and discuss lessons learned.
C)Determine the order in which backups need to be restored.
D)All of the above.
Question
It may even be to an organization's benefit to schedule at least _________ dedicated to finding all the places where the system can be broken.

A)one recovery meeting that is
B)two recovery meetings that are
C)one test cycle that is
D)two test cycles that are
Question
The meetings about changes that need to be made should occur as soon as possible __________ the recovery test.
Question
Which threat analysis involves the use of backdoors?

A)Discoverable
B)Users/Systems Affected
C)Exploitable
D)Reproducible.
Question
Ideally,every threat should be addressed __________ as it is a gap,a place where your organization may find that it is in danger of a future disaster,or at the very least an emergency situation.
Question
It is often beneficial to the team to praise __________ achievements.

A)even minor
B)only major
C)only non-team members'
D)only team members'
Question
Which of the SWOT terms point out places where an organization might have core competencies or a competitive edge over the competition?

A)Strengths
B)Weaknesses
C)Opportunities
D)Threats
Question
What can be learned from a failed recovery test?

A)the time necessary for a full recovery
B)the list of possible disasters
C)the existence of forgotten applications that were not backed up
D)all of the above
Question
What usually follows the fact-finding meetings which follow a recovery,whether drill or real?

A)changes to the recovery plan
B)a completely new recovery plan
C)blame for failure is assigned as needed
D)a walk-through test
Question
Which of the following is a diagram showing a hierarchy of threats or vulnerabilities?

A)Threat tree
B)Spoofing
C)Denial of Service
D)Repudiation
Question
It is important,before the team has too long of a period of downtime to forget,that they meet at least once to discuss what was done well,what was done poorly,and what was _________
Question
Once you discover a threat at the recovery site which of the following is important to analyze?

A)Exploitable
B)Reproducible
C)Users/Systems Affected
D)Discoverable
Question
__________ in some operating systems are well known by some people,and they are more than capable of testing systems to see if one is open.
Question
Match between columns
Premises:
Responses:
Denial of Service
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Denial of Service
to interfere or meddle with in order to damage or corrupt
Denial of Service
ability of an organization to ensure the security and recoverability of their cryptographic keys
Denial of Service
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Denial of Service
tool that is useful in setting up the test for threats
Denial of Service
things that were done particularly well
Denial of Service
didn’t work as well as it should have
Denial of Service
can be used to make better use of resources
Denial of Service
situations that endanger the organization‘s security
Opportunities
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Opportunities
to interfere or meddle with in order to damage or corrupt
Opportunities
ability of an organization to ensure the security and recoverability of their cryptographic keys
Opportunities
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Opportunities
tool that is useful in setting up the test for threats
Opportunities
things that were done particularly well
Opportunities
didn’t work as well as it should have
Opportunities
can be used to make better use of resources
Opportunities
situations that endanger the organization‘s security
Spoofing
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Spoofing
to interfere or meddle with in order to damage or corrupt
Spoofing
ability of an organization to ensure the security and recoverability of their cryptographic keys
Spoofing
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Spoofing
tool that is useful in setting up the test for threats
Spoofing
things that were done particularly well
Spoofing
didn’t work as well as it should have
Spoofing
can be used to make better use of resources
Spoofing
situations that endanger the organization‘s security
Weaknesses
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Weaknesses
to interfere or meddle with in order to damage or corrupt
Weaknesses
ability of an organization to ensure the security and recoverability of their cryptographic keys
Weaknesses
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Weaknesses
tool that is useful in setting up the test for threats
Weaknesses
things that were done particularly well
Weaknesses
didn’t work as well as it should have
Weaknesses
can be used to make better use of resources
Weaknesses
situations that endanger the organization‘s security
Repudiation
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Repudiation
to interfere or meddle with in order to damage or corrupt
Repudiation
ability of an organization to ensure the security and recoverability of their cryptographic keys
Repudiation
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Repudiation
tool that is useful in setting up the test for threats
Repudiation
things that were done particularly well
Repudiation
didn’t work as well as it should have
Repudiation
can be used to make better use of resources
Repudiation
situations that endanger the organization‘s security
Tampering
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Tampering
to interfere or meddle with in order to damage or corrupt
Tampering
ability of an organization to ensure the security and recoverability of their cryptographic keys
Tampering
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Tampering
tool that is useful in setting up the test for threats
Tampering
things that were done particularly well
Tampering
didn’t work as well as it should have
Tampering
can be used to make better use of resources
Tampering
situations that endanger the organization‘s security
Threat Tree
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Threat Tree
to interfere or meddle with in order to damage or corrupt
Threat Tree
ability of an organization to ensure the security and recoverability of their cryptographic keys
Threat Tree
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Threat Tree
tool that is useful in setting up the test for threats
Threat Tree
things that were done particularly well
Threat Tree
didn’t work as well as it should have
Threat Tree
can be used to make better use of resources
Threat Tree
situations that endanger the organization‘s security
Threats
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Threats
to interfere or meddle with in order to damage or corrupt
Threats
ability of an organization to ensure the security and recoverability of their cryptographic keys
Threats
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Threats
tool that is useful in setting up the test for threats
Threats
things that were done particularly well
Threats
didn’t work as well as it should have
Threats
can be used to make better use of resources
Threats
situations that endanger the organization‘s security
Strengths
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Strengths
to interfere or meddle with in order to damage or corrupt
Strengths
ability of an organization to ensure the security and recoverability of their cryptographic keys
Strengths
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Strengths
tool that is useful in setting up the test for threats
Strengths
things that were done particularly well
Strengths
didn’t work as well as it should have
Strengths
can be used to make better use of resources
Strengths
situations that endanger the organization‘s security
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/22
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 9: Continued Assessment of Needs, Threats, and Solutions
1
__________ occurs when the spoofer sets up a redirection of a domain name from its intended IP address destination to an alternative destination in order to gain access to sensitive information.

