Exam (elaborations)
MISY 5325 QUIZ 1- 6 OF TEST KIT WITH COMPLETE QUESTIONS AND CORRECT ANSWERS GRADED A+
- Course
- Institution
MISY 5325 QUIZ 1- 6 OF TEST KIT WITH COMPLETE QUESTIONS AND CORRECT ANSWERS GRADED A+
[Show more]
Content preview
MISY 5325 QUIZ 1- 6 OF 2024- 2025 TESTKIT WITH COMPLETE QUESTIONS AND
CORRECT ANSWERS GRADED A+
QUIZ 1
Alice is an aspiring hacker. She wants to get information on
computer and network vulnerabilities and ways to exploit
applications. Which of the following is the best source? Correct
Answer Dark web
All of the following terms have the same meaning, except: Correct
Answer Internal network zone
Companies use risk assessment strategies to differentiate
___________ from _________. Correct Answer severe risks,
minor risks
Hajar is a security professional for a government contractor. Her
company recently hired three new employees for a special
project, all of whom have a security clearance for Secret data.
Rather than granting the employees access to all files and folders
in the data repository, she is granting them access only to the
data they need for the project. What principle is Hajar following?
Correct Answer Principle of need to know
Hardening a server refers to: Correct Answer the combination of
all the steps that it takes to protect a vulnerable system and make
it more secure than the default installation.
In which of the following domains does the IT infrastructure link to
a wide area network (WAN) and the Internet? Correct Answer
LAN-to-WAN Domain
,Isabella works as a risk specialist for her company. She wants to
determine which risks should be managed and which should not
by applying a test to each risk. Risks that don't meet the test are
accepted. What type of test does she apply? Correct Answer
Reasonableness test
Kevin is a disgruntled employee who was recently laid off from a
major technology company. He wants to launch an attack on the
company. Where might Kevin learn about vulnerabilities that he
can exploit? Correct Answer A blog
Total risk equals: Correct Answer threat × vulnerability × asset
value.
What are the elements of the security triad? Correct Answer
Confidentially, integrity, and availability
What can you control about threat/vulnerability pairs? Correct
Answer The vulnerability only
What is a major type of vulnerability for the User Domain? Correct
Answer Social engineering
What is a security policy? Correct Answer A high-level overview
of security goals
What is one source of risk reduction? Correct Answer Reducing
the impact of the loss
What is the practice of identifying, assessing, controlling, and
mitigating risks? Correct Answer Risk management
What is the primary reason to avoid risk? Correct Answer The
impact of the risk outweighs the benefit of the asset
, What is the primary security professionals automate some
processes? Correct Answer To reduce human error
Which of the following is a division of the U.S. Department of
Commerce and publishes the Risk Management Framework
(RMF) 800 special publication series Correct Answer National
Instittue of Standard and Technology (NIST)
Which of the following is best described as attackers who focus
on a specific target, have high levels of expertise, have almost
unlimited resources, and are often sponsored by nation-states or
terrorist groups? Correct Answer Advanced persistent threats
(APTs)
Which of the following is most likely to be warez? Correct Answer
A file on your computer of a new TV episode you downloaded for
free
Which of the following is not an example of unintentional threat?
Correct Answer A script kiddle writes and runs malware to "see
what it can do."
Which of the following is often the weakest link in IT security?
Correct Answer People
Which of the following statement is true? Correct Answer
Exploited vulnerabilities result in loses.
You are a top-level executive at your own company. You are
worried that your employees may steal confidential data by
downloading data onto thumb drives. What is the best way to
prevent this from happening? Correct Answer Create and enforce
a written company policy against the use of thumb drives and
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller wachiraMaureen. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $25.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
77851 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now
