Question 1 Marked out of 1.00
Which term is used when separation of privilege is applied to people?
- Security through obscurity
- Diversity of defense
- Separation of duties
Question 2 Marked out of 1.00
Which statement describes why social engineering is successful?
- People tend to forgo personal egos to better an organization.
- People have a basic desire to be helpful.
- People with a higher status may be coerced into providing information to those of lower status.
- People have a basic desire to withhold information for personal gain.
Question 3 Marked out of 1.00
The principle of open design holds that the protection of an object should rely upon secrecy of the protection mechanism itself.
Question 4 Marked out of 1.00
Which password is weakest?
Question 5 Marked out of 1.00
Which attack is an example of an advanced persistent threat (APT) first reported by Google, but also targeting Adobe, Yahoo, Juniper Networks, Rackspace, Symantec, and several major U.S. financial and industrial firms?
- Operation Aurora
- Operation Bot Roast
Question 6 Marked out of 1.00
The entity that implements a chosen security policy and enforces those characteristics deemed most important by the system designers is known as the
- CIA model
- Group policy
- Security model
- NIST Cyber Security Framework
Question 7 Marked out of 1.00
Which security model uses transactions as the basis for its rules?
- Simple Security
Question 8 Marked out of 1.00
What is the first step an administrator can take to reduce possible attacks?
- Install anti-spyware software.
- Ensure all patches for the operating system and applications are installed.
- Configure an intrusion detection system.
- Install a firewall.
Question 9 Marked out of 1.00
What condition is described by the van Eck phenomenon and studied under TEMPEST?
- Electromagnetic pulses destroying sensitive computer equipment
- Magnetic fields that interfere with signals crossing Local Area Network (LAN) cables
- Electromagnetic eavesdropping
- Piggybacking on electromagnetic communications
Question 10 Marked out of 1.00
In 2014, on how many different threat actors, including criminals, hactivists, state-sponsored groups, and nation states, did CrowdStrike report?
Question 11 Marked out of 1.00
The biggest change affecting computer security that has occurred over the last 30 years has been the transformation of the computing environment from a highly interconnected network of smaller systems to large mainframes.
Question 12 Marked out of 1.00
Which statement accurately describes how pharming is accomplished?
- The user is directed to a fake web site as a result of modification of local host files, which are used to convert URLs to the appropriate IP address.
- The attacker acts as a custodian and while watering the organization`s plants, he places cameras to record keystrokes.
- The attacker gathers prominent bits of information from the organization`s recycling/trash.
- The attacker attempts to engage the target in conversation and tries to evoke sympathy so that the target feels sorry for the individual and is more prone to provide information.
Question 13 Marked out of 1.00
What type of authentication mechanism is a fingerprint?
- Something you do
- Something you have
- Something you know
- Something about you
Question 14 Marked out of 1.00
Which statement identifies a good first step for companies to take to fight potential social engineering attacks?
- Buy the latest virus protection software and install on the systems.
- Establish policies and procedures dictating the roles and responsibilities all users, as well as security administrators.
- Conduct background checks on all contractors, consultants, delivery persons, and partners that may have access to the facilities.
- Monitor all phone calls and check logs on a daily basis.
Question 15 Marked out of 1.00
In many early cases of computer crime, the perpetrator of the crime intended to cause damage to the computer.
Question 16 Marked out of 1.00
Which cell phone network component consists of antennas, receivers, transmitters, and amplifiers?
- The base stations
- The wires carrying the signal
- The phones themselves
- The hardware and software that allows communication
Question 17 Marked out of 1.00
What common password character combinations do users tend to use when creating passwords?
- Numbers only
- All capital letters
- Passwords that are too long
- Names of family, pets, or teams
Question 18 Marked out of 1.00
Which Internet criminal is famous for conducting his attacks using a number of different tools and techniques, including social engineering, sniffers, and cloned cellular telephones?
- Kevin Mitnick
- Timothy Lloyd
- David Smith
- Robert Morris
Question 19 Marked out of 1.00
Which statement describes an advantage of using biometrics for physical access control?
- Biometrics are 100 percent effective.
- The individual always has the biometric in their possession.
- Hand geometry requires a fairly small device.
- Biometrics is a less sophisticated access control approach.
Question 20 Marked out of 1.00
Which term describes communication that is designed so that devices can talk directly with each other without having to go through a central device?
- Pass-thru communication
- Peer-to-peer communication
- Direct media communication
- Client-server communication
Question 21 Marked out of 1.00
Which term refers to the mechanisms used to ensure that physical access to computer
systems and networks is restricted to authorized users?
- Due diligence
- Physical security
- Intrusion detection system (IDS)
Question 22 Marked out of 1.00
TEMPEST is a program developed by the U.S. Department of Defense to protect equipment from the ill effects of weather and other natural disasters.
Question 23 Marked out of 1.00
For many years, the focus of security was on prevention.
Question 24 Marked out of 1.00
What is the most common authentication mechanism?
- Magnetic card strip
Question 25 Marked out of 1.00
Biometrics suffer from false positives and false negatives, making them less than 100 percent effective.