Chapter 9: Security Concepts and Threats

Which of the following are activities that a hacker might attempt?. Stealing usernames and passwords. Modifying website content. Disrupting network communications. Analyzing network traffic. All of the above.

You have invented a new toy that will be the most popular toy for children this year. What type of intellectual property protection should you get?. Trademark. Copyright. Patent. Receipt.

Which of the following are threats to data availability? (Choose two.). Service outage Destruction. Replay attack Wiretapping.

What is the name of an application that appears to look like a helpful application but instead does harm to your computer?. Virus. Worm. Malware. Trojan horse.

Someone was recently caught sifting through your company's trash looking for confidential information. What is this an example of?. Trash snooping. Dumpster diving. Phishing. Social engineering.

You are implementing multifactor security on a computer. Which of the following is not a valid factor?. Receipt. Password. Hardware token. Specific location.

You have been asked to lead a class on preventing social engineering. What two topics should you be sure to cover? (Choose two.). Viruses and worms Hardware theft. Shoulder surfing Phishing.

On a network, a user needs to access three different types of systems. However, they are required to enter their username and password only when they initially log in. Which term best explains this?. Authentication. Single sign-on. Authorization. Nonrepudiation.

You receive an email from your bank telling you that your account has been compromised and you need to validate your account details or else your account will be closed. You are supposed to click a link to validate your information. What is this an example of?. A security breach at your bank that needs to be resolved. Spam. Ransomware. Phishing.

If you are concerned about confidentiality of client records, which of the following should you be on the lookout for? (Choose two.). Eavesdropping Social engineering. Denial of service Replay attack.

What is it called when a co-worker sitting next to you always seems to look your way when you try to enter your user ID and password to log onto the network?. Phishing. Social engineering. Shoulder surfing. Coincidence.

Which of the following security terms best describes the process of determining what a user can do with a resource?. Authentication. Authorization. Accounting. Nonrepudiation.

Which of the following operating systems are susceptible to viruses?. Windows. Windows and macOS. Windows, macOS, and Linux. Windows, macOS, Linux, and Android.

A network administrator wants to enable accounting on her network. Which options should she use? (Choose two.). Biometrics Software tokens. Transaction logs Web browser history.

Which of the following can be used as an authentication factor and for nonrepudiation?. Password. One-time password. Biometrics. Security question.

Your manager is concerned about potential wiretapping on the wireless network. What type of concern is this?. Availability. Authorization. Integrity. Confidentiality.

To log into a network, you must use a password and answer a security question. What is this an example of?. Multifactor authentication. Single sign-on. Authorization. Nonrepudiation.

Which of the following threats can directly impact data integrity on a network? (Choose two.). Snooping Denial of service. Man-in-the-middle Impersonation.

Your network's security model requires that the administrator configure permissions based on a user's job within the company. What does this describe?. Rule-based access control. Role-based access control. Discretionary access control. Mandatory access control.

Esther has just written a new book, and she wants to ensure that she owns the intellectual property. Which type of protection should she get?. Digital product. Trademark. Patent. Copyright.