Door 1
What term best describes any premeditated, politically motivated attack against information, computer systems, computer programs, and data that results in violence against noncombatant targets by subnational groups or clandestine agents?
A - Cyberterrorism
See Ch. 1: Introduction to Security, Section - Understanding the Importance of Information Security
In terms of C.I.A., what ensures that data is accessible to authorized users?
A - Availability
See Ch. 1: Introduction to Security, Section - Defining Information Security
When an attack is designed to prevent authorized users from accessing a system, it is called what kind of attack?
A - Denial of Service
See Ch. 5: Networking and Server Attacks, Section - Denial of Service (DoS)
What block cipher mode of operation uses the most basic approach where the plaintext is divided into blocks, and each block is then encrypted separately?
A - ECB (Electronic Code Book)
See Ch. 4: Advanced Cryptography and PKI, Section - Block Cipher Modes of Operation
This term represents a system of security tools that are used to recognize and identify data that is critical to the organization and ensure that it is protected?
A - Data Loss Prevention (DLP)
See Ch. 6: Network Security Devices, Design, and Technology, Section - Data Loss Prevention (DLP)
A virus that infects an executable program file is known as?
A - Program virus
See Ch. 2: Malware and Social Engineering Attacks, Section - Circulation
Name 2 types of attacks that are considered to be interception attacks?
A - Man-in-the-middle, Man-in-the-browser, replay
See Ch. 5: Networking and Server Attacks, Section - Interception
When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:
A - DNS
See Ch. 5: Networking and Server Attacks, Section - DNS Poisoning
Which type of DDoS attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer?
A - Smurf Attack
See Ch. 5: Networking and Server Attacks, Section - Denial of Service (DoS)
What type of trust model is used as the basis for most digital certificates used on the Internet?
A - Distributed Trust
See Ch. 4: Advanced Cryptography and PKI, Section - Trust Models
What are the two types of cross-site attacks?
A - Cross-site scripting attacks and cross-site request forgery attacks
See Ch. 5: Networking and Server Attacks, Section - Web Server Application Attacks
Where a virus needs users to spread, this type of malware spreads to other computers on the network by itself:
A - Worm
See Ch. 2: Malware and Social Engineering Attacks, Section - Circulation
What dedicated hardware device aggregates hundreds or thousands of VPN connections?
A - VPN concentrator
See Ch. 6: Network Security Devices, Design, and Technology, Section - Network Security Hardware
Which of the three C.I.A. protections ensures that only authorized parties can view information?
A - Confidentiality
See Ch. 1: Introduction to Security, Section - Defining Information Security
What type of certificates are self-signed?
A - Root digital certificates
See Ch. 4: Advanced Cryptography and PKI, Section - Types of Digital Certificates
Under which laws are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?
A - HIPAA
See Ch. 1: Introduction to Security, Section - Understanding the Importance of Information Security
What term best describes when cryptography is applied to entire disks instead of individual files or groups of files?
A - Full disk encryption
See Ch. 3: Basic Cryptography, Section - Encryption through Software
What data unit is associated with the Open Systems Interconnection layer two?
A - Frame
See Ch. 6: Network Security Devices, Design, and Technology, Section - Standard Network Devices
This term is used to describe a trusted third-party agency that is responsible for issuing digital certificates:
A - Certificate Authority (CA)
See Ch. 4: Advanced Cryptography and PKI, Section - Managing Digital Certificates
What process links several certificates together to establish trust between all the certificates involved?
A - Certificate chaining
See Ch. 4: Advanced Cryptography and PKI, Section - Types of Digital Certificates
An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:
A - Session hijacking
See Ch. 5: Networking and Server Attacks, Section - Hijacking
What type of ransomware was developed to block the user from accessing the computer and encrypts all the files on the user's device?
A - Crypto-malware
See Ch. 2: Malware and Social Engineering Attacks, Section - Infection
Name any 1 of the 5 fundamental security principles that should be implemented to defend against attacks.
A - Layering, Limiting, Diversity, Obscurity, or Simplicity
See Ch. 1: Introduction to Security, Section - Fundamental Security Principles
When a private network uses a single public IP address, and each outgoing TCP packet uses a different port to allow for proper translation, what networking technology is in use?
A - PAT (Port Address Translation)
See Ch. 6: Network Security Devices, Design, and Technology, Section - Network Security Hardware
The information protection item (C.I.A.) that ensures that information is correct and that no unauthorized person or malicious software has altered that data.
A - Integrity
See Ch. 1: Introduction to Security, Section - Defining Information Security