Advertisement Upgrade to remove ads

security education

Within a SETA program, ____ is only available to some of the organization's employees.
A) security-related trinkets
B) security education
C) security training
D) security awareness programs

shoulder surfing

The threat of ____ involves a malicious individual observing another's password by watching the victim while they are performing system login activities.
A) packet monkeys
B) intellectual property
C) shoulder surfing
D) script kiddies

the Security Area Working Group

RFC 2196: Site Security Handbook is produced by ____.
A) the ISO
B) NIST
C) the Security Area Working Group
D) the Federal Agency Security Practices

denial-of-service (DoS)

In a ____ attack, the attacker sends a large number of connection or information requests to a target in an attempt to overwhelm its capacity and make it unavailable for legitimate users.
A) man-in-the-middle
B) sniffer
C) dictionary
D) denial-of-service (DoS)

McCumber Cube

The ____ is based on a model developed by the U.S. Committee on National Systems Security (CNSS).
A) TVA worksheet
B) C.I.A. triangle
C) McCumber Cube
D) man-in-the-middle attack

crisis management

Establishing a contact number of hot line is an aspect of ____ planning.
A) business continuity
B) incident response
C) attack
D) crisis management

threat

A(n) ____ is a category of object, person, or other entity that poses a potential risk of loss to an asset.
A) risk
B) exploit
C) threat
D) attack

SP 800-53 A, Jul 2008: Guide for Assessing the Security Controls in Federal Information Systems: Building Effective Security Assessment Plans

The document ____ provides a systems developmental lifecycle approach to security assessment of information systems.
A) SP 800-53 A, Jul 2008: Guide for Assessing the Security Controls in Federal Information Systems: Building Effective Security Assessment Plans
B) SP 800-53 Rev. 3: Recommended Security Controls for Federal Information Systems and Organizations
C) SP 800-41 Rev. 1: Guidelines on Firewalls and Firewall Policy
D) SP 800-14: Generally Accepted Principles and Practices for Securing Information Technology Systems

technical specification SysSP

The ____ is created by a systems administer to direct practices with many details.
A) EISP
B) ISSP
C) managerial guidance SysSP
D) technical specification SysSP

Spoofing

____ is a technique used to gain unauthorized access to computers, wherein the attacker assumes or simulates an address that indicate to the victim that the messages are coming from the address of a trusted host.
A) Sniffing
B) Spoofing
C) Spamming
D) DDoS

incident

A(n) ____ is an attack against an information asset that poses a clear threat to the confidentiality, integrity, or availability of information resources.
A) incident
B) disaster
C) crisis
D) recovery

indirect

A(n) ____ attack is when a system is compromised and used to attack other systems.
A) direct
B) indirect
C) object
D) subject

vulnerability

A(n) ____ is a weakness or fault in the mechanisms that are intended to protect information and information assets from attack or damage.
A) threat
B) exploit
C) vulnerability
D) risk

sphere of use

The ____ illustrates the ways in which people access information.
A) sphere of use
B) sphere of protection
C) working control
D) benchmark

security perimeter

A ____ attempts to protect internal systems from outside threats.
A) security perimeter
B) botnet
C) risk management strategy
D) buffer overflow

DR

The ____ plan typically focuses on restoring systems at the original site after disasters occur..
A) DR
B) IR
C) BC
D) BIA

custodian

A data ____ might be a specifically identified role or part of the duties of a systems administrator.
A) owner
B) custodian
C) manager
D) user

mission

The ____ of an organization is a written statement of its purpose.
A) mission
B) vision
C) strategy
D) policy

EISP

The ____ is an executive-level document, usually drafted by or at least in cooperation with the organization's chief information officer.
A) EISP
B) ISSP
C) managerial guidance SysSP
D) technical specification SysSP

False

Brute force attacks are often successful against systems that have adopted the usual security practices recommended by manufacturers

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set