Exam (elaborations)
Information Security And Assurance - C725: Questions With Solutions (Detailed)
- Course
- Institution
Information Security And Assurance - C725: Questions With Solutions (Detailed)
[Show more]
Content preview
Information Security And Assurance - C725: QuestionsWith Solutions (Detailed)
Which social engineering attack tricks someone into downloading a fake patch
that allows a hacker to compromise a system? Right Ans - Malicious
software updateS trick an end user to download a fake patch that allows a
hacker to compromise a system.
Which social engineering attack is based on a user pretending to be someone
else to elicit information from a victim? Right Ans - Impersonation is a
human-based social engineering attack where a person pretends to be
someone else to elicit information from a victim.
Information security is primarily a discipline to manage the behavior of _____.
Right Ans - People
Careers in information security are booming because of which of the following
factors? Right Ans - Threats of cyberterrorism, Government regulations,
Growth of the Internet
Which of the following best represents the three objectives of information
security? Right Ans - Confidentiality, integrity, and availability
A program for information security should include which of the following
elements? Right Ans - Intentional attacks only
The growing demand for InfoSec specialists is occurring predominantly in
which of the following types of organizations? Right Ans - Government,
Corporations, Not-for-profit foundations
Which college curriculum is more appropriate for a career in information
security? Right Ans - Computer information sciences and Business
administration
What is meant by the phrase "the umbrella of information security"? Right
Ans - IS incorporates many different pursuits and disciplines.
,The formal study of information security has accelerated primarily for what
reason? Right Ans - Increasingly interconnected global networks
Which of the following would make an individual seeking a career in
information security more marketable? Right Ans - CISSP, GIAC, and
evaluating virus-protection software on a home computer
A career in information security... Right Ans - has better job growth outlook
than other areas within IT
A sound information security policy... Right Ans - A sound information
security policy is a balance between the cost of protecting information and the
value of the information being protected.
Which of the following topics are part of an information security practice?
Right Ans - Laws, ethical practices, access controls, and security architecture
Which of the following roles helps development teams meet security
requirements? Right Ans - Security consultants
Who is responsible for ensuring that systems are auditable and protected
from excessive privileges? Right Ans - Security administrators
What role(s) is responsible for ensuring that third-party suppliers and
outsourced functions remain in security compliance? Right Ans - Vendor
managers
What represents the three goals of information security? Right Ans - CIA
triad
Best describes the assurance that data has not been changed unintentionally
due to an accident or malice Right Ans - integrity
Related to information security, confidentiality is the opposite of Right Ans
- disclosure
The CIA triad is often represented by Right Ans - triangle
, Defense in depth is needed to ensure that which three mandatory activities
are present in a security system? Right Ans - prevention, detection, and
response
The weakest link in any security system is Right Ans - the process and
human element
the two types of IT security requirements Right Ans - Functional and
assurance
Security functional requirements describe Right Ans - What a security
system should do by design
Security assurance requirements describe Right Ans - how to test the
system.
the probability that a threat to an information system will materialize?
Right Ans - Risk
best describes the absence of weakness in a system that may possibility be
exploited? Right Ans - Vulnerability
Controls are implemented... Right Ans - to eliminate risk and eliminate the
potential loss
best describes a cookbook on how to take advantage of a vulnerability
Right Ans - Exploit
Three types of security controls Right Ans - People, Processes, and
Technology
Process controls for IT security include Right Ans - assignment of roles for
least privilege, separation of duties, and documented procedures
How many keys are used in asymmetric encryption? Right Ans - two keys
are used to encrypt and decrypt a message
Symmetric Cryptography Right Ans - The same key is used to lock and
unlock the cipher
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Zendaya. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $8.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
79373 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now
