Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 11: Cybersecurity

Full screen (f)
exit full mode
Question
Most data thieves are professional criminals deliberately trying to steal information they can turn into cash.
Use Space or
up arrow
down arrow
to flip the card.
Question
________ relates to the laws and regulations to prevent, investigate, and prosecute cybercrimes.
Question
________ refers to rummaging through garbage for discarded documents or digital media.
Question
Match the legislation to the description

-Federal Information Security Management Act (FISMA)

A)This legislation requires organizations that handle credit and debit card data to meet cybersecurity requirements to safeguard the data.
B)Frank-Dodd Wall Street Reform and Consumer Protection Act
C)This legislation requires each federal agency to develop, document, and implement an agency-wide information security program.
D)This legislation requires proper internal control, including information security and controls.
E)Federal Privacy Act of 1974
F)This legislation requires financial institutions to provide customers with privacy notices and prohibits the institutions from sharing customer information with nonaffiliated third parties.
Question
Match the legislation to the description

-Sarbanes-Oxley (SOX)

A)This legislation requires organizations that handle credit and debit card data to meet cybersecurity requirements to safeguard the data.
B)Frank-Dodd Wall Street Reform and Consumer Protection Act
C)This legislation requires each federal agency to develop, document, and implement an agency-wide information security program.
D)This legislation requires proper internal control, including information security and controls.
E)Federal Privacy Act of 1974
F)This legislation requires financial institutions to provide customers with privacy notices and prohibits the institutions from sharing customer information with nonaffiliated third parties.
Question
Phishing involves attempts to obtain passwords by sniffing messages sent between computers on the network.
Question
Successful data breaches never involves multiple means of attach.
Question
Cybersecurity combines people, processes, and technology to continually monitor vulnerabilities and respond proactively to secure the system.
Question
Personal data, such as home address and credit card number, are stored on hotel card keys.
Question
________ developed the 10-domain Common Body of Knowledge (CBK)for IT security and controls.
Question
________ involves collecting, examining, and preserving evidence of cybercrimes.
Question
List the 10 domains that comprise the 10-domain Common Body of Knowledge (CBK).
Question
Match the legislation to the description

-Gramm-Leach-Bliley Act

A)This legislation requires organizations that handle credit and debit card data to meet cybersecurity requirements to safeguard the data.
B)Frank-Dodd Wall Street Reform and Consumer Protection Act
C)This legislation requires each federal agency to develop, document, and implement an agency-wide information security program.
D)This legislation requires proper internal control, including information security and controls.
E)Federal Privacy Act of 1974
F)This legislation requires financial institutions to provide customers with privacy notices and prohibits the institutions from sharing customer information with nonaffiliated third parties.
Question
Match the legislation to the description

-Payment Card Industry Data Security Standards

A)This legislation requires organizations that handle credit and debit card data to meet cybersecurity requirements to safeguard the data.
B)Frank-Dodd Wall Street Reform and Consumer Protection Act
C)This legislation requires each federal agency to develop, document, and implement an agency-wide information security program.
D)This legislation requires proper internal control, including information security and controls.
E)Federal Privacy Act of 1974
F)This legislation requires financial institutions to provide customers with privacy notices and prohibits the institutions from sharing customer information with nonaffiliated third parties.
Question
While dumpster diving is unethical, it may not be illegal.
Question
________ are crimes connected to information assets and IT.
Question
Which of the following is NOT part of the 10 domains of cybersecurity?

A)Cryptography
B)Database security
C)Physical and environmental security
D)Access control
Question
Laws related to cybersecurity originate from legislation, regulations, and case law.
Question
Cybercrimes are crimes connected to what? (Select the best answer)

A)Information assets and IT
B)The financial services industry
C)Electronic payments
D)Electronic transfer of funds
Question
________ involves attempts to obtain passwords by sniffing messages sent between computers on the network.
Question
Provide example of how security and controls measures can be included in the planning, design, installation, and deployment phases of the SDLC.
Question
Which legislation requires financial institutions to provide customers with privacy notices and prohibits the institutions from sharing customer information with nonaffiliated third parties?

A)Federal Privacy Act of 1974
B)Sarbanes-Oxley
C)Gramm-Leach-Bliley Act
D)Computer Security Act of 1987
Question
Data ________ is a security principle that ensures data is accurate and reliable.
Question
Enterprise security architecture studies the enterprise architecture and business environment to develop an overall strategy and plan that best fits enterprise-specific needs.
Question
The Internet is a collection of many networks of various types, connecting different LANs
MANs, and WANs together.
Question
According to Verizon's 2012 Data Breach Investigations Report, what percentage of attacks were from activist groups?

