FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 25: B: Extension: A Information Security

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 51

Multiple Choice

Review LaterAdd Note

Review Later

Angela works for an identity protection company that maintains large amounts of sensitive customer information such as usernames, passwords, personal information, and social security numbers.Angela and a coworker decide to use the sensitive information to open credit cards in a few of her customer's names.This is a classic example of which of the following security breaches?

A) A social engineer
B) An insider
C) A spammer
D) A dumpster diver

E) A) and C)
F) A) and B)

Correct Answer

verified

Show Answer

Question 52

Multiple Choice

Review LaterAdd Note

Review Later

What is pharming?

A) A rerouting of requests for legitimate websites to false websites.
B) A technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as though they came from legitimate businesses.
C) A masquerading attack that combines spam with spoofing.
D) A phone scam that attempts to defraud people by asking them to call a bogus telephone number to "confirm" their account information.

E) A) and B)
F) A) and C)

Correct Answer

verified

Show Answer

Question 53

Multiple Choice

Review LaterAdd Note

Which of the following represents the three areas where technology can aid in the defense against information security attacks?

What is spear phishing?

What is the process that provides a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space?

Which of the following occurs when organizations use software that filters content, such as email, to prevent the accidental or malicious transmission of unauthorized information?

The goal of multifactor authentication is to make it difficult for an unauthorized person to gain access to a system because, if one security level is broken, the attacker will still have to break through additional levels.

Multifactor authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification).

What type of encryption technology uses multiple keys, one for public and one for private?

To decrypt information is to decode it and is the opposite of encrypt.

What decodes information?

What is a program that secretly takes over another computer for the purpose of launching attacks on other computers?

Organizations address security risks through two lines of defense.The first is people and the second is technology.

What requires more than two means of authentication such as what the user knows (password) , what the user has (security token) , and what the user is (biometric verification) ?

Working at a ski resort in the mountains has its own unique security issues.Kenny is the chief information officer for Sundance Ski Resort, and he is faced with both physical and information security threats every month.Since the resort implemented a new software system, they have been having larger number of threats and breaches of company information.He suspects that this may be the cause of an internal employee.He needs to clarify and establish what type of plan to help reduce further problems?

What is a method for confirming users' identities?

Janet is a financial aid counselor at a local community college and she shares an office with her three coworkers.Janet feels safe in her office environment and frequently leaves her username and password on a sticky note next to her computer.Without realizing it Janet is creating the potential for which type of information security breach to occur?

Describe the relationship between information security policies and an information security plan.

Which of the following authentication methods is 100 percent accurate?

Single-factor authentication is the traditional security process, which requires a user name and password.