5 Written questions
5 Matching questions
- to harass
- a _____ inspection firewalls keep track of each network connection between internal and external systems.
- b The formal decision making process used when considering the economic feasibility of implementing information security controls and safeguards is called a(n) _____.
- c According to the National Information Infrastructure Protection Act of 1996, the severity of the penalty for computer crimes depends on the value of the information obtained and whether the offense is judged to have been committed for each of the following except _____.
- d Risk _____ defines the quantity and nature of risk that organizations are willing to accept as they evaluate the tradeoffs between perfect security and unlimited accessibility.
- e In _____ mode, the data within an IP packet is encrypted, but the header information is not.
5 Multiple choice questions
- Incident damage _____ is the rapid determination of the scope of the breach of the confidentiality, integrity, and availability of information and information assets during or just following an incident.
- A(n) _____ plan deals with the identification, classification, response, and recovery from an incident.
- The _____ Portability and Accountability Act of 1996, also known as the Kennedy-Kassebaum Act, protects the confidentiality and security of health care data by establishing and enforcing standards and by standardizing electronic data interchange.
- Standards may be published, scrutinized, and ratified by a group, as in formal or _____ standards.
- The _____ strategy attempts to prevent the exploitation of the vulnerability.
5 True/False questions
maintenance and change → In the well-known _____ attack, an attacker monitors (or sniffs) packets from the network, modifies them, and inserts them back into the networks.
ISO/IEC 27002 → There are generally two skill levels among hackers: expert and _____.
(distribution, portability, destruction)
ALL OF THE ABOVE → Effective management includes planning and _____.
domains → Security _____are the areas of trust within which users can freely communicate.
NSTISSI No. 4011 → _____ presents a comprehensive information security model and has become a widely accepted evaluation standard for the security of information systems.