A)Spoofing
B)Pharming
C)Tampering
D)Repudiation.
B
2
It is important that the meetings conducted after a test not become a place to judge either processes or people but to __________.

A)determine success or failure
B)develop a test plan
C)determine what needs to be backed up
D)find facts
D
3
Typically organizations conduct __________ analyses to determine where they stand with relation to their competitors or to the market as a whole.
SWOT
4
A type of attack waged on a network in an attempt to flood the network,thereby preventing legitimate access,is called a(n)__________ attack.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
5
What type of threat occurs when a Web page is faked to look exactly like a legitimate company's Web page?

A)Repudiation
B)Denial of Service
C)Tampering
D)Spoofing
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
6
Any attack that gains someone information can result in that information being used to __________ others into revealing even more information to the hacker or to trusting that person with business to which they should not be a party.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
7
Although it is important to not assign blame for things that went badly,it is often beneficial to _________ to give kudos for things that went particularly well.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
8
Which of the following is a tool that not only exposes threats to an organization,but points out strengths as well?

A)Denial of Service
B)SWOT analysis
C)Threat tree
D)Repudiation
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
9
What is the next vital step after a recovery test?

A)Decide where to place blame on the things that went wrong.
B)Meet as a team and discuss lessons learned.
C)Determine the order in which backups need to be restored.
D)All of the above.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
10
It may even be to an organization's benefit to schedule at least _________ dedicated to finding all the places where the system can be broken.

A)one recovery meeting that is
B)two recovery meetings that are
C)one test cycle that is
D)two test cycles that are
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
11
The meetings about changes that need to be made should occur as soon as possible __________ the recovery test.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
12
Which threat analysis involves the use of backdoors?

A)Discoverable
B)Users/Systems Affected
C)Exploitable
D)Reproducible.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
13
Ideally,every threat should be addressed __________ as it is a gap,a place where your organization may find that it is in danger of a future disaster,or at the very least an emergency situation.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
14
It is often beneficial to the team to praise __________ achievements.

A)even minor
B)only major
C)only non-team members'
D)only team members'
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
15
Which of the SWOT terms point out places where an organization might have core competencies or a competitive edge over the competition?

A)Strengths
B)Weaknesses
C)Opportunities
D)Threats
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
16
What can be learned from a failed recovery test?

A)the time necessary for a full recovery
B)the list of possible disasters
C)the existence of forgotten applications that were not backed up
D)all of the above
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
17
What usually follows the fact-finding meetings which follow a recovery,whether drill or real?

A)changes to the recovery plan
B)a completely new recovery plan
C)blame for failure is assigned as needed
D)a walk-through test
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
18
Which of the following is a diagram showing a hierarchy of threats or vulnerabilities?

