FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 17: Information Security: Barbarians at the Gateway and Just About Everywhere Else

Show Answer

Share

---

All types

Filters

Study Flashcards

Question 1

True/False

Review LaterAdd Note

Review Later

The term ISO 27000 refers to a series of standards representing the set of best practices for implementing, maintaining and improving organizational security.

Correct Answer

verified

Show Answer

Question 2

True/False

Review LaterAdd Note

Review Later

Conforming to industry-standard guidelines and frameworks for organizational security ensures continued immunity from attacks on an organization's information.

Correct Answer

verified

Show Answer

Question 3

True/False

Review LaterAdd Note

Because of Moore's Law, widely-used encryption programs currently employed by banks and ecommerce sites are now easily penetrated by brute-force attacks that can be employed by hackers using just a handful of simple desktop computers.

Organized crime networks now have their own R&D labs and are engaged in sophisticated development efforts to piece together methods to thwart current security measures.

One of the major problems with the Heartbleed bug in OpenSSL software is that:

Which of the following statements holds true for the term spoof?

A bank customer receives a message, ostensibly from the bank's Web site, asking her to provide her login information. Assuming the message is intended to defraud the customer, what type of infiltration technique is being used here?

Which of the following are considered sources of information that can potentially be used by social engineers?

Briefly explain the steps one should take to ensure that their highest priority accounts are not compromised easily by hackers.

_____ are highly restrictive programs that permit communication only with approved entities and/or in an approved manner.

A(n) _____ is someone who uncovers computer weaknesses and reveals them to manufacturers or system owners, without exploiting these vulnerabilities.

Computer systems are often infected with malware by means of exploits that sneak in masquerading as something they are not. These exploits are called:

A team working on organizational security should include representatives from general counsel, audit, public relations, and human resources, in addition to those from specialized security and broader technology and infrastructure functions.

A black hat hacker looks for weaknesses in security mechanisms, with a view to help plug the holes that might be exploited by cyber-criminals.

The virtual shutdown of websites by way of overloading them with seemingly legitimate requests sent simultaneously from thousands of machines is termed as _____ attacks.

Information security policies would be ineffective without _____ and _____.

URL-shortening services such as bit.ly limit the impact of phishing posts since the shortened URL will clearly reveal the destination arrived at when clicked on.

Multiple administrators jointly controlling key systems are an unnecessary burden that adds to the complexity of managing security in an organization.

Public wireless networks are often vulnerable to monitoring and attack. The use of _______ software can limit threats by encrypting network transmissions over a network.

What type of tool enforces access privileges and helps verify that systems are not being accessed by the unauthorized, or in suspicious ways?