A)63%
B)58%
C)52%
D)48%
Question
The information security principle integrity ensures that sensitive data at each point in information processing is secure and protected from unauthorized access.
Question
Wide area networks (WANs)cover a large geographic region, such as the lower Midwest.
Question
According to Verizon's 2012 Data Breach Investigations Report, what percentage of breaches were physical attacks, such as a stolen laptop?

A)10%
B)15%
C)23%
D)45%
Question
This security management principle ensures that sensitive data at each point in information processing is secure and protected from unauthorized access.

A)Confidentiality
B)Integrity
C)Private
D)Availability
Question
According to Verizon's 2012 Data Breach Investigations Report, what percentage of breaches were tied to organized criminal groups?

A)79%
B)65%
C)83%
D)58%
Question
In the government sector, unauthorized disclosure of data with this classification might be harmful to national security.

A)Sensitive But Unclassified
B)Top Secret
C)Confidential
D)Secret
Question
List and define information sensitivity classification for governmental sector.
Question
Which legislation requires organizations that handle credit and debit card data to meet cybersecurity requirements to safeguard data?

A)Computer Fraud and Abuse Act
B)Federal Information Security Management Act of 2002 (FISMA)
C)Economic Espionage Act of 1996
D)Payment Card Industries Data Security Standards (PCI-DDS)
Question
________ is a piece of computer hardware that extracts instructions and data and decodes and executes the instructions.
Question
List and describe three frameworks that provide a conceptual structure to address security and control.
Question
Which legislation requires each federal agency to develop, document, and implement an agency-wide information security program?

A)Employee Privacy Issues
B)Federal Information Security Management Act of 2002 (FISMA)
C)Computer Fraud and Abuse Act
D)Federal Privacy Act of 1974
Question
Bridges connect LANs of similar or different types to create an intranet.
Question
List and define the information sensitivity classifications for the private sector.
Question
It is the first day of your new job as an accounting intern. In the elevator on the way to your cubicle, a gentleman in the elevator (that you later learn is the controller of the company)says to you, "A salami attack." Shaking his head, he repeats, "It sounds more like someone being hit over the head with a sausage. It's just a small amount, so why should we care? You are our new intern, aren't you? Well, why don't you send me an email by this afternoon explaining what is a salami attack and why we should prevent them."
Question
Match the network protocol with the appropriate definition.

-Electronic data interchange (EDI)

A)A software program that provides message transportation services between sending and receiving computers
B)A software program commonly used to connect computers to create a LAN
C)A software program that provides routing services to messages transmitted over the Internet
D)A software program that allows the enterprise network to connect to the network of vendors and suppliers through proprietary lines
Question
What are the basic hardware components of a computer?
Question
Match the network protocol with the appropriate definition.

-Internet protocol (IP)

A)A software program that provides message transportation services between sending and receiving computers
B)A software program commonly used to connect computers to create a LAN
C)A software program that provides routing services to messages transmitted over the Internet
D)A software program that allows the enterprise network to connect to the network of vendors and suppliers through proprietary lines
Question
Which of the following network hardware are utility devices connected to the network for shared use?

A)Workstation computers
B)Server computers
C)Routing devices
D)Peripherals
Question
________ is a network used by external customers and/or suppliers.
Question
Security of the IT architecture should be considered in which phase of the system development life cycle (SDLC)?

A)All the phases
B)Design phase
C)Install phase
D)Build/purchase phase
Question
What is a microcomputer?

A)A computer with moderate computing power
B)A personal computer or laptop
C)A smart phone
D)A powerful, high-speed computer used for complex numerical calculations
Question
Which network protocol (software)allows the enterprise network to connect to the network of vendors and suppliers through proprietary lines?

A)Transport control protocol (TCP)
B)Ethernet protocol
C)Internet protocol (IP)
D)Electronic data interchange (EDI)
Question
________ firewall is a special type of firewall located on a server used to intercept and inspect all incoming messages prior to delivering them to the intended recipients.
Question
Match the network protocol with the appropriate definition.