A)Threat tree
B)Spoofing
C)Denial of Service
D)Repudiation
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
19
It is important,before the team has too long of a period of downtime to forget,that they meet at least once to discuss what was done well,what was done poorly,and what was _________
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
20
Once you discover a threat at the recovery site which of the following is important to analyze?

A)Exploitable
B)Reproducible
C)Users/Systems Affected
D)Discoverable
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
21
__________ in some operating systems are well known by some people,and they are more than capable of testing systems to see if one is open.
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
22
Match between columns
Premises:
Responses:
Denial of Service
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Denial of Service
to interfere or meddle with in order to damage or corrupt
Denial of Service
ability of an organization to ensure the security and recoverability of their cryptographic keys
Denial of Service
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Denial of Service
tool that is useful in setting up the test for threats
Denial of Service
things that were done particularly well
Denial of Service
didn’t work as well as it should have
Denial of Service
can be used to make better use of resources
Denial of Service
situations that endanger the organization‘s security
Opportunities
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Opportunities
to interfere or meddle with in order to damage or corrupt
Opportunities
ability of an organization to ensure the security and recoverability of their cryptographic keys
Opportunities
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Opportunities
tool that is useful in setting up the test for threats
Opportunities
things that were done particularly well
Opportunities
didn’t work as well as it should have
Opportunities
can be used to make better use of resources
Opportunities
situations that endanger the organization‘s security
Spoofing
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Spoofing
to interfere or meddle with in order to damage or corrupt
Spoofing
ability of an organization to ensure the security and recoverability of their cryptographic keys
Spoofing
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Spoofing
tool that is useful in setting up the test for threats
Spoofing
things that were done particularly well
Spoofing
didn’t work as well as it should have
Spoofing
can be used to make better use of resources
Spoofing
situations that endanger the organization‘s security
Weaknesses
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Weaknesses
to interfere or meddle with in order to damage or corrupt
Weaknesses
ability of an organization to ensure the security and recoverability of their cryptographic keys
Weaknesses
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Weaknesses
tool that is useful in setting up the test for threats
Weaknesses
things that were done particularly well
Weaknesses
didn’t work as well as it should have
Weaknesses
can be used to make better use of resources
Weaknesses
situations that endanger the organization‘s security
Repudiation
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Repudiation
to interfere or meddle with in order to damage or corrupt
Repudiation
ability of an organization to ensure the security and recoverability of their cryptographic keys
Repudiation
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Repudiation
tool that is useful in setting up the test for threats
Repudiation
things that were done particularly well
Repudiation
didn’t work as well as it should have
Repudiation
can be used to make better use of resources
Repudiation
situations that endanger the organization‘s security
Tampering
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Tampering
to interfere or meddle with in order to damage or corrupt
Tampering
ability of an organization to ensure the security and recoverability of their cryptographic keys
Tampering
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Tampering
tool that is useful in setting up the test for threats
Tampering
things that were done particularly well
Tampering
didn’t work as well as it should have
Tampering
can be used to make better use of resources
Tampering
situations that endanger the organization‘s security
Threat Tree
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Threat Tree
to interfere or meddle with in order to damage or corrupt
Threat Tree
ability of an organization to ensure the security and recoverability of their cryptographic keys
Threat Tree
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Threat Tree
tool that is useful in setting up the test for threats
Threat Tree
things that were done particularly well
Threat Tree
didn’t work as well as it should have
Threat Tree
can be used to make better use of resources
Threat Tree
situations that endanger the organization‘s security
Threats
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Threats
to interfere or meddle with in order to damage or corrupt
Threats
ability of an organization to ensure the security and recoverability of their cryptographic keys
Threats
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Threats
tool that is useful in setting up the test for threats
Threats
things that were done particularly well
Threats
didn’t work as well as it should have
Threats
can be used to make better use of resources
Threats
situations that endanger the organization‘s security
Strengths
one person or entity electronically masquerading as another by falsifying data, redirecting URLs, or redirecting messages to an alternative site
Strengths
to interfere or meddle with in order to damage or corrupt
Strengths
ability of an organization to ensure the security and recoverability of their cryptographic keys
Strengths
a type of attack waged on a network in an attempt to flood the network, thereby bringing the network to its knees
Strengths
tool that is useful in setting up the test for threats
Strengths
things that were done particularly well
Strengths
didn’t work as well as it should have
Strengths
can be used to make better use of resources
Strengths
situations that endanger the organization‘s security
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 22 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree