Week-2 Quiz
1). What step can be taken to evaluate the effectiveness of the security measures in place at an organization?
Perform a vulnerability assessment.
2). Which term describes a legal agreement between partners establishing the terms, conditions, and expectations of the relationship between the partners?
Business partnership agreement (BPA)
3). Which password best meets typical complexity requirements?
p@ssw0rD
4). What is a leading cause of account hijacking?
Improper use and/or control over passwords
5). Who is responsible for the determination of policies for a given system?
System owner
6). Which term eliminates the traditional land lines in an organization and replaces them with special telephones that connect to the IP data network?
Voice over IP (VoIP)
7). Which term generally refers to the standard of care a reasonable person is expected to exercise in all situations?
Due Care
8). Which term describes a method to check the security of a system by simulating an attack by a malicious individual?
Penetration test
9). Which term describes a specialized agreement between organizations that have interconnected IT systems, the purpose of which is to document the security requirements associated with the interconnection?
Interconnection security agreement (ISA)
10). Before magnetic storage media (such as disks or tapes) is discarded in the trash or sold for salvage, it should have all files deleted and should be overwritten at least __________ times with all 1’s, all 0’s, and then random characters.
Three
11). Which statement accurately describes how pharming is accomplished?
The user is directed to a fake web site as a result of modification of local host files, which are used to convert URLs to the appropriate IP address.
12). Voice communication caller ID systems can be spoofed.
True
13). Which statement describes how shoulder surfing is accomplished?
An attacker directly observes the target entering sensitive information on a form, keypad, or keyboard.
14). A social engineer uses various deceptive practices to convince the targeted person to divulge information they normally would not divulge or to convince the target of the attack to do something they normally wouldn’t do.
True
15). Which password is weakest?
P@$$w0rd
16). Reverse social engineering is easier to execute than social engineering.
False
17). Which password is strongest?
C#as%t*1ng
18). Impersonation can be employed in online attacks.
True
19). Which statement identifies a good first step for companies to take to fight potential social engineering attacks?
Establish policies and procedures dictating the roles and responsibilities all users, as well as security administrators.
20). Which term is used when an attacker attempts to get credit card numbers using telephone and voice communication technologies?
Vishing
Other Links:
See other websites for quiz:
Check on QUIZLET