FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 2: The Need for Security

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 31

True/False

Review LaterAdd Note

Review Later

Much human error or failure can be prevented with effective training and ongoing awareness activities.

A) True
B) False

Correct Answer

verified

Show Answer

Question 32

True/False

Review LaterAdd Note

Review Later

When electronic information is stolen, the crime is readily apparent.

A) True
B) False

Correct Answer

verified

Show Answer

Question 33

True/False

Review LaterAdd Note

The malicious code attack includes the execution of viruses, worms, Trojan horses, and active Web scripts with the intent to destroy or steal information. _________________________

"4-1-9" fraud is an example of a ____________________ attack.

A(n) ____________________ is a potential risk to an information asset.

A worm requires that another program is running before it can begin functioning.

The ____________________ hijacking attack uses IP spoofing to enable an attacker to impersonate another entity on the network.

Describe the capabilities of a sniffer.

Which of the following functions does information security perform for an organization  

____  is any technology that aids in gathering information about a person or organization without their knowledge.

A mail bomb is a form of DoS attack.

Some information gathering techniques are quite legal-for example, using a Web browser to perform market research. These legal techniques are called, collectively, competitive ____________________.

Human error or failure often can be prevented with training, ongoing awareness activities, and ____________________.

In a ____________________ attack, the attacker sends a large number of connection or information requests to disrupt a target from a small number of sources.

A(n) ____________________ is a potential weakness in an asset or its defensive control(s).

The application of computing and network resources to try every possible combination of options of a password is called a dictionary attack. _________________________

One form of e-mail attack that is also a DoS attack is called a mail spoof, in which an attacker overwhelms the receiver with excessive quantities of e-mail. _________________________

Media as a subset of information assets are the systems and networks that store, process, and transmit information.

____________________ are malware programs that hide their true nature and reveal their designed behavior only when activated.

Organizations can use dictionaries to regulate password selection during the reset process and thus guard against easy-to-guess passwords.