Which domain of a typical IT infrastructure includes cabling, servers, and
wireless access points? Right Ans - LAN
Which law requires all types of financial institutions to protect customers?
private financial information? Right Ans - GLBA
You are calculating the availability of a server for the month of June. The total
possible uptime is 43,200 minutes. The actual downtime was 60 minutes.
What was the percentage of availability of the server? Right Ans - 99.86%
An AUP is part of a layered approach to security and it supports
confidentiality. What else supports confidentiality? Right Ans - Data
classification standard
Which of the following is the likelihood that something bad will happen to an
asset? Right Ans - Risk
Which of the following is considered a threat rather than a risk? Right Ans -
An earthquake
Which of the following is an action that could damage an asset? Right Ans -
Threat
In which domain of a typical IT infrastructure do service level agreements
(SLAs) figure prominently? Right Ans - WAN
Which of the following is a detailed written definition of how software and
hardware are to be used? Right Ans - Standard
Which of the following is not a common type of data classification standard?
Right Ans - Guideline
,the main goal of a cyberattack is to affect one or more IT assets.
True/False Right Ans - True
Which of the following best describes intellectual property? Right Ans -
The unique knowledge that a business possesses.
Which of the following terms best describe a person with very little skill?
Right Ans - Script kiddie
A _____ is a software tool that captures traffic as it travels. Right Ans -
Sniffer or Packet Sniffer
Which type of attacks result in legitimate users not having access to a system
resource? Right Ans - Denial of Service(DoS)
A SYN flood attack floods a target with invalid network packets.
TRUe/False Right Ans - False
WHich type of document defines unacceptable computer behavior? Right
Ans - AUP(Acceptable Use Policy)
Which of the following steps can best protect your computer from worms?
Right Ans - Installing antimalware software
A wardialer is a legacy tool no longer in use.
True/False Right Ans - False
A dictionary attack is a simple attack that primarily relies on users making
poor password choices.
True/False Right Ans - True
Which type of attack involves capturing data packets from a network and
transmitting them later to produce an unauthorized effect? Right Ans -
Replay
A(n) ____ is any action that could damage an asset. Right Ans - Threat
,A(n) ____ is any weakness that makes it possible for a threat to cause harm to a
computer or network. Right Ans - Vulnerability
Which type of malware is a self-Contained program that replicates and sends
copies to other computers, generally across a network? Right Ans - Worm
Which group is responsible for responding to any reported cyberattack?
Right Ans - Incident response team
Spyware gathers information about a user through an Internet connection,
without his or her knowledge. Right Ans - True
Barry discovers that an attacker is running an access point in a building
adjacent to his company. The access point is broadcasting the security set
identifier (SSID) of an open network owned by the coffee shop in his lobby.
Which type of attack is likely taking place? Right Ans - Evil twin
Which password attack is typically used specifically against password files
that contain cryptographic hashes? Right Ans - Birthday attacks
A phishing email is a fake or bogus email intended to trick the recipient into
clicking on an embedded URL link or opening an email attachment. Right
Ans - True
A birthday attack is a type of cryptographic attack that is used to make brute-
force attack of one-way hashes easier. Right Ans - True
A rootkit uses a directed broadcast to create a flood of network traffic for the
victim computer. Right Ans - False
Which type of attack involves the creation of some deception in order to trick
unsuspecting users? Right Ans - Fabrication
Vishing is a type of wireless network attack. Right Ans - False
A phishing attack "poisons" a domain name on a domain name server.
Right Ans - False
, Maria's company recently experienced a major system outage due to the
failure of a critical component. During that time period, the company did not
register any sales through its online site. Which type of loss did the company
experience as a result of lost sales? Right Ans - Opportunity cost
An attacker uses exploit software when wardialing. Right Ans - False
Which type of denial of service attack exploits the existence of software flaws
to disrupt a service? Right Ans - Logic attack
Using a secure logon and authentication process is one of the six steps used to
prevent malware. Right Ans - True
An attacker attempting to break into a facility pulls the fire alarm to distract
the security guard manning an entry point. Which type of social engineering
attack is the attacker using? Right Ans - Urgency
The anti-malware utility is one of the most popular backdoor tools in use
today. Right Ans - False
A dictionary password attack is a type of attack in which one person, program,
or computer disguises itself as another person, program, or computer to gain
access to some resource. Right Ans - False
Failing to prevent an attack all but invites an attack. Right Ans - True
The main difference between a virus and a worm is that a virus does not need
a host program to infect. Right Ans - False
Spam is some act intended to deceive or trick the receiver, normally in email
messages. Right Ans - False
Which group is the most likely target of a social engineering attack? Right
Ans - Receptionists and administrative assistants
Which type of attack against a web application uses a newly discovered
vulnerability that is not patchable? Right Ans - Zero-day attack
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller LeCrae. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $29.99. You're not tied to anything after your purchase.
