CIS3361-2227-6060 Midterm Review Information Security
Management Questions With Complete Solutions
__________ are malware programs that hide their true nature
and reveal their designed behavior only when activated. Correct
Answers Trojan Horse
__________ is a simple project management planning tool
Correct Answers Work Breakdown Structure (WBS)
__________ is the collection and analysis of information about
an organization's business competitors, often through illegal or
unethical means, to gain an unfair edge over them. Correct
Answers Industrial Espionage
__________ is the set of responsibilities and practices exercised
by the board and executive management with the goal of
providing strategic direction, ensuring that objectives are
achieved, ascertaining that risks are managed appropriately, and
verifying that the enterprise's resources are used responsibly.
Correct Answers Information Security Governance
"4-1-9" fraud is an example of a __________ attack. Correct
Answers Social Engineering
,"4-1-9" is one form of a(n) __________ fraud Correct Answers
Advance Fee
"GGG security" is a term commonly used to describe which
aspect of security? Correct Answers Physical Security
A __________ is an attack in which a coordinated stream of
requests is launched against a target from many locations at the
same time. Correct Answers Distributed Denial of Service
(DDoS)
A 2007 Deloitte report found that enterprise risk management is
a valuable approach that can better align security functions with
the __________ while offering opportunities to lower costs
Correct Answers Business Mission
A clearly directed __________ flows from top to bottom, and a
systematic approach is required to translate it into a program that
can inform and lead all members of the organization Correct
Answers Strategy
A formal approach to solving a problem based on a structured
sequence of procedures, the use of which ensures a rigorous
process and increases the likelihood of achieving the desired
, final objective, is known as a(n) ____________ Correct
Answers Methodology
A hacker who intentionally removes or bypasses software
copyright protection designed toprevent unauthorized
duplication or use is known as a(n) __________. Correct
Answers Cracker
A high-level executive such as a CIO or VP-IT, who will
provide political support and influence fora specific project, is
known as a(n) _________. Correct Answers Champion
A model of InfoSec that offers a comprehensive view of security
for data while being stored,processed, or transmitted is the
__________ security model Correct Answers CNSS
A person or organization that has a vested interest in a particular
aspect of the planning or operation of an organization—for
example, the information assets used in a particular organization
—is known as a(n) _________ Correct Answers Stakeholder
A potential weakness in an asset or its defensive control
system(s) is known as a(n) __________ Correct Answers
Vulnerability
Management Questions With Complete Solutions
__________ are malware programs that hide their true nature
and reveal their designed behavior only when activated. Correct
Answers Trojan Horse
__________ is a simple project management planning tool
Correct Answers Work Breakdown Structure (WBS)
__________ is the collection and analysis of information about
an organization's business competitors, often through illegal or
unethical means, to gain an unfair edge over them. Correct
Answers Industrial Espionage
__________ is the set of responsibilities and practices exercised
by the board and executive management with the goal of
providing strategic direction, ensuring that objectives are
achieved, ascertaining that risks are managed appropriately, and
verifying that the enterprise's resources are used responsibly.
Correct Answers Information Security Governance
"4-1-9" fraud is an example of a __________ attack. Correct
Answers Social Engineering
,"4-1-9" is one form of a(n) __________ fraud Correct Answers
Advance Fee
"GGG security" is a term commonly used to describe which
aspect of security? Correct Answers Physical Security
A __________ is an attack in which a coordinated stream of
requests is launched against a target from many locations at the
same time. Correct Answers Distributed Denial of Service
(DDoS)
A 2007 Deloitte report found that enterprise risk management is
a valuable approach that can better align security functions with
the __________ while offering opportunities to lower costs
Correct Answers Business Mission
A clearly directed __________ flows from top to bottom, and a
systematic approach is required to translate it into a program that
can inform and lead all members of the organization Correct
Answers Strategy
A formal approach to solving a problem based on a structured
sequence of procedures, the use of which ensures a rigorous
process and increases the likelihood of achieving the desired
, final objective, is known as a(n) ____________ Correct
Answers Methodology
A hacker who intentionally removes or bypasses software
copyright protection designed toprevent unauthorized
duplication or use is known as a(n) __________. Correct
Answers Cracker
A high-level executive such as a CIO or VP-IT, who will
provide political support and influence fora specific project, is
known as a(n) _________. Correct Answers Champion
A model of InfoSec that offers a comprehensive view of security
for data while being stored,processed, or transmitted is the
__________ security model Correct Answers CNSS
A person or organization that has a vested interest in a particular
aspect of the planning or operation of an organization—for
example, the information assets used in a particular organization
—is known as a(n) _________ Correct Answers Stakeholder
A potential weakness in an asset or its defensive control
system(s) is known as a(n) __________ Correct Answers
Vulnerability
