1.Into which threat category does information warfare fall?
Highly structured
2.How did the Code Red worm spread?
It made use of a buffer-overflow condition in Microsoft’s IIS web servers that had been known for a month.
3.How long did it take for electricity to be restored after the Ukraine suffered the first known successful cyberattack against an electric grid on December 23, 2015?
Full restoration of grid capabilities took more than a year as equipment was damaged.
4.What was the primary lesson learned from the Slammer worm?
It drove home the point that the Internet could be adversely impacted in a matter of minutes.
5.Which attack is an example of an advanced persistent threat (APT) first reported by Google, that also targeted Adobe, Yahoo!, Juniper Networks, Rackspace, Symantec, and several major U.S. financial and industrial firms?
Operation Aurora
6.In 2014, on how many different threat actors, including criminals, hactivists, state-sponsored groups, and nation states, did CrowdStrike report?
39
7.Who is considered to be the ultimate insider, with his name being synonymous with the insider threat issue?
Edward Snowden
8.Because of malware’s nefarious purpose, there is no criminal distinction between the writers of malware and those who release malware.
False
9.In the early days of computers, security was considered to be a binary condition in which your system was either secure or not secure.
True
10.Which term refers to an attack conducted against a site with software that is vulnerable to a specific exploit?
Target of opportunity
11.Which security principle refers to the concept that each and every request should be verified?
Complete mediation
12.Which security principle states that access should be based on more than one item?
Separation of privilege
13.Encapsulation is the concept of separating items so that they cannot interfere with each other.
False
14.Where do changes in trust occur?
At the trust boundary
15.Which security model developed in the late 1970s addresses integrity?
Biba
16.Another term for defense in depth is layered security.
True
17.Which term describes a means of separating the operation of an application from the rest of the operating system?
Sandboxing
18.Which security model uses transactions as the basis for its rules?
Clark-Wilson
19.Because of the nature of trust and its high-risk opportunity, the sage advice is to develop and maintain a culture embracing trust.
False
Other Links:
See other websites for quiz:
Check on QUIZLET