-Ethernet protocol

A)A software program that provides message transportation services between sending and receiving computers
B)A software program commonly used to connect computers to create a LAN
C)A software program that provides routing services to messages transmitted over the Internet
D)A software program that allows the enterprise network to connect to the network of vendors and suppliers through proprietary lines
Question
Network cyberattacks typically target ________ because they offer access to the network.
Question
Securing computer architecture involves three rings of protection. What is in each ring? Provide examples.
Question
When application software is updated to fix an error or add a new feature, a section of coding called a ________ is inserted into the program.
Question
Telecommunications, networks, and the internet all relate to data transmission.
Question
Which of the following network hardware are typically personal computers and laptops connected to the network?

A)Workstation computers
B)Server computers
C)Routing devices
D)Peripherals
Question
Which network protocol (software)is commonly used to connect computers to create a LAN?

A)Internet protocol (IP)
B)Ethernet protocol
C)Electronic data interchange (EDI)
D)Transport control protocol (TCP)
Question
________ are types of computer hardware that capture data from various sources and move the data into main memory.
Question
In IT architecture security, what is NOT part of the software application ring?

A)Accounting software
B)Web browsers
C)Word processing applications
D)Relational database management system
Question
List and describe four types of network software protocols.
Question
Match the network protocol with the appropriate definition.

-Transport control protocol (TCP)

A)A software program that provides message transportation services between sending and receiving computers
B)A software program commonly used to connect computers to create a LAN
C)A software program that provides routing services to messages transmitted over the Internet
D)A software program that allows the enterprise network to connect to the network of vendors and suppliers through proprietary lines
Question
A ________ is a hardware device containing a password generator protocol that creates a new password each time the token is used.
Question
Which access control threat are programs or devices that examine traffic on the enterprise network?

A)Password attack
B)Network sniffer
C)Identify theft
D)Spoofing at log-on
Question
Which of the following is NOT a network access point?

A)Keyboard
B)Bridge
C)Computer
D)Router
Question
Which of the following firewalls destroys suspicious messages?

A)Low-level security firewall
B)Medium-level security firewall
C)High-level security firewall
D)Proxy firewall
Question
What is a honeypot and why is it used?
Question
Operations security refers to

A)Security for access to the enterprise system, including computers, networks, routers, and databases
B)Security for telecommunications, networks, and the Internet
C)The physical security of information technology components, such as hardware and software
D)Activities and procedures required to keep information technology running securely
Question
A user with specialized knowledge cannot use partial database access to gain full access to a database.
Question
________ are tiny pieces of programming code that install themselves on an infected computer called a Zombie.
Question
Which access control threat uses programs or devices that examine traffic on the enterprise network?

A)Network sniffers
B)Phishing
C)Identify theft
D)Spoofing at log-on
Question
The company where you work is opening offices in another state. Because the manager of the new office is determined to keep costs down, she does not want to purchase additional firewall software for the routers and bridges being installed behind the corporate firewall. The IT department has asked you for help. Prepare a memo explaining the need for additional firewalls.
Question
List and define five access control threats.
Question
Match the malware with the appropriate definition.

-Viruses

A)Code is disguised as a legitimate program, that can be downloaded and installed by users without realizing it is malware
B)A relatively small program that infects other application software by attaching to it and disrupting application function
C)Tiny piece(s)of programming code that install themselves on the infected computer called a Zombie
D)Similar to a virus except it does not need a host application to function or reproduce
E)Software executes when a specified event happens within the computer
Question
Physical security frameworks are useful to provide guidance on how to secure the physical facilities, grounds, and IT assets.
Question
Which of the following is NOT considered a deterrent to the physical access to corporate offices?

A)GPS tracking
B)Locked doors
C)Fences
D)Cameras
Question
What is the purpose of a physical security framework? Provide examples of physical security.
Question
The physical and environmental security domain addresses

A)Activities and procedures required to keep information technology running securely
B)The physical security of information technology components, such as hardware and software
C)Security for telecommunications, networks, and the Internet
D)Security for access to the enterprise system, including computers, networks, routers, and databases
Question
________ controls ensure that reports and messages reach intended recipients.
Question
IT security management responsibility includes

A)Developing contingency plans for virus attacks
B)Input/output controls
C)Maintaining security devices and software
D)Training to all employees to inform and educate them regarding security policies and procedures
Question
Which domain covers security for the electrical transmission of data through analog or digital transmission media?

A)Security architecture and design
B)Telecommunications
C)Application security
D)Cryptography
Question
Which authentication method involves analyzing the user's retina?

