Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 1: Introduction to Information Security

Full screen (f)
exit full mode
Question
A ____ attempts to protect internal systems from outside threats.

A) security perimeter
B) botnet
C) risk management strategy
D) buffer overflow
Use Space or
up arrow
down arrow
to flip the card.
Question
The ____ would typically NOT be a member of the security project team.

A) CIO
B) systems adminstrator
C) CISO
D) All of these could be a member of the security project team
Question
Acceptance is a viable solution only if the organization has evaluated the risk and determined that the implementation of additional controls or strategies is not justified, due to cost or other organizational issues.
Question
A virus that is embedded in the automatically executing scipts commonly found in word processors, spreadsheets, and database applications is called a ____.

A) worm
B) boot virus
C) Trojan horse
D) macro virus
Question
An individual who hacks the public telephone network to make free calls or disrupt services is called a ____.

A) phreaker
B) hactivist
C) packet monkey
D) cyberterrorist
Question
To make sound decisions about information security, management must be informed about the various threats facing the organization, its people, applications, data, and information systems.
Question
To achieve the maximum confidentiality and integrity found in a completely secure information system would require that the system not allow access (or availability) to anyone.
Question
According the to CSI/FBI Computer Crime and Security Survey, the most dominant type of attack for the last decade was ____.

A) insider abuse
B) denial of service
C) physical loss (theft)
D) malware infection
Question
The ____ is based on a model developed by the U.S.Committee on National Systems Security (CNSS).

A) TVA worksheet
B) C.I.A. triangle
C) McCumber Cube
D) man-in-the-middle attack
Question
A(n) ____ is a weakness or fault in the mechanisms that are intended to protect information and information assets from attack or damage.

A) threat
B) exploit
C) vulnerability
D) risk
Question
End users are ____.

A) not important to the security of an organization
B) a part of the security project team
C) all risk assessment specialists
D) often considered data custodians
Question
A(n) ____ attack is when a system is compromised and used to attack other systems.

A) direct
B) indirect
C) object
D) subject
Question
A data ____ might be a specifically identified role or part of the duties of a systems administrator.

A) owner
B) custodian
C) manager
D) user
Question
A(n) ____ is a category of object, person, or other entity that poses a potential risk of loss to an asset.

A) risk
B) exploit
C) threat
D) attack
Question
Brute force attacks are often successful against systems that have adopted the usual security practices recommended by manufacturers.
Question
When a computer is the ____ of an attack, it is used as an active tool to conduct the attack.

A) subject
B) victim
C) object
D) direction
Question
A majority of organizations use information systems primarily to support their strategic planning.
Question
____ means that information is free from mistakes or errors.

A) Accuracy
B) Availability
C) Confidentiality
D) Integrity
Question
____ refers to multiple layers of security controls and safeguards is called.

A) A DMZ
B) A security perimeter
C) Defense in depth
D) Layered redundancy
Question
The threat of ____ involves a malicious individual observing another's password by watching the victim while they are performing system login activities.

A) packet monkeys
B) intellectual property
C) shoulder surfing
D) script kiddies
Question
Attempting to determine a password that is not known to the attacker is often called ____.

A) brute force
B) hacking
C) cracking
D) spamming
Question
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Information remains whole, complete, and uncorrupted.
Question
____ is a technique used to gain unauthorized access to computers, wherein the attacker assumes or simulates an address that indicate to the victim that the messages are coming from the address of a trusted host.

A) Sniffing
B) Spoofing
C) Spamming
D) DDoS
Question
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Component in a system that allows the attacker to access the system at will, bypassing standard login controls.
Question
____ attacks may involve individuals posing as new employees or as current employees desperately requesting assistance to avoid getting fired.

