5 Written questions
5 Matching questions
- social engineering
- rating and filtering
- accept control
- a In most common implementation models, the content filter has two components: _____
- b "4-1-9" fraud is an example of a _____ attack.
- c The _____ strategy is the choice to do nothing to protect a vulnerability and to accept the outcome of its exploitation.
- d _____ equals likelihood of vulnerability occurrence times value (or impact) minus percentage risk already controlled plus an element of uncertainty.
- e _____ often function as standards or procedures to be used when configuring or maintaining systems.
5 Multiple choice questions
- Which of the following acts defines and formalizes laws to counter threats from computer related acts and offenses?
- Microsoft acknowledged that if you type a res://URL (a Microsoft-devised type of URL) which is longer than _____ characters in Internet Explorer 4.0, the browser will crash.
- Risk _____ defines the quantity and nature of risk that organizations are willing to accept as they evaluate the tradeoffs between perfect security and unlimited accessibility.
- The _____ is a methodology for the design and implementation of an information system in an organization.
- The National Information Infrastructure Protection Act of 1996 modified which Act?
5 True/False questions
TCP → The _____ hijacking attack uses IP spoofing to enable an attacker to impersonate another entity on the network.
standard of due care → Which of the following countries reported generally intolerant attitudes toward personal use of organizational computing resources?
(software, hardware, data)
D. ALL OF THE ABOVE → Which of the following is a valid type of data ownership?
Singapore → Which of the following countries reported generally intolerant attitudes toward personal use of organizational computing resources?
electronic vaulting → _____ controls address personnel security, physical security, and the protection of production inputs and outputs.