A)Single sign-on
B)Biometrics
C)Token device
D)Dynamic password
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/113
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 11: Cybersecurity
1
Most data thieves are professional criminals deliberately trying to steal information they can turn into cash.
True
2
________ relates to the laws and regulations to prevent, investigate, and prosecute cybercrimes.
Cyberlaw
3
________ refers to rummaging through garbage for discarded documents or digital media.
Dumpster diving
4
Match the legislation to the description

-Federal Information Security Management Act (FISMA)

A)This legislation requires organizations that handle credit and debit card data to meet cybersecurity requirements to safeguard the data.
B)Frank-Dodd Wall Street Reform and Consumer Protection Act
C)This legislation requires each federal agency to develop, document, and implement an agency-wide information security program.
D)This legislation requires proper internal control, including information security and controls.
E)Federal Privacy Act of 1974
F)This legislation requires financial institutions to provide customers with privacy notices and prohibits the institutions from sharing customer information with nonaffiliated third parties.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
5
Match the legislation to the description

-Sarbanes-Oxley (SOX)

A)This legislation requires organizations that handle credit and debit card data to meet cybersecurity requirements to safeguard the data.
B)Frank-Dodd Wall Street Reform and Consumer Protection Act
C)This legislation requires each federal agency to develop, document, and implement an agency-wide information security program.
D)This legislation requires proper internal control, including information security and controls.
E)Federal Privacy Act of 1974
F)This legislation requires financial institutions to provide customers with privacy notices and prohibits the institutions from sharing customer information with nonaffiliated third parties.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
6
Phishing involves attempts to obtain passwords by sniffing messages sent between computers on the network.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
7
Successful data breaches never involves multiple means of attach.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
8
Cybersecurity combines people, processes, and technology to continually monitor vulnerabilities and respond proactively to secure the system.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
9
Personal data, such as home address and credit card number, are stored on hotel card keys.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
10
________ developed the 10-domain Common Body of Knowledge (CBK)for IT security and controls.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
11
________ involves collecting, examining, and preserving evidence of cybercrimes.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
12
List the 10 domains that comprise the 10-domain Common Body of Knowledge (CBK).
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
13
Match the legislation to the description

-Gramm-Leach-Bliley Act

A)This legislation requires organizations that handle credit and debit card data to meet cybersecurity requirements to safeguard the data.
B)Frank-Dodd Wall Street Reform and Consumer Protection Act
C)This legislation requires each federal agency to develop, document, and implement an agency-wide information security program.
D)This legislation requires proper internal control, including information security and controls.
E)Federal Privacy Act of 1974
F)This legislation requires financial institutions to provide customers with privacy notices and prohibits the institutions from sharing customer information with nonaffiliated third parties.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
14
Match the legislation to the description

-Payment Card Industry Data Security Standards

A)This legislation requires organizations that handle credit and debit card data to meet cybersecurity requirements to safeguard the data.
B)Frank-Dodd Wall Street Reform and Consumer Protection Act
C)This legislation requires each federal agency to develop, document, and implement an agency-wide information security program.
D)This legislation requires proper internal control, including information security and controls.
E)Federal Privacy Act of 1974
F)This legislation requires financial institutions to provide customers with privacy notices and prohibits the institutions from sharing customer information with nonaffiliated third parties.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
15
While dumpster diving is unethical, it may not be illegal.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
16
________ are crimes connected to information assets and IT.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
17
Which of the following is NOT part of the 10 domains of cybersecurity?

A)Cryptography
B)Database security
C)Physical and environmental security
D)Access control
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
18
Laws related to cybersecurity originate from legislation, regulations, and case law.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
19
Cybercrimes are crimes connected to what? (Select the best answer)

A)Information assets and IT
B)The financial services industry
C)Electronic payments
D)Electronic transfer of funds
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
20
________ involves attempts to obtain passwords by sniffing messages sent between computers on the network.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
21
Provide example of how security and controls measures can be included in the planning, design, installation, and deployment phases of the SDLC.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
22
Which legislation requires financial institutions to provide customers with privacy notices and prohibits the institutions from sharing customer information with nonaffiliated third parties?

A)Federal Privacy Act of 1974
B)Sarbanes-Oxley
C)Gramm-Leach-Bliley Act
D)Computer Security Act of 1987
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
23
Data ________ is a security principle that ensures data is accurate and reliable.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
24
Enterprise security architecture studies the enterprise architecture and business environment to develop an overall strategy and plan that best fits enterprise-specific needs.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
25
The Internet is a collection of many networks of various types, connecting different LANs
MANs, and WANs together.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
26
According to Verizon's 2012 Data Breach Investigations Report, what percentage of attacks were from activist groups?