A) Buffer overflow
B) Cracking
C) Social engineering
D) Spoofing
Question
The ____________________ is primarily responsible for advising the chief executive officer, president, or company owner on the strategic planning that affects the management of information in the organization.
Question
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Software programs that reveals its designed behavior only when activated.
Question
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Malicious program that replicates itself constantly.
Question
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Responsible for the storage, maintenance, and protection of the information.
Question
A(n) ____________________ is an application error that occurs when more data is sent to a buffer than it can handle.
Question
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Responsible for the security and use of a particular set of information.
Question
In a(n) ____________________ attack, the attacker monitors (or sniffs) packets from the network, modifies them using Internet Protocol spoofing techniques, and then inserts them back into the network.
Question
A prolonged increase in power is called a ____.

A) spike
B) surge
C) sag
D) fault
Question
In a ____ attack, the attacker sends a large number of connection or information requests to a target in an attempt to overwhelm its capacity and make it unavailable for legitimate users.

A) man-in-the-middle
B) sniffer
C) dictionary
D) denial-of-service (DoS)
Question
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Information is free from mistakes or errors.
Question
An organization will often create a network security ____________________, which defines the boundary between the outer limit of an organization's security and the beginning of the outside network.
Question
A ____ is an e-mail attack in which the attacker routes large quantities of e-mail to the target system hoping to overwhelm the target with so much irrelevant email that legitimate email cannot be used.

A) spam attack
B) mail bomb
C) sniffer
D) cracker
Question
The most common Intellectual Property breach is ____________________.
Question
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Information is protected from disclosure or exposure to unauthorized individuals or systems.
Question
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Involves operating an information system that meets the high level of availability sought by system users as well as the confidentiality and integrity needs of system owners and security professionals
Question
Describe the balance between information security and access.
Question
Provide an example of a social engineering attack.
Question
What is the role of the chief information security officer (CISO)?
Question
What is defense in depth?
Question
Describe a dictionary attack.
Question
Describe the importance of enabling the safe operation of applications.
Question
Describe the difference between direct and indirect attacks.
Question
Describe characteristic of utility as it relates to information.
Question
What are the responsibilities of a data custodian?
Question
What important organizational functions are performed by Information Security?
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 1: Introduction to Information Security
1
A ____ attempts to protect internal systems from outside threats.

A) security perimeter
B) botnet
C) risk management strategy
D) buffer overflow
A
2
The ____ would typically NOT be a member of the security project team.

A) CIO
B) systems adminstrator
C) CISO
D) All of these could be a member of the security project team
D
3
Acceptance is a viable solution only if the organization has evaluated the risk and determined that the implementation of additional controls or strategies is not justified, due to cost or other organizational issues.
True
4
A virus that is embedded in the automatically executing scipts commonly found in word processors, spreadsheets, and database applications is called a ____.

A) worm
B) boot virus
C) Trojan horse
D) macro virus
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
An individual who hacks the public telephone network to make free calls or disrupt services is called a ____.

A) phreaker
B) hactivist
C) packet monkey
D) cyberterrorist
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
To make sound decisions about information security, management must be informed about the various threats facing the organization, its people, applications, data, and information systems.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
To achieve the maximum confidentiality and integrity found in a completely secure information system would require that the system not allow access (or availability) to anyone.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
According the to CSI/FBI Computer Crime and Security Survey, the most dominant type of attack for the last decade was ____.

A) insider abuse
B) denial of service
C) physical loss (theft)
D) malware infection
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
The ____ is based on a model developed by the U.S.Committee on National Systems Security (CNSS).

A) TVA worksheet
B) C.I.A. triangle
C) McCumber Cube
D) man-in-the-middle attack
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
A(n) ____ is a weakness or fault in the mechanisms that are intended to protect information and information assets from attack or damage.

A) threat
B) exploit
C) vulnerability
D) risk
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
End users are ____.

A) not important to the security of an organization
B) a part of the security project team
C) all risk assessment specialists
D) often considered data custodians
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
A(n) ____ attack is when a system is compromised and used to attack other systems.

