Chat with AI
Deck 4: Information Security and Controls
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/11
Play
Full screen (f)
Deck 4: Information Security and Controls
1
_____ can be used to create strong passwords that are easy to remember.
A) Mnemonics
B) Passphrases
C) Birthdates
D) Numbers
A) Mnemonics
B) Passphrases
C) Birthdates
D) Numbers
B
2
Whereas phishing attacks are ____ , denial of service attacks are ____.
A) remote attacks requiring user action, remote attacks requiring no user action
B) remote attacks requiring no user action, attacks by a programmer developing a system
C) remote attacks requiring no user action, remote attacks requiring user action
D) Distributed remote attacks requiring user action, attacks by a programmer developing a system
A) remote attacks requiring user action, remote attacks requiring no user action
B) remote attacks requiring no user action, attacks by a programmer developing a system
C) remote attacks requiring no user action, remote attacks requiring user action
D) Distributed remote attacks requiring user action, attacks by a programmer developing a system
A
3
Which of the following can be classified as unintentional threats to information systems caused by human errors?
A) Selecting a weak password
B) Revealing your password
C) Leaking company data to others
D) Both (a) and (b)
E) None of the above
A) Selecting a weak password
B) Revealing your password
C) Leaking company data to others
D) Both (a) and (b)
E) None of the above
A
4
An information system's ____ is the likelihood that the system or resource will be compromised by a ____ that will result in its ____ to further attacks.
A) Vulnerability, threat, exposure
B) Vulnerability, security, threat
C) Threat, vulnerability, liability
D) Threat, vulnerability, exposure
A) Vulnerability, threat, exposure
B) Vulnerability, security, threat
C) Threat, vulnerability, liability
D) Threat, vulnerability, exposure
Unlock Deck
Unlock for access to all 11 flashcards in this deck.
Unlock Deck
k this deck
5
Implementing controls to prevent threats from occurring and developing a recovery plan should the threats occur are two broad functions of
A) Risk mitigation.
B) Risk acknowledgement.
C) Risk acceptance.
D) All of the above.
A) Risk mitigation.
B) Risk acknowledgement.
C) Risk acceptance.
D) All of the above.
Unlock Deck
Unlock for access to all 11 flashcards in this deck.
Unlock Deck
k this deck
6
Buying health insurance is an example of risk ____, whereas going without is an example of risk _____.
A) transference, limitation
B) transference, acceptance
C) limitation, acceptance
D) limitation, transference
A) transference, limitation
B) transference, acceptance
C) limitation, acceptance
D) limitation, transference
Unlock Deck
Unlock for access to all 11 flashcards in this deck.
Unlock Deck
k this deck
7
Backup and recovery procedures are recommended only to safeguard against hardware/software failures.
Unlock Deck
Unlock for access to all 11 flashcards in this deck.
Unlock Deck
k this deck
8
Computer programs like CAPTCHA are used to counter
A) Hackers using key loggers.
B) Malware.
C) Hackers using screen scrappers.
D) Websites leaving cookies on the local machine.
A) Hackers using key loggers.
B) Malware.
C) Hackers using screen scrappers.
D) Websites leaving cookies on the local machine.
Unlock Deck
Unlock for access to all 11 flashcards in this deck.
Unlock Deck
k this deck
9
Making and distributing information goods to which you do not own the ___ is referred to as ____.
A) copyright, piracy
B) intellectual property, piracy
C) copyright, appropriation
D) intellectual property, theft
A) copyright, piracy
B) intellectual property, piracy
C) copyright, appropriation
D) intellectual property, theft
Unlock Deck
Unlock for access to all 11 flashcards in this deck.
Unlock Deck
k this deck
10
Access controls consist of ____, which confirms user identity, and ____, which determines user access levels.
A) access, privileges
B) authorization, privileges
C) authentication, authorization
D) passwords, privileges
A) access, privileges
B) authorization, privileges
C) authentication, authorization
D) passwords, privileges
Unlock Deck
Unlock for access to all 11 flashcards in this deck.
Unlock Deck
k this deck
11
An unintentional attack in which the perpetrator uses social skills to trick or manipulate a legitimate employee into providing confidential company information is known as:
A) Trespass.
B) Social engineering.
C) Identity theft.
D) Information extortion.
A) Trespass.
B) Social engineering.
C) Identity theft.
D) Information extortion.
Unlock Deck
Unlock for access to all 11 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 11 flashcards in this deck.