A)63%
B)58%
C)52%
D)48%
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
27
The information security principle integrity ensures that sensitive data at each point in information processing is secure and protected from unauthorized access.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
28
Wide area networks (WANs)cover a large geographic region, such as the lower Midwest.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
29
According to Verizon's 2012 Data Breach Investigations Report, what percentage of breaches were physical attacks, such as a stolen laptop?

A)10%
B)15%
C)23%
D)45%
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
30
This security management principle ensures that sensitive data at each point in information processing is secure and protected from unauthorized access.

A)Confidentiality
B)Integrity
C)Private
D)Availability
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
31
According to Verizon's 2012 Data Breach Investigations Report, what percentage of breaches were tied to organized criminal groups?

A)79%
B)65%
C)83%
D)58%
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
32
In the government sector, unauthorized disclosure of data with this classification might be harmful to national security.

A)Sensitive But Unclassified
B)Top Secret
C)Confidential
D)Secret
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
33
List and define information sensitivity classification for governmental sector.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
34
Which legislation requires organizations that handle credit and debit card data to meet cybersecurity requirements to safeguard data?

A)Computer Fraud and Abuse Act
B)Federal Information Security Management Act of 2002 (FISMA)
C)Economic Espionage Act of 1996
D)Payment Card Industries Data Security Standards (PCI-DDS)
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
35
________ is a piece of computer hardware that extracts instructions and data and decodes and executes the instructions.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
36
List and describe three frameworks that provide a conceptual structure to address security and control.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
37
Which legislation requires each federal agency to develop, document, and implement an agency-wide information security program?

A)Employee Privacy Issues
B)Federal Information Security Management Act of 2002 (FISMA)
C)Computer Fraud and Abuse Act
D)Federal Privacy Act of 1974
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
38
Bridges connect LANs of similar or different types to create an intranet.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
39
List and define the information sensitivity classifications for the private sector.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
40
It is the first day of your new job as an accounting intern. In the elevator on the way to your cubicle, a gentleman in the elevator (that you later learn is the controller of the company)says to you, "A salami attack." Shaking his head, he repeats, "It sounds more like someone being hit over the head with a sausage. It's just a small amount, so why should we care? You are our new intern, aren't you? Well, why don't you send me an email by this afternoon explaining what is a salami attack and why we should prevent them."
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
41
Match the network protocol with the appropriate definition.

-Electronic data interchange (EDI)

A)A software program that provides message transportation services between sending and receiving computers
B)A software program commonly used to connect computers to create a LAN
C)A software program that provides routing services to messages transmitted over the Internet
D)A software program that allows the enterprise network to connect to the network of vendors and suppliers through proprietary lines
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
42
What are the basic hardware components of a computer?
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
43
Match the network protocol with the appropriate definition.

-Internet protocol (IP)

A)A software program that provides message transportation services between sending and receiving computers
B)A software program commonly used to connect computers to create a LAN
C)A software program that provides routing services to messages transmitted over the Internet
D)A software program that allows the enterprise network to connect to the network of vendors and suppliers through proprietary lines
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
44
Which of the following network hardware are utility devices connected to the network for shared use?

A)Workstation computers
B)Server computers
C)Routing devices
D)Peripherals
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
45
________ is a network used by external customers and/or suppliers.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
46
Security of the IT architecture should be considered in which phase of the system development life cycle (SDLC)?

A)All the phases
B)Design phase
C)Install phase
D)Build/purchase phase
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
47
What is a microcomputer?

A)A computer with moderate computing power
B)A personal computer or laptop
C)A smart phone
D)A powerful, high-speed computer used for complex numerical calculations
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
48
Which network protocol (software)allows the enterprise network to connect to the network of vendors and suppliers through proprietary lines?

A)Transport control protocol (TCP)
B)Ethernet protocol
C)Internet protocol (IP)
D)Electronic data interchange (EDI)
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
49
________ firewall is a special type of firewall located on a server used to intercept and inspect all incoming messages prior to delivering them to the intended recipients.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
50
Match the network protocol with the appropriate definition.