A) direct
B) indirect
C) object
D) subject
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
A data ____ might be a specifically identified role or part of the duties of a systems administrator.

A) owner
B) custodian
C) manager
D) user
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
A(n) ____ is a category of object, person, or other entity that poses a potential risk of loss to an asset.

A) risk
B) exploit
C) threat
D) attack
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
Brute force attacks are often successful against systems that have adopted the usual security practices recommended by manufacturers.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
When a computer is the ____ of an attack, it is used as an active tool to conduct the attack.

A) subject
B) victim
C) object
D) direction
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
A majority of organizations use information systems primarily to support their strategic planning.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
____ means that information is free from mistakes or errors.

A) Accuracy
B) Availability
C) Confidentiality
D) Integrity
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
____ refers to multiple layers of security controls and safeguards is called.

A) A DMZ
B) A security perimeter
C) Defense in depth
D) Layered redundancy
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
The threat of ____ involves a malicious individual observing another's password by watching the victim while they are performing system login activities.

A) packet monkeys
B) intellectual property
C) shoulder surfing
D) script kiddies
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
Attempting to determine a password that is not known to the attacker is often called ____.

A) brute force
B) hacking
C) cracking
D) spamming
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Information remains whole, complete, and uncorrupted.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
____ is a technique used to gain unauthorized access to computers, wherein the attacker assumes or simulates an address that indicate to the victim that the messages are coming from the address of a trusted host.

A) Sniffing
B) Spoofing
C) Spamming
D) DDoS
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Component in a system that allows the attacker to access the system at will, bypassing standard login controls.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
____ attacks may involve individuals posing as new employees or as current employees desperately requesting assistance to avoid getting fired.

A) Buffer overflow
B) Cracking
C) Social engineering
D) Spoofing
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
The ____________________ is primarily responsible for advising the chief executive officer, president, or company owner on the strategic planning that affects the management of information in the organization.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Software programs that reveals its designed behavior only when activated.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Malicious program that replicates itself constantly.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Responsible for the storage, maintenance, and protection of the information.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
A(n) ____________________ is an application error that occurs when more data is sent to a buffer than it can handle.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Responsible for the security and use of a particular set of information.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
In a(n) ____________________ attack, the attacker monitors (or sniffs) packets from the network, modifies them using Internet Protocol spoofing techniques, and then inserts them back into the network.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
A prolonged increase in power is called a ____.

A) spike
B) surge
C) sag
D) fault
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
In a ____ attack, the attacker sends a large number of connection or information requests to a target in an attempt to overwhelm its capacity and make it unavailable for legitimate users.

A) man-in-the-middle
B) sniffer
C) dictionary
D) denial-of-service (DoS)
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Information is free from mistakes or errors.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
An organization will often create a network security ____________________, which defines the boundary between the outer limit of an organization's security and the beginning of the outside network.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
A ____ is an e-mail attack in which the attacker routes large quantities of e-mail to the target system hoping to overwhelm the target with so much irrelevant email that legitimate email cannot be used.

A) spam attack
B) mail bomb
C) sniffer
D) cracker
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
The most common Intellectual Property breach is ____________________.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Information is protected from disclosure or exposure to unauthorized individuals or systems.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
Match each item with a statement below.
a.data custodian
b.Trojan horse
c.integrity
d.back door
e.balance
f.worm
g.accuracy
h.data owner
i.confidentiality
Involves operating an information system that meets the high level of availability sought by system users as well as the confidentiality and integrity needs of system owners and security professionals
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
Describe the balance between information security and access.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
Provide an example of a social engineering attack.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
What is the role of the chief information security officer (CISO)?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
What is defense in depth?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
Describe a dictionary attack.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
Describe the importance of enabling the safe operation of applications.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
Describe the difference between direct and indirect attacks.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
Describe characteristic of utility as it relates to information.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
What are the responsibilities of a data custodian?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
What important organizational functions are performed by Information Security?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree