Your Answers:
1.5 / 1.5 points
What was the primary lesson learned from the Slammer worm?
1.5 / 1.5 points
Criminal activity on the Internet, at its most basic, is quite different from criminal activity in the physical world.
1.5 / 1.5 points
What name was given to the advanced persistent threat (APT) style spy network responsible for bugging the Dalai Lama’s office?
1.5 / 1.5 points
Most current ransomware attacks use a hybrid encrypting scheme, locking the files on a victim’s computer until a ransom is paid.
1.5 / 1.5 points
True zero-day vulnerabilities are used often and quickly because once used, they will be patched.
1.5 / 1.5 points
Which suspected nation-state malware platform poses interest because of its stealth, its complexity, and its ability to hide its command and control network from investigators?
1.5 / 1.5 points
Which term refers to an attack conducted against a site with software that is vulnerable to a specific exploit?
1.5 / 1.5 points
In many early cases of computer crime, the perpetrator of the crime intended to cause damage to the computer.
1.5 / 1.5 points
Which Internet criminal is famous for conducting his attacks using a number of different “tools” and techniques, including social engineering, sniffers, and cloned cellular telephones?
1.5 / 1.5 points
When internal threat actors pursue their attacks, they have an additional step to take: the establishment of access to the system under attack.
1.5 / 1.5 points
Which term refers to the design and operation of elements to ensure the proper functional environment of a system?
1.5 / 1.5 points
What concept allows us to understand the relationship between prevention, detection, and response?
1.5 / 1.5 points
Which security model uses transactions as the basis for its rules?
1.5 / 1.5 points
Which security model developed in the late 1970s addresses integrity?
1.5 / 1.5 points
Which term describes a means of separating the operation of an application from the rest of the operating system?
1.5 / 1.5 points
Which term refers to making different layers of security dissimilar so that even if attackers know how to get through a system that comprises one layer, they may not know how to get through a different type of layer that employs a different system for security?
1.5 / 1.5 points
Because of the nature of trust and its high-risk opportunity, the sage advice is to develop and maintain a culture embracing trust.
1.5 / 1.5 points
Which security concept uses the approach of protecting something by hiding it?
1.5 / 1.5 points
Implicit deny applies to situations involving both authorization and access.
1.5 / 1.5 points
Which security principle is characterized by the use of multiple, different defense mechanisms with a goal of improving the defensive response to an attack?
Your Answers:
1.5 / 1.5 points
Because of malware’s nefarious purpose, there is no criminal distinction between the writers of malware and those who release malware.
1.5 / 1.5 points
What name was given to an intellectual property attack executed against oil, gas, and petrochemical companies in the United States?
1.5 / 1.5 points
Today, the data stored and processed by computers is almost always more valuable than the hardware.
0 / 1.5 points
True zero-day vulnerabilities are used often and quickly because once used, they will be patched.
Correct Answer:False
1.5 / 1.5 points
Most current ransomware attacks use a hybrid encrypting scheme, locking the files on a victim’s computer until a ransom is paid.
1.5 / 1.5 points
What was the primary lesson learned from the Slammer worm?
1.5 / 1.5 points
Which term describes a category of attacks that generally are conducted over short periods of time (lasting at most a few months), involve a smaller number of individuals, have little financial backing, and are accomplished by insiders or outsiders who do not seek collusion with insiders?
1.5 / 1.5 points
One of the hardest threats that security professionals will have to address is that of the insider.
1.5 / 1.5 points
Who is considered to be the ultimate insider, with his name being synonymous with the insider threat issue?
1.5 / 1.5 points
How did the Slammer worm infect computer systems?
1.5 / 1.5 points
Which term is used when separation of privilege is applied to people?
0 / 1.5 points
Which term describes the process where individuals analyze the binaries for programs to discover embedded passwords or cryptographic keys?
Correct Answer:
Reverse-engineering
Feedback
Based on answering incorrectly
Page: 33
Difficulty: Medium
Difficulty: Medium
1.5 / 1.5 points
Because of the nature of trust and its high-risk opportunity, the sage advice is to develop and maintain a culture embracing trust.
1.5 / 1.5 points
Which term describes a means of separating the operation of an application from the rest of the operating system?
1.5 / 1.5 points
What are the policies of the Biba model?
1.5 / 1.5 points
Which equation describes the operational model of security?
1.5 / 1.5 points
What is one of the most fundamental principles in security?
1.5 / 1.5 points
Which security principle refers to the concept that each and every request should be verified?
1.5 / 1.5 points
What are the three operational tenets found in secure deployments?
1.5 / 1.5 points
The entity that implements a chosen security policy and enforces those characteristics deemed most important by the system designers is known as the __________.
Comments
Post a Comment