-Ethernet protocol

A)A software program that provides message transportation services between sending and receiving computers
B)A software program commonly used to connect computers to create a LAN
C)A software program that provides routing services to messages transmitted over the Internet
D)A software program that allows the enterprise network to connect to the network of vendors and suppliers through proprietary lines
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
51
Network cyberattacks typically target ________ because they offer access to the network.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
52
Securing computer architecture involves three rings of protection. What is in each ring? Provide examples.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
53
When application software is updated to fix an error or add a new feature, a section of coding called a ________ is inserted into the program.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
54
Telecommunications, networks, and the internet all relate to data transmission.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
55
Which of the following network hardware are typically personal computers and laptops connected to the network?

A)Workstation computers
B)Server computers
C)Routing devices
D)Peripherals
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
56
Which network protocol (software)is commonly used to connect computers to create a LAN?

A)Internet protocol (IP)
B)Ethernet protocol
C)Electronic data interchange (EDI)
D)Transport control protocol (TCP)
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
57
________ are types of computer hardware that capture data from various sources and move the data into main memory.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
58
In IT architecture security, what is NOT part of the software application ring?

A)Accounting software
B)Web browsers
C)Word processing applications
D)Relational database management system
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
59
List and describe four types of network software protocols.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
60
Match the network protocol with the appropriate definition.

-Transport control protocol (TCP)

A)A software program that provides message transportation services between sending and receiving computers
B)A software program commonly used to connect computers to create a LAN
C)A software program that provides routing services to messages transmitted over the Internet
D)A software program that allows the enterprise network to connect to the network of vendors and suppliers through proprietary lines
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
61
A ________ is a hardware device containing a password generator protocol that creates a new password each time the token is used.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
62
Which access control threat are programs or devices that examine traffic on the enterprise network?

A)Password attack
B)Network sniffer
C)Identify theft
D)Spoofing at log-on
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
63
Which of the following is NOT a network access point?

A)Keyboard
B)Bridge
C)Computer
D)Router
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
64
Which of the following firewalls destroys suspicious messages?

A)Low-level security firewall
B)Medium-level security firewall
C)High-level security firewall
D)Proxy firewall
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
65
What is a honeypot and why is it used?
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
66
Operations security refers to

A)Security for access to the enterprise system, including computers, networks, routers, and databases
B)Security for telecommunications, networks, and the Internet
C)The physical security of information technology components, such as hardware and software
D)Activities and procedures required to keep information technology running securely
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
67
A user with specialized knowledge cannot use partial database access to gain full access to a database.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
68
________ are tiny pieces of programming code that install themselves on an infected computer called a Zombie.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
69
Which access control threat uses programs or devices that examine traffic on the enterprise network?

A)Network sniffers
B)Phishing
C)Identify theft
D)Spoofing at log-on
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
70
The company where you work is opening offices in another state. Because the manager of the new office is determined to keep costs down, she does not want to purchase additional firewall software for the routers and bridges being installed behind the corporate firewall. The IT department has asked you for help. Prepare a memo explaining the need for additional firewalls.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
71
List and define five access control threats.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
72
Match the malware with the appropriate definition.

-Viruses

A)Code is disguised as a legitimate program, that can be downloaded and installed by users without realizing it is malware
B)A relatively small program that infects other application software by attaching to it and disrupting application function
C)Tiny piece(s)of programming code that install themselves on the infected computer called a Zombie
D)Similar to a virus except it does not need a host application to function or reproduce
E)Software executes when a specified event happens within the computer
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
73
Physical security frameworks are useful to provide guidance on how to secure the physical facilities, grounds, and IT assets.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
74
Which of the following is NOT considered a deterrent to the physical access to corporate offices?

A)GPS tracking
B)Locked doors
C)Fences
D)Cameras
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
75
What is the purpose of a physical security framework? Provide examples of physical security.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
76
The physical and environmental security domain addresses

A)Activities and procedures required to keep information technology running securely
B)The physical security of information technology components, such as hardware and software
C)Security for telecommunications, networks, and the Internet
D)Security for access to the enterprise system, including computers, networks, routers, and databases
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
77
________ controls ensure that reports and messages reach intended recipients.
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
78
IT security management responsibility includes

A)Developing contingency plans for virus attacks
B)Input/output controls
C)Maintaining security devices and software
D)Training to all employees to inform and educate them regarding security policies and procedures
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
79
Which domain covers security for the electrical transmission of data through analog or digital transmission media?

A)Security architecture and design
B)Telecommunications
C)Application security
D)Cryptography
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
80
Which authentication method involves analyzing the user's retina?

A)Single sign-on
B)Biometrics
C)Token device
D)Dynamic password
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 113 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree